We performed a comparison between CyberArk Identity and CyberArk Privileged Access Manager based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features of CyberArk Identity are its ability to control access to administrative staff."
"It has machine learning and can help clients to learn the environment and understand what is happening."
"If anyone makes an error, or if an incident occurs by accident, the business will not be harmed as a result of this activity."
"I found the solution to be stable."
"The feature that we find most valuable is the ability to integrate multiple IDs for on-premises Active Directory."
"I like the RBAC (Role-Based Access Control). It basically involves defining various roles, and then simply assigning those roles to users."
"The user identification is simplified, and managing user privileges, whether adding or revoking them, is also quite straightforward when utilizing CyberArk SaaS."
"The user self-service program and the Office 365 provisioning service feature are the most valuable. It is a very easy and feature-rich solution that gives priority to the users and security."
"CyberArk has the ability to change the credentials on every platform."
"The most valuable aspects of the solution include password management and Rest API retrieval of vaulted credentials."
"It is a single tool that isolates possible kinds of malware. You get lateral movement blocking and auditing information, e.g., you know who is doing what. You are getting protections from the service as well as a useful environment. All your admins can easily go in and out of your company while accessing your servers in a secure way, even if they are working abroad."
"Our go-to solution for securing against the pass the hash attack vector and auditing privileged account usage."
"The integrations are the most valuable aspect of CyberArk Privileged Access Manager. The software offers pre-built integrations, and our team can also create custom connectors. This flexibility allows us to integrate with systems that we previously didn't consider integrating with, making it a significant advantage for us."
"It helps our customers in their software requirement imports."
"For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks."
"Their legacy of more than 20 years is very valuable. It brings a lot of stability to the product and a wide variety of integration with the ecosystem. Because of these factors, it has also been very successful in deployment. So, the legacy and integration with other technologies make the PAM platform very stable and strong. In terms of features, most of the other vendors are still focusing just on the privileged access management or session recording, but CyberArk has incorporated artificial intelligence to make PAM a more proactive system. They have implemented threat analytics into this, and there is also a lot of focus on domain controller production, Windows Server protection, and stuff like that. They have also further advanced it with the security on the cloud and DevOps systems. They have a bundle licensing model, which really helps. They don't have a complex licensing model. Even though in our market, people say CyberArk is expensive as compared to some of the other products, but in terms of overall value and as a bundling solution, it is an affordable and highly scalable product."
"CyberArk Identity's GUI is an area with certain shortcomings that need improvement."
"The product needs to leverage the cloud more, especially in the financial sector, where cloud adoption might be limited. Proper reporting within the cloud is essential. The tool should be more user-friendly to expedite access for users. The current agent-based system poses challenges if a user loses access to the server, making tasks difficult to perform. It should also improve technical support."
"We would like to see an improvement in the ability to manage mobile devices."
"The tool has issues with the third-party SMS gateway. The solution has its own SMS gateway. Integration support is a challenge when we don’t use their SMS gateway. The tool also needs to improve its scalability."
"The OpenID features could improve in CyberArk Identity."
"The product is not cheap, especially if you opt for an on-premise deployment requiring a complex server infrastructure. On the other hand, choosing the software as a service version simplifies infrastructure requirements but necessitates being online all the time."
"They can include the Mobile Device Management (MDM) feature."
"In terms of general user feedback, the more security you put in front of a user, the more they complain. So usability and the user experience are always a challenge. So there's always room for improvement."
"It can be made user-friendly, in the sense of the console is pretty outdated."
"We'd like to see the creation of some kind of memo field for each device account, which could be used, in our network at least, to leave a note about the device for either the security or network engineering team members."
"I would love them to improve their UI customizing features."
"They can do a better job in the PSM space."
"Performance of PIM could be better and intended for usability as well as security."
"We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process."
"I'd like to see a more expansive SSH tunneling situation through PSMP. Right now you have an account that exists in the vault and you say, "I want to create a tunnel using this account." I'd like to see something that is not account-based where I could say, "I want to create a tunnel to this machine over here," and then authenticate through the PSMP and then your tunnel is set up. You wouldn't need to then authenticate to a machine."
"It should be easier to install. It is a comprehensive product, which makes it difficult to install. You need to have their consulting services in order to get it all installed and set up correctly because there is so much going on. It would be nice if there were an easier way to do the installation without professional services. I suspect they get a fair amount of their money from professional services. So, there is not a huge incentive."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Identity is ranked 8th in Access Management with 18 reviews while CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews. CyberArk Identity is rated 8.2, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of CyberArk Identity writes "Allows Linux and Unix administrators to login with single password ". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". CyberArk Identity is most compared with Microsoft Intune, Microsoft Entra ID, Ping Identity Platform, SailPoint Identity Security Cloud and VMware Workspace ONE, whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and CyberArk Endpoint Privilege Manager. See our CyberArk Identity vs. CyberArk Privileged Access Manager report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.