We performed a comparison between CyberArk Privileged Access Manager and ForgeRock based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Its' quite stable."
"The technical support for this solution is very good. If I was to rate it on a scale of one to five, I would give it a five."
"When we started with RPA, there was a requirement that every credential and the bots themselves be protected through the PAM system. From the get-go, we've had CyberArk in the middle... We've got a pretty robust RPA implementation with our PAM platform. Users, bots, the credentials — everything is managed via our PAM solution."
"We know when passwords will be expiring so we can force users to change their passwords, as well as requiring specific password requirements for length, complexity, etc."
"The threat analytics is an important feature."
"Ensures accounts are managed according to corporate policies."
"We are able to rotate credentials and have privileged account access."
"The most important feature is managing the credentials and implementing those policies which rotate the credentials. Session Manager is also key in not letting the users have access to those credentials. Instead, CyberArk actually manages everything by itself."
"Easy to customize and adaptable to any environment."
"I like the intelligent authentication feature."
"ForgeRock products are customizable, and the out-of-the-box features are solid, too. I primarily use the OIDC compliance features. It's just a configuration. it's easy to set up and customize trees. We can add our own features if necessary. Banks and corporations have different standards and specific validations."
"I like the way it is handling authentication and authorization."
"This is a stable solution. When you do experience any issues, you will see it in your DB logs or audit logs so you can easily reach a conclusion of might be causing it."
"The support is good and prompt."
"We used it to implement multi-factor authentication and to improve our security posture as well as reducing the potential for attacks."
"We create and define the permissions and configurations for the users."
"There was a functionality of the solution that was missing. I had noticed it in Beyond Trust, but not in this solution. But, recently they have incorporated something similar."
"The product documentation has to be more precise in certain aspects with explanations for functionality limitations along with reference material or screenshots."
"It is web-based, but other competitors have apps. We need to get there. It is just smoother to have an app. You don't have all the bugs from having a browser, and people like them better, since you can get to them via mobile."
"It can be made user-friendly, in the sense of the console is pretty outdated."
"I'd like to see a more expansive SSH tunneling situation through PSMP. Right now you have an account that exists in the vault and you say, "I want to create a tunnel using this account." I'd like to see something that is not account-based where I could say, "I want to create a tunnel to this machine over here," and then authenticate through the PSMP and then your tunnel is set up. You wouldn't need to then authenticate to a machine."
"The PTA could be improved. Currently, companies often have multiple domains and sometimes it's difficult to implement CyberArk in this kind of infrastructure. For example, you can add CPM (Central Policy Manager) and PSM (Privileged Session Manager and PVWA (Password Vault Web Access) for access, but if you want to add PTA (Privileged Threat Analysis) to scan Vault logs, it is difficult because this component may be adding multiple domain environments."
"it manages creds based on Organizational Units. That is, a "safe" is limited to specific OUs. That makes for very elaborate OU structure, or you risk exposing too many devices by putting most of them in fewer OUs."
"The product is very vaulting-focused. I'd love to see it expanding its capabilities a bit further into areas like just-in-time elevation, and access with non-vaulted credentials."
"The solution's documentation is not very good, and they do not give more details."
"The product's support services in the French language are not free."
"We raised tickets asking for improvements, but sometimes we don't get the proper solution. They are responding, but the ticket is open for weeks and weeks. For some issues, we don't get a satisfactory solution or the solution doesn't work."
"The solution requires more simplified customization. However, part of the problem is my clients determining their own preferences. Technology can help and do many things, but you have to define your own policies to ensure that the solution or service works within those parameters. Helping customers understand their business and different processes is another issue not relating to the functionality of this solution."
"ForgeRock is an open source solution and is available to everyone but it is not freeware. If you need support, you need a subscription for ForgeRock. Many of its functionalities need to be built up with the help of a consultant."
"They should improve the solution by include reporting."
"I think the upgrade process is sometimes a little complicated and there are failures that occur."
"It should be a little bit easier to implement. It is user-friendly, but there is always scope for improvement."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while ForgeRock is ranked 4th in Access Management with 27 reviews. CyberArk Privileged Access Manager is rated 8.8, while ForgeRock is rated 8.0. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of ForgeRock writes "Governance and access management solution used for multi-factor authentication that is outdated with an unresponsive UI". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas ForgeRock is most compared with SailPoint IdentityIQ, PingID, Microsoft Entra ID, Auth0 and Amazon Cognito. See our CyberArk Privileged Access Manager vs. ForgeRock report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.