We performed a comparison between CyberArk Privileged Access Manager, Gemalto Protiva, and Oracle Identity Governance based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."We utilize PTA, and we are now integrating that into our risk management program so we can identify the uses of the vault which are outside of the norm, e.g., people accessing after hours. It has reduced the amount of time that we are looking through logs and audit logs."
"Performance-wise, it is excellent."
"The credentials management capability is key to ensuring that the credentials are kept secure and that access to them is done on a temporary and event-driven basis."
"CyberArk has resulted in a massive increase in our security footprint."
"You can write different types of policies for custom business needs or any developer needs. If they need certain functions allocated, they can be customized easily."
"Its' quite stable."
"It is one of the best solutions in the market. Ever since I started using this solution, there has not been any compromise when it comes to our lab."
"The automatic password management is the most important feature. The second most important feature is the ability to enforce dual control on the release of those passwords. The combination of these two features is the most important thing for us because we can show that we're in control of who uses any non-personal account, and when they do so."
"The most valuable feature for us is the ability to use Active Directory groups as virtual containers instead of domains because it means that we can control our access groups better."
"Its most valuable feature is its scalability."
"Password management is a valuable feature."
"It has a very good response time."
"The one thing that stands out was is the automatic sign-out when an employee goes on vacation. Identity Governance can monitor when an employee goes on vacation and returns. We use this feature to automatically disable all the employee's accounts when they go on vacation, and they're automatically enabled when they come back."
"The proactive controls which can be configured to a granular level allowing the organization the flexibility to meet the changing demands of the workforce."
"I am able to request any access rights I need."
"The most important features that have impacted our environment recently are the Single Sign-On solution, role based provisioning, and the automated provisioning of accounts to target systems."
"Role-based access control (RBAC) has been crucial for role-based management in my current company. Granular access restrictions based on role-based policies were beneficial."
"The lead product has a slow process. There are some reports and requirements from CyberArk which are not readily available as an applicable solution. We have made consistent management requests in the logs."
"When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time."
"I don't know if "failed authentication" is a glitch or if that was an update... However, since we are the CyberArk support within our organization, we need to know that the password is suspended and we won't know that unless we have the ITA log up. So when a user calls and says, "Hey, I'm locked out of CyberArk, I can't get into CyberArk," we have to go through all of these other troubleshooting steps because the first thing we don't think of right now is, "The account is suspended." It doesn't say that anymore."
"If we could have some kind of out-of-the box feature that you can simply say "no" so they don't have to go into a development mode, that would a really helpful feature."
"I would like to see better usability for non-technical people."
"As a customer, I might need a plugin for a specific product, or an application, and CyberArk might have already worked with some other client on it. There has to be some platform where it is available for everybody else to go and grab it, instead of my having to reinvent the wheel."
"The turnaround time for technical support is lengthy."
"I would love them to improve their UI customizing features."
"The user interface needs improvement."
"The development and the administration side could be a lot more intuitive and easier to use than it currently is, in terms of functionality and what it tries to achieve as a Single Sign-On entity for an enterprise environment."
"Identity Governance is a difficult tool to work with. You have to input many models to understand what is happening with the logins. The user interface is not so good. And a lot of the features we use aren't available out of the box."
"Simplify & add more functionality to Identity Cloud Service (IDCS)."
"You need full visibility because the suite of features are complex and you have to be clear on what you want to implement."
"This product currently uses a complex and old implementation. They need a single, user-friendly console for easy configuration. The Active Directory Services (ADS) integration needs improvement. They should offer non-Java coding options and simplify mapping."
"It responds fast but because of the bugs we have already had some major incidents and complete unavailability."
"t is too complex, has too many bugs, and is an immature product, even the best case, beta version."
"Oracle Identity Governance can capture a lot of loads, it's stable. However, we once had a problem two years ago, but it is now resolved. There are some issues still present, but they're operational. They don't impact the customers. There are some improvements that can be done."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
Earn 20 points