CyberArk Endpoint Privilege Manager vs One Identity Safeguard comparison

CyberArk and One Identity are both solutions in the Privileged Access Management (PAM) category. CyberArk is ranked #4 with an average rating of 8.4, while One Identity is ranked #3 with an average rating of 7.2. CyberArk holds a 3.5% mindshare in PAM, compared to One Identity’s 4.2% mindshare. Additionally, 84% of CyberArk users are willing to recommend the solution, compared to 93% of One Identity users who would recommend it.

CyberArk Endpoint Privilege...

Read 35 CyberArk Endpoint Privilege Manager reviews

1,306 Views
921 Comparison Views

84% willing to recommend

One Identity Safeguard

Read 41 One Identity Safeguard reviews

2,918 Views
1,161 Comparison Views

93% willing to recommend

CyberArk Endpoint Privilege...

One Identity Safeguard

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 6, 2024

CyberArk Endpoint Privilege Manager and One Identity Safeguard are leading solutions in the endpoint security sector. CyberArk appears to have the upper hand in user satisfaction, particularly in pricing and support, whereas One Identity Safeguard is valued for its rich features that justify its higher cost.

Features: Users identify CyberArk Endpoint Privilege Manager for its integration capabilities, effective privilege management, and streamlined user controls. One Identity Safeguard stands out with its comprehensive session management, scalability, and robust security features.

Room for Improvement: CyberArk users suggest enhancements in reporting capabilities, simplified update processes, and more user-friendly interfaces. For One Identity Safeguard, improvements in response time, configuration simplicity, and user documentation are highlighted.

Ease of Deployment and Customer Service: CyberArk Endpoint Privilege Manager offers straightforward deployment and responsive customer service, making it a good fit for fast implementation. One Identity Safeguard, despite requiring more complex setup, provides a comprehensive support framework appreciated by users.

Pricing and ROI: CyberArk Endpoint Privilege Manager is seen as cost-effective with its competitive setup costs and quick ROI. One Identity Safeguard, although higher in upfront costs, provides long-term value due to its extensive features, offering a justified investment for many organizations.

To learn more, read our detailed CyberArk Endpoint Privilege Manager vs. One Identity Safeguard Report (Updated: January 2025).

Buyer's Guide

CyberArk Endpoint Privilege Manager vs. One Identity Safeguard

January 2025

Download the complete report

Helped 841,004 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

CyberArk Endpoint Privilege...

Ranking in Privileged Access Management (PAM)

4th

Average Rating

8.2

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Endpoint Compliance (4th), Anti-Malware Tools (5th), Application Control (5th), Ransomware Protection (7th)

One Identity Safeguard

Ranking in Privileged Access Management (PAM)

3rd

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (6th)

Mindshare comparison

As of March 2025, in the Privileged Access Management (PAM) category, the mindshare of CyberArk Endpoint Privilege Manager is 3.5%, down from 3.7% compared to the previous year. The mindshare of One Identity Safeguard is 4.2%, down from 4.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Privileged Access Management (PAM)

Featured Reviews

Sumit Chavan

Lead Consultant at Aujas Networks Pvt Ltd

Helps secure the infrastructure and control users with admin rights

There are many features that are currently missing. A customization option is required for certain policies. For instance, if we need to stop PowerShell scripting, we have to create a different policy for that. Being able to create a sub-level policy within a top-level policy would be good. Currently, no user-based policy option is available inside the EPM console. We can only create computer-based policies. The database is available, but there is a drawback in not being able to create local groups on the EPM console. We only have to depend on Active Directory. This limits infrastructure security as we depend on the Active Directory team to manage user groups. If they remove any users, we lose control. If we could create groups locally and block them or set specific policies, we would have more control. Local endpoint management is missing from the EPM site. Moreover, there is an issue with policies not running as expected when we make enhancements. We have to find multiple ways to whitelist applications or enhance policies.

Read full review

Tor Nordhagen

Executive Director at Semaphore

Transparent mode for privileged sessions will greatly simplify our client's administrative situation

We're introducing the solution's transparent mode for privileged sessions. This is part of what the client hasn't used before. It will simplify their administrative situation greatly. So far, the rollout of this feature has been a seamless process, but we're still in the midst of rolling it out. The benefits will be on the risk side. Right now, the way accounts are managed, you don't necessarily know who is using an account. There's a shared admin account, and that's not a good thing. And those accounts are shared in wallets by several people. One of the real benefits of safeguarding here is that the client will have an absolute audit of who is using an administrative interface, whether it's server or network.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The product is stable."

