We performed a comparison between CyberArk Privileged Access Manager, IBM Tivoli Access Manager [EOL], and RSA Identity Governance and Lifecycle based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."CyberArk has been easy for us to implement and the adoption has been good. We've been able to standardize a bunch of things. We've been able to standardize relatively easily with the use of the platforms and managing the policies."
"The biggest feature is the security of the overall solution. It's very secure. The vaulting technology and the number of security layers involved in the vault, where privileged accounts are actually stored, is the heart of the solution."
"We are able to centrally manage credentials, touch applications, and rotate passwords."
"You can write different types of policies for custom business needs or any developer needs. If they need certain functions allocated, they can be customized easily."
"It is a single tool that isolates possible kinds of malware. You get lateral movement blocking and auditing information, e.g., you know who is doing what. You are getting protections from the service as well as a useful environment. All your admins can easily go in and out of your company while accessing your servers in a secure way, even if they are working abroad."
"The regulation of accounts is by far the most needed and valuable part of the application."
"On the EBB user side, we were able to secure all the server root passwords and admin for Windows. This was a big win for us."
"The combination of CPM and PSM resolves a lot of use cases."
"OAuth 2 is now the de facto standard for API protection and scoped authorized delegation. IBM TAM now supports OAuth 2 and can act as fully compliant OAuth 2 authorization server."
"SAML 2.0."
"The integration effort with the end application is quite straightforward and easy."
"The Verify feature: A push method which customers are going for."
"Single Sign-On functionality is valuable because the core purpose of the product is to allow universal (or bespoke) SSO for application suites."
"The data collection is excellent and easy to do. It does not require a lot of configuration nor does it require rules to be written like other competitors do."
"The most valuable feature is the security, in particular, the One Time Password support."
"With the tool in place, you need to hire fewer people to provide access, and you have control over your processes."
"RSA Identity Governance and lifecycles are good for the access certification and auditing sections."
"Roles, connectors for provisioning and re-accreditation or reviews help greatly to govern user access."
"I would like to see better automation in granting access, better tools, more efficient tools, to be able to customize the solution that CyberArk provides."
"It can be made user-friendly, in the sense of the console is pretty outdated."
"There is room for improvement in the pricing model."
"Stability is a huge concern right now. We are on a version which is very unstable. We have to upgrade to stabilize it. It is fine, but the problem is we have to hire CyberArk to do the upgrade. This costs money, and it is their bug."
"There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
"One of our current issues is a publishing issue. If we whitelist Google Chrome, all the events of Google Chrome should be gone. It is not happening."
"If we could have some kind of out-of-the box feature that you can simply say "no" so they don't have to go into a development mode, that would a really helpful feature."
"Over the past seven years, I have seen a lot of ups and downs with the product."
"An Amazon Machine Image (AMI) for the newer appliance versions for hosting the virtual appliances on AWS will help."
"The self-service portal needs improvement."
"Looking at their roadmap, they have a broad grasp of the security features which the industry needs."
"Multi-factor authentication with social integration needs to improve."
"The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available."
"There are scalability issues. This product does not scale very well. It is not a good product for load balancing / active–active architecture."
"This product is missing a lot of features which other competitors are providing. One of the key features that are missing right now is risk scoring. Additionally, there is not much scope for customization - everything is hard-coded and predefined, so it does not allow the developers to make many modifications."
"RSA Identity Governance and Lifecycle could improve out-of-the-box customization."
"The user interface and workflow need improvement, and more connectors would help."
"Every connector that you have in the product needs to be custom-built, so there are not a lot of standard connectors available in the product, because of which there are a lot of hidden consultancy costs."
"If you use the appliance version then it won't handle a huge database volume."
"Technical support in Pakistan can be improved."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
More IBM Tivoli Access Manager [EOL] Pricing and Cost Advice →
More RSA Identity Governance and Lifecycle Pricing and Cost Advice →
Earn 20 points