We performed a comparison between CyberArk Privileged Access Manager and IBM Security Verify Access based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is an extremely scalable solution."
"We've written over a hundred custom connectors ourselves that allow us to do all types of privileged session management for various applications. On top of that, the rest of the API-based central credential providers allow us to get away from credentials that may be hard-coded in the script or some application."
"It's secure and reliable. I especially appreciate that it's locked down and only allows access to authorized components."
"It is a robust product."
"The key aspects of privileged access management are being able rotate passwords, make sure someone is accountable, and tie it back to a user (when the system is being used)."
"On the customer accounts side, our account managers are responsive. If you ask them, they will get you whomever you need."
"It has helped from an auditing perspective identify who has access to privileged accounts."
"We have demoted a lot of domain admins and taken a lot of that away from people, giving it a shared account structure."
"Its stability and UI are most valuable."
"I have found this solution to be really practical and when a user wants to log in, it is effortless and runs smooth."
"The solution has powerful authentification and authorization. It offers a good way to increase security."
"It's a good solution for identification and access management."
"From the integration point of view, it supports SAML, OIDC, and OAuth. For legacy applications that don't have support for SAML and other new protocols, it provides single sign-on access to end-users. From the integration compatibility point of view, it is highly capable."
"The tool provides a password vault, single sign-on, and multifactor authentication. It offers various authentication methods like fingerprint integration, one-time passwords, or tokens sent via email or SMS. This ensures secure access to your accounts by providing multiple authentication options."
"The most valuable feature of IBM Security Access Manager, at least for my company, is multi-factor authentication. That's the only feature my company is using. The solution works well and has no glitches. IBM Security Access Manager is a very good solution, so my company is still using it."
"If there is an area that has room for improvement, it's probably working with their support and getting people on the phone. That is hard to do with most products in general, but that seems to be the difficult area. The product is fantastic, but sometimes we want somebody on the phone."
"There was a functionality of the solution that was missing. I had noticed it in Beyond Trust, but not in this solution. But, recently they have incorporated something similar."
"When something comes out, it's generally airtight and works as advertised. However, sometimes they are a little bit slow to keep up with what's coming out. In 2017, for example, they released support for Windows Server 2016, which had been out for a year or so."
"Overall what I would really love to see is the third-party PAS reporter tool pulled more into the overall solution, ideally as its own deployable component service installation package."
"Online help needs to be looked into with live agent support."
"PAM could be more user-friendly and CyberArk could update the documentation to include more real-world examples. You have to learn it yourself through trial and error. In particular, the online documentation should have more information about troubleshooting."
"The admin interface of the Password Vault Web Access (PVWA) is moving from an old style (the classic interface) to a new style (the v10 interface) and unfortunately, this process is quite slow."
"The PTA could be improved. Currently, companies often have multiple domains and sometimes it's difficult to implement CyberArk in this kind of infrastructure. For example, you can add CPM (Central Policy Manager) and PSM (Privileged Session Manager and PVWA (Password Vault Web Access) for access, but if you want to add PTA (Privileged Threat Analysis) to scan Vault logs, it is difficult because this component may be adding multiple domain environments."
"There are a lot of areas that can be improved, but the main area is the lack of customization. You cannot easily customize anything in the product. It is not easy to tweak the functionality. It is challenging to change the out-of-the-box functionality."
"The solution could be classified as a hilt system. There are a lot of resources being used and it is suitable for very large enterprises or the public sector."
"The user interface for users and administrators could be improved to make it easier. Automating some functions could also be beneficial."
"The user interface needs to be simplified, it's complex and not user-friendly."
"Configuration could be simplified for the end-user."
"What we'd like improved in IBM Security Access Manager is its onboarding process as it's complex, particularly when onboarding new applications. We need to be very, very careful during the onboarding. We have no issues with IBM Security Access Manager because the solution works fine, apart from the onboarding process and IBM's involvement in onboarding issues. If we need support related to the onboarding, we've noticed a pattern where support isn't available, or they don't have much experience, or we're not getting a response from them. We're facing the same issue with IBM Guardium. As we're just focusing on the multi-factor authentication feature of IBM Security Access Manager and we didn't explore any other features, we don't have additional features to suggest for the next release of the solution, but we're in discussion about exploring ID management and access management features, but those are just possibilities because right now, we're focused on exploring our domain."
"They can improve the single sign-on configuration for OIDC and OAuth. That is not very mature in this product, and they can improve it in this particular area. OIDC is a third-party integration that we do with the cloud platforms, and OAuth is an authorization mechanism for allowing a user having an account with Google or any other provider to access an application. Organizations these days are looking for just-in-time provisioning use cases, but IBM Security Access Manager is not very mature for such use cases. There are only a few applications that can be integrated, and this is where this product is lagging. However, in terms of configuration and single sign-on mechanisms, it is a great product."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while IBM Security Verify Access is ranked 10th in Access Management with 7 reviews. CyberArk Privileged Access Manager is rated 8.8, while IBM Security Verify Access is rated 7.8. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of IBM Security Verify Access writes "Supports on-prem and cloud environments, has good integration capabilities, and is easy to adopt". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas IBM Security Verify Access is most compared with Microsoft Entra ID, Okta Workforce Identity, ForgeRock, F5 BIG-IP Access Policy Manager (APM) and PingID. See our CyberArk Privileged Access Manager vs. IBM Security Verify Access report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.