We performed a comparison between CyberArk Privileged Access Manager and ForgeRock based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The risk of lost password and forbidden access to resources has been drastically reduced which increased the security level for the entire company,"
"Securely protects our TAP/NUID and privileged access accounts within the company."
"The flexibility of integrating with other technologies is important because of a lot of applications - a lot of COTS products - are not supported when we are bringing the application IDs. The CyberArk platform provides a lot of opportunities to do customization."
"It supports lots of requirements in the privileged access management area."
"We are maintaining compliance in PCI, SOX and HIPPA, which is a big thing. Auditors really like it, and it has made us stay compliant."
"The voice technology is very good."
"The Vault offers great capabilities for structuring and accessing data."
"The most valuable aspects of the solution include password management and Rest API retrieval of vaulted credentials."
"The support is good and prompt."
"ForgeRock is an extensive product with many functionalities and capabilities, much more than many other tools combined."
"Even though we have very small business interests with them today, they see that we plan on growing drastically over the next two years. Therefore, we have excellent support and we are now at a point where we are not calling tech support. We pick up a phone and call the Account Manager and they'll get everything resolved for us. We don't have to queue along with everybody else and go through a long process."
"We used it to implement multi-factor authentication and to improve our security posture as well as reducing the potential for attacks."
"We have found the identity and access management tools in the solution to be particularly useful for our organization."
"This is a stable solution. When you do experience any issues, you will see it in your DB logs or audit logs so you can easily reach a conclusion of might be causing it."
"The product is easy to set up."
"I like the way it is handling authentication and authorization."
"Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use."
"The interface on version 9 looks old."
"There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
"One thing that could be improved is to create of a better alternative for fixing group policy fees. We currently use Microsoft, but they have introduced new policies that may not be compatible."
"The product could be easier to use. More work needs to be done on this aspect; it is not good enough yet. It also takes up a lot of server space. Sometimes we need to use up to seven servers."
"I'm not a fan of technical support with CyberArk. It's like jumping through red tape and hoops. Quite frankly, it's almost like when you call CyberArk you get the Help Desk or the level-one. I'm a level-one. I got the CCD, I know how to do the initial troubleshooting. When I call CyberArk it's because I can't figure the problem out. So I need a level-two, three, four. I don't need you to tell me, "Hey, open a ticket and then give me logs.""
"In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."
"Their post-sale support area requires a big improvement. Customers cannot automate tickets directly with CyberArk. They have to come through the distributor or bring in partners who have access to the support portal. Basically, the support for post-sales implementation is there, but the role of CyberArk is very minimal. Customers have to rely on partners, which sometimes creates issues. Some of the vendors help you during the implementation process, but the CyberArk support team does not do that. They have 24/7 support for our region, but they help only if there is an emergency or there is a problem with their system. If the password vault is down or the system is down, they provide immediate attention. For almost everything else, they take more time to respond. They give low priority to service-related or migration-related questions."
"The solution's documentation is not very good, and they do not give more details."
"I think the upgrade process is sometimes a little complicated and there are failures that occur."
"The identity management model needs a bit of improvement."
"I find that it's quite expensive for just an open-source system. Support is quite expensive."
"The solution's deployment should be made easier."
"It should have a better user interface. Its flexibility should also be improved. It is not about simplifying; it is more about flexibility. Each company has its own requirements, and ForgeRock can provide more flexibility in terms of the use of existing modules to implement features for the customers."
"Lacks simplified documentation within the tool that requires use of a separate portal."
"It should be a little bit easier to implement. It is user-friendly, but there is always scope for improvement."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while ForgeRock is ranked 4th in Access Management with 27 reviews. CyberArk Privileged Access Manager is rated 8.8, while ForgeRock is rated 8.0. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of ForgeRock writes "Governance and access management solution used for multi-factor authentication that is outdated with an unresponsive UI". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas ForgeRock is most compared with SailPoint IdentityIQ, PingID, Microsoft Entra ID, Auth0 and Amazon Cognito. See our CyberArk Privileged Access Manager vs. ForgeRock report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
