We performed a comparison between CyberArk Privileged Access Manager and IBM Security Secret Server based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Central Password Manager is useful for agentless automated password management through AD integration as well as endpoints for different devices."
"Ensures accounts are managed according to corporate policies."
"Password rotation, session recording & isolation and on-demand privileges."
"The solution is scalable."
"I found it valuable that CyberArk Privileged Access Manager can be integrated with PTA (privileged threat analytics), and this means that it will tell you if there's a risk to the logins and signs of risk and if risky behavior is observed. It's a good feature. Another good feature is the CPM (central password manager) because it helps you rotate the passwords automatically without involving the admins. It can go and update the scheduled tasks and the services. At the same time, if there's an application where it cannot do all of these, CPM will trigger an automatic email to the application owners, telling them that they should go ahead and change the password. This allows you to manage the account password that CyberArk cannot manage, which helps mitigate the risk of old passwords, where the password gets compromised, and also allows you to manage the security of the domain."
"The most valuable feature is that it always provides flexibility, password quality and one-time user check-in and check-out."
"You can easily manage more than 4000 accounts with one PSM."
"Lessens the risk with privileged access."
"As a PAM solution, Secret Server performs all the use cases in our environment."
"Stability-wise, I think it is a very good solution."
"What I like best about IBM Security Secret Server is its single-access console. It's also easy to manage and fulfills the requirements with the least resistance."
"One of the most valuable features is scalability, and how it allows you to scale it without affecting the underlying core components."
"The live recording is a very useful feature."
"I think having a distributed architecture would certainly help this solution."
"Online help needs to be looked into with live agent support."
"One of the main things that could be improved would be filtering accounts on the main page and increasing the functionality of the filters. There are some filters on the side which are very specific, but I feel there could be more."
"I'm not a fan of technical support with CyberArk. It's like jumping through red tape and hoops. Quite frankly, it's almost like when you call CyberArk you get the Help Desk or the level-one. I'm a level-one. I got the CCD, I know how to do the initial troubleshooting. When I call CyberArk it's because I can't figure the problem out. So I need a level-two, three, four. I don't need you to tell me, "Hey, open a ticket and then give me logs.""
"Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use."
"it manages creds based on Organizational Units. That is, a "safe" is limited to specific OUs. That makes for very elaborate OU structure, or you risk exposing too many devices by putting most of them in fewer OUs."
"Over the past seven years, I have seen a lot of ups and downs with the product."
"When something comes out, it's generally airtight and works as advertised. However, sometimes they are a little bit slow to keep up with what's coming out. In 2017, for example, they released support for Windows Server 2016, which had been out for a year or so."
"Secret Server should have the ability to discover privileged accounts in the servers, like the administrator or users, from SQL and Oracle without having to import a script."
"The newer interface is more difficult to use than the previous one, and consequently, new users might need more training."
"The nonclustered index is working in an area with a problem that needs improvement."
"It would be preferable if the full proxy was included in the IBM Security Secret Server."
"What needs improvement in IBM Security Secret Server is support. The local partner provides good support, but IBM itself doesn't. Most of the time, the IBM support team does not aggressively resolve issues reported through chat or the IBM website."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 143 reviews while IBM Security Secret Server is ranked 13th in Privileged Access Management (PAM) with 7 reviews. CyberArk Privileged Access Manager is rated 8.8, while IBM Security Secret Server is rated 8.2. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of IBM Security Secret Server writes "User-friendly, granular features, and is simple to implement, but the technical support could be improved". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas IBM Security Secret Server is most compared with Delinea Secret Server and Delinea Privileged Access Service. See our CyberArk Privileged Access Manager vs. IBM Security Secret Server report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.