We performed a comparison between CyberArk Privileged Access Manager and Symantec Privileged Access Manager based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is a scalable product."
"I really like the PTA (Privileged Threat Analytics). I find this the best feature."
"The product has allowed us to improve both the management and access to privileged credentials, while also creating a full audit trail of all activities happening within isolated sessions of all tasks and activities taking place within the solution."
"We have demoted a lot of domain admins and taken a lot of that away from people, giving it a shared account structure."
"If any intruder gets inside, they would not be able to move around nor do lateral movements. It minimize any attack problems within our network."
"It is a central repository. Therefore, if someone needs to access a server, then they go through CyberArk PAM. It provides a secure way to do this and CyberArk PAM records everything. For example, if you are connecting to a Linux server, then once you get into the Linux server and if it is integrated with CyberArk, it will automatically start recording everything that is being done. In most banks, seeing the recordings is very useful. If there are any gaps or something has happened which shouldn't have happened, then we can check the logs and videos. So, it gives security, in a robust manner, to the organization."
"It takes people out of the machine work of ensuring credentials remain up-to-date, and handles connection brokering such that human usage and credential management remain independent."
"Password rotation, session recording & isolation and on-demand privileges."
"We know we can scale up with what we have, and we probably will not need to buy any further appliances down the road."
"The DB clustering is a really good benefit of using CA PAM."
"It is great for identity governance."
"We have received good support from the tech support team."
"Stability is solid as a rock."
"Comprehensive coverage of the required features for the PAM solution."
"We found that the architecture is scalable and very resilient."
"The two factor authentication, and the single most important capability was it supported PIV and CAC as one of the two factors. That was pretty huge for us."
"In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."
"There were a lot of manual steps in the initial setup which could have been automated. I read the 10.4 release that was sent out about a month or two ago, and I saw the steps required for upgrade have been reduced by about 90%. That was a big thing for me, but I still haven't seen that yet because we have not upgrade past 9.9.5."
"Sometimes the infrastructure team is hesitant to provide more resources."
"Overall what I would really love to see is the third-party PAS reporter tool pulled more into the overall solution, ideally as its own deployable component service installation package."
"They can do a better job in the PSM space."
"CyberArk has a lot on the privileged access side but they have to concentrate more on the application side as well."
"The documentation is rather basic and it is missing many use cases."
"I don't know if "failed authentication" is a glitch or if that was an update... However, since we are the CyberArk support within our organization, we need to know that the password is suspended and we won't know that unless we have the ITA log up. So when a user calls and says, "Hey, I'm locked out of CyberArk, I can't get into CyberArk," we have to go through all of these other troubleshooting steps because the first thing we don't think of right now is, "The account is suspended." It doesn't say that anymore."
"The management console could be improved."
"It'd be great if you just stuck in your PIV card and Windows popped up, asked you for your password. You typed it in, then it remembered your credentials."
"We experience stability issues after every patch upgrade. This is a place where CA needs to improve drastically."
"Instead of just giving passwords to the user based on job function, from auditing perspective, turn that cycle around. That would really help from an auditing standpoint."
"We have to do a lot of manual work to automate features."
"They should include some assignments in the test environment to explore the product's features."
"The service account management functionality needs to be extended to application pools, SQL database, PowerShell scripts, service account discovery, etc."
"I’m no fan of Java as an application front-end, as it tends to have issues depending on what browser one’s using."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
More Symantec Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while Symantec Privileged Access Manager is ranked 18th in Privileged Access Management (PAM) with 50 reviews. CyberArk Privileged Access Manager is rated 8.8, while Symantec Privileged Access Manager is rated 7.8. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Symantec Privileged Access Manager writes "Allows IT and consultants to access the infrastructure environment but needs more security and better support". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas Symantec Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), BeyondTrust Endpoint Privilege Management, Delinea Secret Server, ARCON Privileged Access Management and VMware Identity Manager. See our CyberArk Privileged Access Manager vs. Symantec Privileged Access Manager report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.