2022-12-05T21:38:00Z

Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A

Hello community, 

I am the Associate VP and Cyber Security Specialist at a large bank.

I am researching PAM tools. These are our requirements for the PAM tool needed:

- Privileged Access Governance and Administrative

- Privileged Accounts Discovery and Management

- Privileged Credentials Management

- Privileged Session Management

- Privileged Access Logging, Reporting, and Audit

- Privileged Access Analytics and Response

- Integration with Other Systems

- Ease of Deployments and configurations

Which PAM tool would you suggest that I use: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote Access?

Thank you for your help.

AG
Associate VP & Cyber Security Specialist at Union Bank of California
  • 1
  • 136
1
PeerSpot user
1 Answer
Nurlan Temirbulatov - PeerSpot reviewer
Sales Engineer at Remediant
Vendor
Top 20
2022-12-07T18:08:17Z
Dec 7, 2022

Hello Avinash, it all depends on the timeline and urgency of the project. If you need to deploy a PAM tool that focuses on standing privileges, stopping lateral movement, and incorporating Zero Standing Privileges as part of Zero Trust, then please consider looking at Remediant. I've worked for BeyondTrust and have gone up against the other big players such as Delinea, Centrify, CyberArk, and HashiCorp. They more or less all offer similar solutions, but looking at your current requirements, Remediant really excels in delivering a simple, yet very effective tool in a matter of days and weeks, not months and years. 

