We performed a comparison between CyberArk Privileged Access Manager and One Identity Safeguard based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We are able to centrally manage credentials, touch applications, and rotate passwords."
"CyberArk has helped us to identify, store, protect, and monitor the usage of privileged accounts."
"We have demoted a lot of domain admins and taken a lot of that away from people, giving it a shared account structure."
"The automatic rotation of credentials is probably the most useful feature."
"I found it valuable that CyberArk Privileged Access Manager can be integrated with PTA (privileged threat analytics), and this means that it will tell you if there's a risk to the logins and signs of risk and if risky behavior is observed. It's a good feature. Another good feature is the CPM (central password manager) because it helps you rotate the passwords automatically without involving the admins. It can go and update the scheduled tasks and the services. At the same time, if there's an application where it cannot do all of these, CPM will trigger an automatic email to the application owners, telling them that they should go ahead and change the password. This allows you to manage the account password that CyberArk cannot manage, which helps mitigate the risk of old passwords, where the password gets compromised, and also allows you to manage the security of the domain."
"The established sessions on the target systems are fully isolated and the privileged account credentials are never exposed to the end-users or their client applications and devices."
"Provides improved security around having your credentials locked down and rotated regularly."
"We are able to rotate privileged user passwords to eliminate fraudulent use."
"The customer service and technical support are very good."
"The extensible framework for authentication is one of the most valuable features. We use an MFA plug-in and a lot of different factors, depending on what the business use-cases are. And of course, the auditing functionality is also valuable."
"The transparent mode for privileged sessions is a very good solution."
"One Identity Safeguard is stable and provides great performance."
"Safeguard can define and update processes and procedures into the security framework of a company, including mobile. It allows us to change the policies and configurations on a mass scale in regards to security."
"I have found the most useful feature of One Identity Safeguard to be Privileged Sessions."
"The identity discovery is good, and the performance is pretty good value."
"I have found One Identity Safeguard to be stable."
"The solution could improve by adding more connectors."
"The issue of technical support is crucial, as there are not many specialized partners available in Brazil to provide this service. While English language support is of good quality, there is a significant shortage of partners capable of meeting the demand locally."
"If there is an area that has room for improvement, it's probably working with their support and getting people on the phone. That is hard to do with most products in general, but that seems to be the difficult area. The product is fantastic, but sometimes we want somebody on the phone."
"They can do a better job in the PSM space."
"I would like to see better usability for non-technical people."
"The product documentation has to be more precise in certain aspects with explanations for functionality limitations along with reference material or screenshots."
"Areas the product could be improved are in some of the reporting capabilities and how the reports are configured."
"When something comes out, it's generally airtight and works as advertised. However, sometimes they are a little bit slow to keep up with what's coming out. In 2017, for example, they released support for Windows Server 2016, which had been out for a year or so."
"Support for One Identity Safeguard could be improved because sometimes the support team doesn't have an answer or solution for some bugs. A feature I found in a competitor would make One Identity Safeguard better, and that is the ability to load balance the traffic in the target."
"I would like to see an adjustment with more enterprise architecture. You can buy multiple appliances but you can not fully separate different functions, so scaling might be a bit more complicated."
"We would like to be able to generate certificate signing requests (CSRs) from the interface for certificates."
"Monitoring of the platform should be easier and more functional so that you can have a clear picture of the running service."
"It needs more marketing."
"We would like to have the option of importing assets by using the CSV file. It was available in the earlier versions, but it is not available now."
"We've had issues managing accounts and access to some data saved on the servers. Accounts are granted a new working certificate daily. We have an account to do it on APIs online and sync it with that. If the path changes at some point or someone changes the password, I don't know if it's from the Active Directory or what."
"For some users, the physical appliance has been a bit buggy."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
Prevent security breaches and limit damage by putting in place a privileged access management solution. Get a free 45-day trial, or request a demo of One Identity SafeGuard.
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while One Identity Safeguard is ranked 5th in Privileged Access Management (PAM) with 38 reviews. CyberArk Privileged Access Manager is rated 8.8, while One Identity Safeguard is rated 8.2. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of One Identity Safeguard writes "Provides us with centralized storage of secrets and credentials, and visibility into the use of privileged access". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and Zscaler Internet Access, whereas One Identity Safeguard is most compared with WALLIX Bastion, Delinea Secret Server, BeyondTrust Privileged Remote Access, Fudo PAM and ManageEngine PAM360. See our CyberArk Privileged Access Manager vs. One Identity Safeguard report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hello Avinash, it all depends on the timeline and urgency of the project. If you need to deploy a PAM tool that focuses on standing privileges, stopping lateral movement, and incorporating Zero Standing Privileges as part of Zero Trust, then please consider looking at Remediant. I've worked for BeyondTrust and have gone up against the other big players such as Delinea, Centrify, CyberArk, and HashiCorp. They more or less all offer similar solutions, but looking at your current requirements, Remediant really excels in delivering a simple, yet very effective tool in a matter of days and weeks, not months and years.