We performed a comparison between CyberArk Privileged Access Manager, One Identity Manager, and Securonix Next-Gen SIEM based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."It is an extremely scalable solution."
"CyberArk is a very stable product and it's a stable product because it has a simple design and a simple architecture that allows you to leverage the economies of scale across the base of your infrastructure that you already have implemented. It doesn't really introduce any new complex pieces of infrastructure that would make it that much more difficult to scale."
"All the features of CyberArk are useful for me, but the biggest one is that CyberArk has logs for all the features. That is important when there is a problem. You know where to look and you have the information. In cyber security, the most important aspect is information."
"It supports lots of requirements in the privileged access management area."
"Our go-to solution for securing against the pass the hash attack vector and auditing privileged account usage."
"It is a robust product."
"We have accomplished our security goals. We have two-factor authenticated and vaulted our important accounts, so people can't just steal stuff from us."
"We like it for the ability to automatically change passwords. At least for my group, that's the best thing."
"It's very easy to roll out."
"The most valuable feature is the JML. Unlike other identity manager tools, the JML is more customizable, making it easier to find."
"One Identity Manager is flexible and offers numerous connectors that enable us to serve as the core component of the system, as well as to construct our own connectors using the API."
"The best part of One Identity Manager is that it provides wholesome features. Most of the things required for identity management are given out of the box in One Identity Manager. You can just define your use cases, take this tool, and right away implement the solution."
"Its flexibility is the most valuable feature, the way we can customize the user interface and the workflow processes."
"The solution offers good integration with other environments such as SAP and Active Directory, et cetera."
"The business role management feature is pretty good because we have a lot of dynamic roles, and you can configure it with the filters."
"The most valuable features of this solution are its handling and that it is easy to maintain and manage the data."
"The most valuable feature is being able to look at users' behavioral profiles to see what they typically access. One of the key events that we monitor is people's downloading of objects... It's very easy to see people's patterns, what they typically do."
"The customizability of the tool is valuable. We are able to customize the use cases and create them easily without a large amount of Securonix assistance. It's very flexible. We do not have to rely on Professional Services to modify or create a new use case."
"The scalability is one of the remarkable qualities of this product, which makes it very effective, especially when we are dealing with substantial data volumes in the cloud."
"SNYPR has a bundle of features. It has the UEBA feature that tells you about the behavior of a person or entity. In the tool itself, there is an incident management feature, which is definitely valuable."
"One of the most valuable features it has is the thread chaining. One of the common issues that we always had was the number of anomalies that we used to get and the number of alerts that we used to get. But with this approach of thread chaining, we've found the false-positive rate has decreased very significantly. That was something that we never could have achieved before."
"The user interface is easy to learn and navigate."
"The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it."
"When we were looking for products for our security monitoring needs, our biggest requirement was that we wanted something based on machine-learning and analytics. If you go with rules, it can raise a lot of noise. Securonix, with its UEBA capability, had the best analytics use-cases."
"I think having a distributed architecture would certainly help this solution."
"As they grow, the technical support is having growing pains. One of the things is just being able to get somebody on the phone sometimes."
"Areas the product could be improved are in some of the reporting capabilities and how the reports are configured."
"The solution could improve by adding more connectors."
"Integration with the ticketing system should allow any number of fields to be used for validation before allowing a user to be evaluated and able to access a server."
"I would like easier integrations for creating an online dashboard that executives would look at or are able to run reports from the tool."
"It should be easier to install. It is a comprehensive product, which makes it difficult to install. You need to have their consulting services in order to get it all installed and set up correctly because there is so much going on. It would be nice if there were an easier way to do the installation without professional services. I suspect they get a fair amount of their money from professional services. So, there is not a huge incentive."
"The product is very vaulting-focused. I'd love to see it expanding its capabilities a bit further into areas like just-in-time elevation, and access with non-vaulted credentials."
"I would like to have more extensive out-of-the-box reports."
"The user interface needs to improve."
"The Metamodel is not developer-friendly, and the web designer customization could be simplified."
"It would be nice to have more functionality in terms of connecting SAP systems, provisioning user accounts through SAP systems, and provisioning additional attributes."
"Sometimes, when we implement One Identity in the organization, customization has to happen. You cannot skip the customization. You cannot just implement the One Identity model and go ahead with it. However, whenever we make any customizations, the logic of the customization can interfere with the existing logging of One Identity. All such things have to be a bit clear. They have to be well documented. One Identity should provide information about how these things work."
"The product's GUI could be more user-friendly."
"The initial setup was complex."
"Their technical support's attitude is a bit strange. Quite often, we have to prove that there is a problem with the product rather than having them prove that there is not a problem with the product."
"We thought they were going to be a great product, however, they're actually not great at all as an MSP."
"The pricing. I'm not sure how they are proceeding with the identity based pricing compared with DB pricing which most of the vendors are using today."
"When they did upgrades or applied patches, sometimes, there was downtime, which required the backfill of data. There were times when we had to reach out and get a lot of things validated."
"There is room for improvement in the product's integration with ServiceNow and in the reporting features."
"We would like to see better integration with other products."
"We have a lot of users who, because they're engineers and they're bringing down product data - where, at times, a top-level product could be 10,000 or 15,000 objects - it's difficult for us to determine what should be a concern and what shouldn't be a concern. We work with the Securonix folks to try to come up with better ways to identify that."
"It seems to me that within Securonix there is no option for completely visualizing the types of sources or if there is any loss of logs. I've heard that they have an additional module to validate those types of cases, but in terms of the platform itself only, I can only see how often it sends data but not any specific detail."
"Parsing needs to be improved. Every time we integrate a new, specific data source, we face a lot of problems in parsing, even for the old data source."
More CyberArk Privileged Access Manager Pricing and Cost Advice →