We performed a comparison between CyberArk Privileged Access Manager and One Identity Manager based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."The product is an important security measure against credential theft. It ensures session isolation and password rotation including pushing passwords to the endpoints."
"On the customer accounts side, our account managers are responsive. If you ask them, they will get you whomever you need."
"CyberArk Privileged Access Manager is stable."
"The combination of CPM and PSM resolves a lot of use cases."
"I really like the PTA (Privileged Threat Analytics). I find this the best feature."
"Right off the bat, the most valuable feature is the DNA scan. It gives us the ability to scan our environment and find the accounts that we're going to need to take under control."
"The solution is scalable."
"If any intruder gets inside, they would not be able to move around nor do lateral movements. It minimize any attack problems within our network."
"Its flexibility is the most valuable feature, the way we can customize the user interface and the workflow processes."
"One Identity's biggest benefit is application integration."
"One Identity Manager offers several features that I found advantageous compared to other tools."
"The most valuable feature of One Identity Manager for me is its Designer tool."
"We chose this product for being able to accommodate our requirements. It's very flexible, and it's open to being developed to our requirements."
"It has many features which can be combined and configured in a great way, then put together in projects and ways that developers didn't think were possible, which has been great."
"The best part of One Identity Manager is that it provides wholesome features. Most of the things required for identity management are given out of the box in One Identity Manager. You can just define your use cases, take this tool, and right away implement the solution."
"It is a flexible because it is customizable. It allows you to build anything on top of it."
"The interface on version 9 looks old."
"Many of the infrastructure folks who use the product dislike it because it complicates their workflow. They get a little less control, and they have to go through a specific solution. It proactively logs in for them, which obfuscates some of the issues that they may be troubleshooting."
"In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."
"The current interface doesn't scale that well, and has some screens still in the old layout."
"I don't know if "failed authentication" is a glitch or if that was an update... However, since we are the CyberArk support within our organization, we need to know that the password is suspended and we won't know that unless we have the ITA log up. So when a user calls and says, "Hey, I'm locked out of CyberArk, I can't get into CyberArk," we have to go through all of these other troubleshooting steps because the first thing we don't think of right now is, "The account is suspended." It doesn't say that anymore."
"More additional features as far as the REST is concerned, because we have something which was the predecessor to REST. A lot of the features which were in the predecessor have not necessarily been ported over to REST yet."
"It can be made user-friendly, in the sense of the console is pretty outdated."
"More than the product itself, there is room for improvement in the documentation. The documentation should be very detailed and very structured. It has a lot of good information, on one level, but I feel that it could be more elaborate and more structured."
"I would like One Identity Manager to offer an easier way for users to learn to use their new features."
"It should be able to give a client version of the product, rather than just a web-portal."
"The technical support is non-existent. It is not worth talking about."
"The initial setup was quite complex because you run into some existing policies that the company already had. There was some trouble with some inconsequential policies."
"Make the logging and debugging easier to find, because I'm always confused, "Where do I have to go to turn this log on if I want to see it?""
"One Identity Manager needs to come up with many more out-of-the-box connectors, similar to Workday and ServiceNow."
"In the update processes for hotfixes need improvement."
"Quest Software should provide notes and documents to customers before they buy the product and license."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews while One Identity Manager is ranked 3rd in Identity Management (IM) with 77 reviews. CyberArk Privileged Access Manager is rated 8.8, while One Identity Manager is rated 8.0. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of One Identity Manager writes "The JML is customizable but the support team isn't strong". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas One Identity Manager is most compared with SailPoint Identity Security Cloud, Oracle Identity Governance, EVOLVEUM midPoint, Cisco ISE (Identity Services Engine) and ForgeRock.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.