We performed a comparison between CyberArk Privileged Access Manager and OneLogin by One Identity based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."On the customer accounts side, our account managers are responsive. If you ask them, they will get you whomever you need."
"It is an extremely scalable solution."
"Rather than multiple tools for maintaining regulatory compliance around passwords and privileged accounts, we have centralized as much as possible with CyberArk. This is now a one stop shop for end users to access their elevated credentials."
"Their legacy of more than 20 years is very valuable. It brings a lot of stability to the product and a wide variety of integration with the ecosystem. Because of these factors, it has also been very successful in deployment. So, the legacy and integration with other technologies make the PAM platform very stable and strong. In terms of features, most of the other vendors are still focusing just on the privileged access management or session recording, but CyberArk has incorporated artificial intelligence to make PAM a more proactive system. They have implemented threat analytics into this, and there is also a lot of focus on domain controller production, Windows Server protection, and stuff like that. They have also further advanced it with the security on the cloud and DevOps systems. They have a bundle licensing model, which really helps. They don't have a complex licensing model. Even though in our market, people say CyberArk is expensive as compared to some of the other products, but in terms of overall value and as a bundling solution, it is an affordable and highly scalable product."
"CyberArk has allowed us to get the credentials and passwords out of hard-coded property files."
"Automatic password management, which will automatically change passwords based on compliance requirements."
"It has helped from an auditing perspective identify who has access to privileged accounts."
"Performance-wise, it is excellent."
"When it comes to access management, the solution's single pane of glass is extremely important. The single pane of glass for access management enables collaborative work between IT and security. We have access to certain applications that require device trust. Based on the role, we can access those applications through OneLogin Desktop."
"One aspect I particularly appreciate is their exceptional customer support whenever I've needed assistance."
"The most valuable feature is the ease with which we can manage the sign-on feature."
"Documentation."
"Simplicity is the most valuable part of OneLogin."
"Once I made the OneLogin ID, it would essentially make user names and passwords for every application that we had."
"The single sign-on and the fact that we can integrate everything in one place and control from there were valuable features of this solution."
"In my role, the most valuable features are two-factor authentication and self-service password reset. The most helpful feature for the institution as a whole is probably the single sign-on. As an IT director, I care about security and ease of use."
"They are sometimes not flexible with things. For instance, from one day to another, there might be something that had been done years ago by CyberArk, then they say, "We do not support that." You then have to initiate a complaint and start working with them. Things might become complicated and months pass while you are working with them. Usually, they are good and fast, but sometimes they seem to be blocked with problems, e.g., you will suddenly be working with another team instead of the team that you were working with the day before."
"Overall what I would really love to see is the third-party PAS reporter tool pulled more into the overall solution, ideally as its own deployable component service installation package."
"It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers."
"PAM could be more user-friendly and CyberArk could update the documentation to include more real-world examples. You have to learn it yourself through trial and error. In particular, the online documentation should have more information about troubleshooting."
"The greatest area of improvement is with the user interface of the Password Vault Web Access component."
"Their post-sale support area requires a big improvement. Customers cannot automate tickets directly with CyberArk. They have to come through the distributor or bring in partners who have access to the support portal. Basically, the support for post-sales implementation is there, but the role of CyberArk is very minimal. Customers have to rely on partners, which sometimes creates issues. Some of the vendors help you during the implementation process, but the CyberArk support team does not do that. They have 24/7 support for our region, but they help only if there is an emergency or there is a problem with their system. If the password vault is down or the system is down, they provide immediate attention. For almost everything else, they take more time to respond. They give low priority to service-related or migration-related questions."
"The solution needs better features for end users to manage their own whitelisting for API retrieval."
"There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
"In terms of managing the users on a large scale, it would be easier if they had some kind of user management portal."
"I'd like OneLogin to have a customization section that displays the company's offerings, categorized by different topics."
"While I initially used OneLogin's desktop feature to extend SSO, I discontinued it two years ago due to limitations."
"OneLogin needs to increase the number of connectors available out of the box to connect to the different endpoints. The number of out-of-box connectors should be increased."
"This product doesn't necessarily provide us with all of the functionality that we need, such as being able to share passwords with external users."
"OneLogin offers a Virtual LDAP feature that we utilize, although it differs slightly from traditional LDAP servers."
"I would like better reporting from SmartFactor Authentication when a user is not able to sign in due to a new location, new IP, new device, et cetera."
"More off-hour support."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while OneLogin by One Identity is ranked 5th in Access Management with 16 reviews. CyberArk Privileged Access Manager is rated 8.8, while OneLogin by One Identity is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of OneLogin by One Identity writes "Integrated well and had a single pane of glass, but downtime and pricing were issues for us". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas OneLogin by One Identity is most compared with Auth0, Microsoft Entra ID, Okta Workforce Identity, LastPass and One Identity Manager. See our CyberArk Privileged Access Manager vs. OneLogin by One Identity report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.