Find out what your peers are saying about CyberArk Privileged Access Manager vs. Delinea Secret Server and other solutions. Updated: May 2023.
708,461 professionals have used our research since 2012.
Product comparison that may be of interest to you
Related Questions
Danilo Di Francesco - PeerSpot reviewer
Senior Consultant & Business Analyst at TIM
Feb 27, 2023
Hi, I work as a Senior Consultant & Business Analyst at a Financial Services firm (1000+ employees). I would like to know some customers in Europe (possibly, Italy) who have chosen One Identity (specifically, One Identity Safeguard or One Identity Active Roles).  What are the costs associated with this solution? Would it be the best solution for the banking and insurance world, in your o...
See 1 answer
Jason Moody - PeerSpot reviewer
Product Marketing Manager at One Identity
Feb 27, 2023
Hi and thank you so much for the question. Here is a quick answer that I hope helps to understand the product and the integration. Active Roles is specially designed to remove the need for wide-spread permissions in AD and Safeguard for Privileged Passwords is designed to store privileged credentials. When they work together, layers of security are multiplied building on top of each other. This is very important in the banking industry as cybersecurity experts say that 90% of data breaches occur on account of phishing and 90% of employees have too much access. Instead of granting always on privilege, Active Roles manages the access when an account is not in use. When the account is checked out by a user, the process includes validating that the account can be checked out, an audit of the user, and how long the account is checked out. Once the user is done and checks the account back in Safeguard for Privilege Passwords changes the password so that the pass the hash attacks are mitigated. Thanks, and I hope this helps. 
NC
Content Manager at PeerSpot (formerly IT Central Station)
Dec 1, 2021
Which is better and why?
See 2 answers
Nov 17, 2021
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the management of user identities, systems, data, and cloud services. It works great for Identity Access Management, specifically for cleaning up inactive and orphaned accounts. It has the joiner-mover-leaver feature. One of the features we like is the large availability of connectors for different applications and platforms. You can also recertify an account, which is very useful. It is well suited for large companies with lots of users and applications. However, for small companies, it might be a bit of an overkill. Sailpoint has a steep learning curve, so it is not for inexperienced users. Moreover, it doesn’t offer a lot of supporting documentation. It also doesn’t integrate well with other solutions. We chose CyberArk despite the cost because it works great for password management. CyberArk helps manage privileged accounts and service accounts, for example, when users need to connect remotely into systems. It is especially useful for IT staff to access their privileged accounts without having to remember the passwords every time - individually and even as a group. What we like the most about CyberArk is the ease of use and effectiveness in managing privileged accounts. For instance, it automatically changes the passwords for privileged accounts and reconciles and verifies passwords. New users can obtain secure credentials with minimal time and effort. The initial cost is high, which can be a bit of a stretch for small organizations. It also has high requirements for the initial setup and is difficult to customize. The performance could be faster. Conclusions While Sailpoint IdentityIQ is a very good privileged account solution, CyberArk is better suited for us because of its ease of use and efficiency in password management.
Doug-MacPherson - PeerSpot reviewer
Identity Management Consultant at IdentityMD
Dec 1, 2021
The two products are actually complimentary. Both companies have been very good about staying in their lanes and are their respective market leaders. CyberArk's PAM solution is aimed at protecting privileged accounts by providing features like vaulting, credential rotation, session monitoring and recording. They also have solutions for DevOps and Secrets management. SailPoint is an Identity Governance solution and actually manages CyberArk as an application the same way it manages accounts and privileges in SAP, AD, AAD and over 100 more applications. For CyberArk, it can add/change/delete users as well as create safes and assign users to those safes. At a user account certification time, it will show the CyberArk users and their associated privileges and allow the user's manager or other appropriate people to approve or revoke the privileged access.  SailPoint creates an Identity warehouse so that a user's accounts and entitlements are gathered, managed and reported on in a centralized manner. See Youtube for a quick explanation - SailPoint Identity Governance Integrates with CyberAek Privileged Access Security.  SailPoint does not provide the vault and session management functions that CyberArk does.
Related Articles
NC
Content Manager at PeerSpot (formerly IT Central Station)
May 12, 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews for the Top User Behavior Analytics - UEBA Tools...
NC
Content Manager at PeerSpot (formerly IT Central Station)
Jun 3, 2022
Top 8 Enterprise Password Managers Tools PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews for th...
See 1 comment
JT
CTO at NATIONAL MOTOR FREIGHT TRAFFIC ASSOCIATION INC
Jun 3, 2022
I am implementing Thycotic Secret Server (now Delinea) for my new company. This will be the second time I have implemented it.
NC
Content Manager at PeerSpot (formerly IT Central Station)
Apr 18, 2022
Top 5 Privileged Access Management (PAM) Tools PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews ...
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at a tech services company with 201-500 employees
Jan 17, 2022
Cyber Security has become one of the top priorities in today’s hyper-connected fast-growing technologies like cloud, mobile, and virtualization, making the lives of security professionals more challenging. Building multiple layers of security on the perimeter such as VPNs, access controls, firewalls, IDS, IPS, SIEMs and email gateways are no longer considered fully effective. It needs to be c...
See 2 comments
DM
Director at DNAX s.r.o.
Jan 12, 2022
As a cybersecurity professional, I would NEVER outsource a PAM solution anywhere outside of my company, no matter how beneficiary it could look at a first sight. In the end, it can cost you everything.
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at a tech services company with 201-500 employees
Jan 17, 2022
HI @DavidMateju​, Thanks for your response, can you let us know in more detail the reason for not outsourcing a PAM solution.
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at a tech services company with 201-500 employees
Dec 11, 2021
                                What is Privileged Account Management (PAM)? Privileged account management can be defined as managing and auditing account and data access by privileged users. A privileged user is someone who has administrative access to critical systems. For instance, anyone who can set up and delete user accounts and roles on your Oracle database is a privileged user. Lik...
Product Comparisons
Related Articles
NC
Content Manager at PeerSpot (formerly IT Central Station)
May 12, 2022
Top 7 User Behavior Analytics (UEBA) Tools 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to...
NC
Content Manager at PeerSpot (formerly IT Central Station)
Jun 3, 2022
Top 8 Enterprise Password Managers 2022
Top 8 Enterprise Password Managers Tools PeerSpot’s crowdsourced user review platform helps tech...
Download Free Report
Download our FREE report comparing CyberArk Privileged Access Manager and Delinea Secret Server based on reviews, features, and more! Updated: May 2023.
DOWNLOAD NOW
708,461 professionals have used our research since 2012.