We performed a comparison between CyberArk Privileged Access Manager and One Identity Safeguard based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Performance-wise, it is excellent."
"The threat analytics is an important feature."
"It has helped from an auditing perspective identify who has access to privileged accounts."
"We have demoted a lot of domain admins and taken a lot of that away from people, giving it a shared account structure."
"It enables companies to automate password management on target systems gaining a more secure access management approach."
"The solution helps our developers access internal systems. It also helps us in Privilege Access Management."
"Password rotation, session recording & isolation and on-demand privileges."
"Right off the bat, the most valuable feature is the DNA scan. It gives us the ability to scan our environment and find the accounts that we're going to need to take under control."
"It is easy to manage. There is a very logical, clear user interface. Also, the integration of scripts is thoughtfully implemented. Overall, it's a nice product to manage."
"The whole product solves the privileged access management challenge for our company. We have a secure tunnel, a secure session manager, and automatic logging of sessions, which is good for forensic purposes. We have a rich level of logs and can trace what happened on which machine and see who did what."
"There are numerous valuable data protection features, including the content and information that offer us more scalable protection as needed."
"I have found One Identity Safeguard to be stable."
"The Transparent Mode is the number one advantage of the product."
"Safeguard has the ability to record and retrieve in the full-video format."
"The transparent mode for privileged sessions is a very good solution."
"The extensible framework for authentication is one of the most valuable features. We use an MFA plug-in and a lot of different factors, depending on what the business use-cases are. And of course, the auditing functionality is also valuable."
"We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process."
"This is probably a common thing, but they do ask for a lot of log files, a lot of information. They ask you to provide a lot of information to them before they're willing to give you anything at all upfront. It would be better if they were a little more give-and-take upfront: "Why don't you try these couple of things while we take your log files and stuff and go research them?" A little bit of that might be more helpful."
"The web interface has come a long way, but the PrivateArk client seems clunky and not intuitive. It could use an update to be brought up to speed with the usability of PVWA."
"The greatest area of improvement is with the user interface of the Password Vault Web Access component."
"What could be improved in CyberArk Privileged Access Manager is the licensing model. It should be more flexible in terms of the users. Currently, it's based on the number of users, but many users only log in once in four months or once in five months. It would be great if the licensing model could be modified based on user needs. We even have users who have not logged in even once."
"The support services could act faster when people reach out to resolve issues."
"One of our current issues is a publishing issue. If we whitelist Google Chrome, all the events of Google Chrome should be gone. It is not happening."
"It's hard to find competent resellers/support."
"Something for One Identity to look at is having integration guidelines for how to logically group accounts."
"From a usability perspective, what we are finding out is that our privileged domain admin users, in particular, want functionality for extending a checkout session. So we are working with One Identity support to see if there's an enhancement that can be made to the product."
"The main point regarding the user experience is that Safeguard has two separate management consoles."
"We would like to be able to generate certificate signing requests (CSRs) from the interface for certificates."
"I just received a question from a customer in regards to a connection with Oracle OID. I tried to integrate Safeguard with the Oracle YAML as well as something else to manage the groups and users from a different system, like AD or LDAP. This one feature could be better. At this moment, the platform system can only use the integration with LDAP or AD. The software for research and development to create a connector to a YAML platform can be very complicated."
"Some of the out-of-the-box reporting isn't that rich. We spoke to our Safeguard reps who have acknowledged that some of the reporting features can certainly be improved and that we're not the only customer who has cited this. There are very little out-of-the-box reporting capabilities. You have to build the queries and the report. I believe in the next release they're going to be addressing this."
"We've had issues managing accounts and access to some data saved on the servers. Accounts are granted a new working certificate daily. We have an account to do it on APIs online and sync it with that. If the path changes at some point or someone changes the password, I don't know if it's from the Active Directory or what."
"For some users, the physical appliance has been a bit buggy."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while One Identity Safeguard is ranked 5th in Privileged Access Management (PAM) with 38 reviews. CyberArk Privileged Access Manager is rated 8.8, while One Identity Safeguard is rated 8.2. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of One Identity Safeguard writes "Provides us with centralized storage of secrets and credentials, and visibility into the use of privileged access". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and Zscaler Internet Access, whereas One Identity Safeguard is most compared with WALLIX Bastion, Delinea Secret Server, BeyondTrust Privileged Remote Access, Fudo PAM and ObserveIT. See our CyberArk Privileged Access Manager vs. One Identity Safeguard report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hello Avinash, it all depends on the timeline and urgency of the project. If you need to deploy a PAM tool that focuses on standing privileges, stopping lateral movement, and incorporating Zero Standing Privileges as part of Zero Trust, then please consider looking at Remediant. I've worked for BeyondTrust and have gone up against the other big players such as Delinea, Centrify, CyberArk, and HashiCorp. They more or less all offer similar solutions, but looking at your current requirements, Remediant really excels in delivering a simple, yet very effective tool in a matter of days and weeks, not months and years.