We performed a comparison between CyberArk Privileged Access Manager and Symantec Identity Governance and Administration based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."The most important feature is managing the credentials and implementing those policies which rotate the credentials. Session Manager is also key in not letting the users have access to those credentials. Instead, CyberArk actually manages everything by itself."
"The risk of lost password and forbidden access to resources has been drastically reduced which increased the security level for the entire company,"
"CyberArk is not just an IT security or cybersecurity tool. It's also an administrator tool. I had a fair number of systems where the passwords were not fully managed by CyberArk yet, and they were expiring every 30 or 45 days. I was able to get management turned on for those accounts. From an administrator perspective, I didn't have to go back into those systems and manually change those passwords anymore. CyberArk... lightened the load on our administrative work."
"We are able to rotate credentials and have privileged account access."
"I found it valuable that CyberArk Privileged Access Manager can be integrated with PTA (privileged threat analytics), and this means that it will tell you if there's a risk to the logins and signs of risk and if risky behavior is observed. It's a good feature. Another good feature is the CPM (central password manager) because it helps you rotate the passwords automatically without involving the admins. It can go and update the scheduled tasks and the services. At the same time, if there's an application where it cannot do all of these, CPM will trigger an automatic email to the application owners, telling them that they should go ahead and change the password. This allows you to manage the account password that CyberArk cannot manage, which helps mitigate the risk of old passwords, where the password gets compromised, and also allows you to manage the security of the domain."
"It allows users to self-provision access to the accounts that they need."
"All of the features of CyberArk Privileged Access Manager are valuable."
"The regulation of accounts is by far the most needed and valuable part of the application."
"Automated provisioning removes manual labor and manual provisioning."
"The scalability potential is there if a company needs to expand."
"The most valuable features are role-based access and identity provisioning, which allow a single point of user access to multiple places."
"When comparing it to other products, you can set up CA IAM in a PoC very quickly to demonstrate its provisioning capabilities."
"Out-of-the-box the product has a lot of opportunity for configuration and sophisticated identity management capability."
"I like that it is easy to diagnose. It has a version of a virtual appliance so we can download it, run it, configure it, and it would take about 10 to 15 minutes to configure the cluster or so."
"It has good endpoint support and endpoint connectivity to different versioning endpoints."
"It's a very useful tool that has improved our client's security, from day one."
"Sometimes the infrastructure team is hesitant to provide more resources."
"This product needs professional consulting services to onboard accounts effectively based user profiles."
"There is room for improvement in the availability of custom connectors on the marketplace for this solution. Additionally, their services for the CICD pipeline and ease of integration could be improved."
"It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers."
"Stability is a huge concern right now. We are on a version which is very unstable. We have to upgrade to stabilize it. It is fine, but the problem is we have to hire CyberArk to do the upgrade. This costs money, and it is their bug."
"We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process."
"CyberArk PAM is a very broad product as everyone's requirements for implementation are different. In our particular case, the initial implementation was planned and developed by people who didn't know our specific network requirements, so the initial implementation needed to be tweaked over time. While this is normal, at the time all these "major" changes required CyberArk professional services to come in-plant and "assist" with the changes."
"There should be more models and licensing plans for this software."
"The product works slowly while accessing cloud-native solutions."
"The product's technical support could be better."
"They should easier and better integration with other software."
"The drawback with the CA Identity Manager is they don't have a connector to HR systems like SAP, or PeopleSoft, or Workday. That's a major drawback with the CA Identity Manager. For that we have to do lots of custom quoting to get data from HR systems. And if they could connect it to GRC systems, that's good to have in an identity product."
"In the next release, there should be provisioning of your certifications."
"We would like to see integration with analytics. Also, for them to be more efficient regarding discovering and implementing new rules."
"A better information display for the approvals within the workflow would give them more information and the ability to comment back on a request as to why they're rejecting it. We've been telling them we'd like this improvement, and we hope to see it."
"There are several areas for improvement in Symantec Identity Governance and Administration. They have no proper documentation on how to do backups. They also have a lengthy workflow process where we have to make some configurations to manage automation in the rules and in our tasks which takes time. We have to manually configure all the configuration files, and we cannot export users because there's no export system in Symantec Identity Governance and Administration. What we'd like to see in the next release of the solution is for them to make configuration and integration with other systems their top priorities. We have many API systems to manage, so hopefully, if they make these enhancements shortly, we can directly connect with our API systems when using Symantec Identity Governance and Administration."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
More Symantec Identity Governance and Administration Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews while Symantec Identity Governance and Administration is ranked 20th in Identity Management (IM) with 65 reviews. CyberArk Privileged Access Manager is rated 8.8, while Symantec Identity Governance and Administration is rated 7.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Symantec Identity Governance and Administration writes "Works well on-premises and has partial capabilities but lacks many feaures". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas Symantec Identity Governance and Administration is most compared with SailPoint Identity Security Cloud, AlertEnterprise Enterprise Guardian, SAP Identity Management, Cisco ISE (Identity Services Engine) and Microsoft Identity Manager.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
