We performed a comparison between CyberArk Privileged Access Manager, Keeper, and Oracle Identity Governance based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."The most valuable feature is that it always provides flexibility, password quality and one-time user check-in and check-out."
"Rather than multiple tools for maintaining regulatory compliance around passwords and privileged accounts, we have centralized as much as possible with CyberArk. This is now a one stop shop for end users to access their elevated credentials."
"Provides improved security around having your credentials locked down and rotated regularly."
"The key aspects of privileged access management are being able rotate passwords, make sure someone is accountable, and tie it back to a user (when the system is being used)."
"Our go-to solution for securing against the pass the hash attack vector and auditing privileged account usage."
"Technical support has been very responsive in navigating challenges. It is very easy to open a ticket."
"The product is for hardening access and making the organization more secure, therefore reducing chances of a breach."
"The automatic change of the password and Privileged Session Manager (PSM) are the most valuable features. With Privileged Session Manager, you can control the password management in a centralized way. You can activate these features in a session; the session isolation and recording. You apply the full intermediation principle. So, you must pass through CyberArk PAM to get access to the target system. You don't need to know the password, and everything that you do is registered and auditable. In this case, no one gets to touch the password directly. Also, you can implement detection and response behavior in case of a breach."
"Keeper Bridge."
"The chat support is quick. I have never encountered any problems. On the contrary, they have been very helpful and kind."
"It has a secure password generator that incorporates random creation tools and good security practices, which allows for an easy, quick, organized update and sharing with a work team."
"Auto login across platforms allows for no copying and pasting."
"The installation and its use are very simple."
"Chrome extension and app."
"Possibility to login using the fingerprint sensor on Android/iPhone."
"Stronger passwords are being used across the board in our organization."
"What I found most useful in Oracle Identity Governance, feature-wise, are provisioning, de-provisioning, and termination. Those features are very good. Oracle Identity Governance can also be easily integrated with non-Oracle products, which I find valuable."
"It helps provision the required accesses through policies, approvals, and whatever would be the business requirement."
"Scalability-wise, I rate this solution a nine out of ten. Oracle Identity Governance is a scalable solution, without a doubt."
"The most valuable feature is the user manager certification that approves or removes user access."
"The most valuable feature is the set of out-of-the-box connectors."
"It's a stable and scalable solution."
"Its most valuable feature is its scalability."
"The support service of Oracle is good. We use it a lot and their response is quick."
"The continuous scanning of the assets is limited to Windows and Unix. We like to have the solution scan any databases, network devices, and security devices for privileged accounts. That would be very helpful."
"It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers."
"I don't know if "failed authentication" is a glitch or if that was an update... However, since we are the CyberArk support within our organization, we need to know that the password is suspended and we won't know that unless we have the ITA log up. So when a user calls and says, "Hey, I'm locked out of CyberArk, I can't get into CyberArk," we have to go through all of these other troubleshooting steps because the first thing we don't think of right now is, "The account is suspended." It doesn't say that anymore."
"Stability is a huge concern right now. We are on a version which is very unstable. We have to upgrade to stabilize it. It is fine, but the problem is we have to hire CyberArk to do the upgrade. This costs money, and it is their bug."
"If there is an area that has room for improvement, it's probably working with their support and getting people on the phone. That is hard to do with most products in general, but that seems to be the difficult area. The product is fantastic, but sometimes we want somebody on the phone."
"We would like to expand the usage of the auto discovery accounts feed, then on our end, tie in the REST API for automation."
"When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time."
"It can be made user-friendly, in the sense of the console is pretty outdated."
"The technical support has no experience."
"Room for improvement in my eyes would be being able to share my credit cards and other types of information. The only thing they really share is passwords, and you can only do it with one password at a time. When you're trying to share it out or trying to remove it from being shared, you can't do multiple selections."
"The stability of the solution can be improved."
"API possible needs improvement. Although, this feature is for enterprises which need more then the usual usage."
"Rearranging folders via drag/drop functionality would be very helpful."
"Ability to store 'files' from IOS & Android devices. You can store pics from these devices currently. Most file formats can be uploaded from PC's/Macs"
"Needs to improve KeeperFill on iOS."
"They could possibly add a pre-designed contact feature that would work similar to a cell phone contact feature."
"This product currently uses a complex and old implementation. They need a single, user-friendly console for easy configuration. The Active Directory Services (ADS) integration needs improvement. They should offer non-Java coding options and simplify mapping."
"The development and the administration side could be a lot more intuitive and easier to use than it currently is, in terms of functionality and what it tries to achieve as a Single Sign-On entity for an enterprise environment."
"One of the areas that need some improvement with Oracle specifically is the ease of implementation."
"The user-friendliness of Oracle Identity Governance can be improved compared to other products."
"The user interface experience needs to be improved."
"t is too complex, has too many bugs, and is an immature product, even the best case, beta version."
"It's a complex solution, so it will take time in terms of deployment."
"I have yet to see its full functionality exercised in my organization."
More CyberArk Privileged Access Manager Pricing and Cost Advice →