We performed a comparison between CyberArk Privileged Access Manager and Saviynt based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."It helps our customers in their software requirement imports."
"We utilize PTA, and we are now integrating that into our risk management program so we can identify the uses of the vault which are outside of the norm, e.g., people accessing after hours. It has reduced the amount of time that we are looking through logs and audit logs."
"Lessens the risk with privileged access."
"PSM (Privilege Session Manager."
"Right off the bat, the most valuable feature is the DNA scan. It gives us the ability to scan our environment and find the accounts that we're going to need to take under control."
"We like it for the ability to automatically change passwords. At least for my group, that's the best thing."
"It enables us to secure accounts and make sure they are compliant."
"It's secure and reliable. I especially appreciate that it's locked down and only allows access to authorized components."
"The most valuable features of Saviynt are database utility and report generation. These two features have a major impact, particularly when you are trying to create a report because, in other systems, you need to use a third-party utility such as a BI tool or any other reporting tool to fetch the data and send out the report to a third party team. In Saviynt, it's a system within a system, so you don't have to use any third-party tool because you can directly do your query and write that code on Saviynt and then send that report to the team."
"It gives very good and in-depth knowledge about a particular identity. Everything is through a single click. We get to know the workflows related to a particular identity with a single click."
"It is a flexible tool because it works on JSON."
"Saviynt is easy to configure and manage."
"Saviynt has better integration with enterprise systems like SAP, Microsoft, Adobe, and AWS."
"The feature that we use the most is the global, third-party user management."
"This product works well out of the box and if you don’t want to do a lot of configuration then this is the best tool."
"Saviynt has a lot of potential with many features available for users."
"When something comes out, it's generally airtight and works as advertised. However, sometimes they are a little bit slow to keep up with what's coming out. In 2017, for example, they released support for Windows Server 2016, which had been out for a year or so."
"It should be easier to install. It is a comprehensive product, which makes it difficult to install. You need to have their consulting services in order to get it all installed and set up correctly because there is so much going on. It would be nice if there were an easier way to do the installation without professional services. I suspect they get a fair amount of their money from professional services. So, there is not a huge incentive."
"The PTA could be improved. Currently, companies often have multiple domains and sometimes it's difficult to implement CyberArk in this kind of infrastructure. For example, you can add CPM (Central Policy Manager) and PSM (Privileged Session Manager and PVWA (Password Vault Web Access) for access, but if you want to add PTA (Privileged Threat Analysis) to scan Vault logs, it is difficult because this component may be adding multiple domain environments."
"The initial setup was a bit complex."
"We'd like to see the creation of some kind of memo field for each device account, which could be used, in our network at least, to leave a note about the device for either the security or network engineering team members."
"The initial setup has room for improvement to be more straightforward."
"The solution could improve by adding more connectors."
"When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time."
"In terms of improvement, it's really just a matter of them getting more mature. It's a relatively new solution and they probably need to streamline a few of the processes as they mature. But there are not too many problems."
"The UI doesn’t enhance the user experience."
"The custom application integration is a little complex, and this tool doesn't provide so many plugins or additional applications."
"The product's stability is not easy to maintain."
"According to feedback I've received, some users prefer SailPoint over Saviynt in real complex environments. SailPoint has its provisioning platform. Complex integrations may pose challenges in scenarios like a large bank with thousands of users, making SailPoint a preferred choice for some."
"An area for improvement in Saviynt is that there's a limitation on the number of logs you can get from the past twenty-four hours. For example, if the data is huge, the tool can only give you a maximum of one hundred logs. You can't get any further than that. In the next version of Saviynt, however, you can get more logs and you'll see them inside the log rotation. For example, when you're trying to search inside the log, you can select a date range, and then you can search for a particular log. We haven't used that new log rotation feature yet, but it's included in the next release of Saviynt. Another area for improvement in the tool is that it doesn't have a server monitoring feature, so if your server has a high load, it should give you a warning. You're supposed to get an alert similar to what's being done in WebLogic. In WebLogic, we had a separate facility, but in Saviynt, that feature's missing."
"Both SailPoint IdentityNow and Saviynt have some bugs, but SailPoint is considered more mature with fewer bugs due to its longer establishment in the market since around 2005. SailPoint had its share of bugs in the early days, but they have resolved them over time, resulting in a stable product. Saviynt, on the other hand, was launched around 2013 or 2014 and is actively working to improve its product. Despite having some bugs, Saviynt is making progress and aims to build a stable product, but it is not there yet."
"We sometimes experience performance issues when the solution fails to process the data between two different applications."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews while Saviynt is ranked 5th in Identity Management (IM) with 21 reviews. CyberArk Privileged Access Manager is rated 8.8, while Saviynt is rated 7.4. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Saviynt writes "Used for IAM, IGA, MFA, SSO, and access management". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and Fortinet FortiAuthenticator, whereas Saviynt is most compared with SailPoint Identity Security Cloud, Microsoft Entra ID, Okta Workforce Identity, Microsoft Identity Manager and Microsoft Entra Permissions Management.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