"In terms of ROI, deploying CyberArk Endpoint Privilege Manager has secured the infrastructure, which saves money, time, and resources."

"The tool is an endpoint management system. It monitors everything a standard user does and helps elevate privileges when necessary for advanced users. It keeps an auditable trail of all activities. Practically, it stops and blocks potentially hazardous user behavior, whether intentional or unintentional. Certain companies must use endpoint management software because of national or international rules or ISO norms."

"The department management aspect of the solution is the most valuable aspect."

"The password rotation and the session recording are the most valuable features."

"The most valuable feature is the ability to control users with admin rights. Even if developers and senior folks maintain their admin rights, we can still manage their activities."

"CyberArk Endpoint Privilege Manager (EPM) 's most valuable feature is its ability to manage user application privileges and protect against ransomware attacks by controlling access to specific files and applications."

"The most valuable feature of CyberArk Endpoint Privilege Manager is its ability to reset passwords every time that it is needed or periodically."

More CyberArk Endpoint Privilege Manager pros

"One of the real benefits of safeguarding here is that the client will have an absolute audit of who is using an administrative interface, whether it's server or network."

"I like the discovery functionality and the change password feature through the check-in. I also like the bulk import with the help of templates that come with it out of the box. With the help of these few features, my tasks are made easier."

"The monitoring system is very good."

"I like Safeguard's snapshot feature that enables us to review the last time an application was opened and by whom. If there are any issues, we can look behind the scenes to see what has been done. We can suspend a user's access or close off a server."

"The solution's most valuable features are the efficiency and the quality of the recording."

"The transparent mode for privileged sessions is one of the best things for customers, because they don't see the system in-between."

"There are a lot of features, so it's going to sound funny, but one of the most simplistic features, the Favorites feature, is the one we like the best. You do a full run-through of configuration to check out a server and then you can save that whole configuration as a favorite. So the next time you go in, you click on the favorite that you configured and it automatically takes you to the end so you can check the server out that much faster. It saves a lot of time..."

"From my experience, the features are best for monitoring and the usage of LDAP and SSH."

More One Identity Safeguard pros

Cons

"The solution is very expensive."

"The solution can be complex to use at times."

"They need much better integration with Azure AD."

"CyberArk should consider whitelisting important applications like PowerShell and DLL that are currently not allowed due to some malicious content."

"It cannot be on-prem. It is only cloud-based. Sometimes, that's a restriction in terms of usage."

"CyberArk Endpoint Privilege Manager could be improved by simplifying the administration process, specifically when setting up policies and applications."

"Compared to other tools like Linux, this solution isn't as user-friendly."

"The turnaround time of the support team is an area of concern where improvements are required."

More CyberArk Endpoint Privilege Manager cons

"Our experience with technical support has been disappointing. We require more prompt and faster response times. We require answers to our questions right away but we haven't received that level of support."

"The interface is better now, but it still could be improved a lot. It needs more organization, menus, automatic refresh of information, and Web 2.0."

"One Identity's support is not appropriately structured, and it has a lot of room to improve."

"We currently have a problem with the Active Directory integrations on Windows. Some of our users need to be logged with Active Directory, but we are having communication issues between One Identity and Active Directory. It seems that Active Directory is not well-integrated."

"On a scale of one to ten, the stability is an eight."

"Even though we have two nodes, there's no way to do an upgrade without taking everything completely offline. It would be nice if they could improve that."

"We can't review or audit HTTP and HTTPS. This functionality should be added so that we can review and audit HTTP and HTTPS."

"We have feature requests and would like to see the turnaround times on those features to be faster."

More One Identity Safeguard cons

Pricing and Cost Advice

"The tool is priced high. I would rate its pricing an eight out of ten."

"CyberArk Endpoint Privilege Manager is slightly expensive, but costs can be negotiated to become more competitive."

"The tool's pricing is reasonable for customers."

"I rate the solution's pricing an eight out of ten since the price can be too high for smaller businesses."

"licensing for this solution is based on the number of APV (privileged users), and the number of sessions that you want to record."

"We pay about $17 per user."

"The professional services for one eight-hour day would be $1,800."

"I feel that the price of the product is nominal. It must be around 10 to 15 USD per installation. I rate the product price an eight to nine out of ten, where one is high price, and ten is low price."

More CyberArk Endpoint Privilege Manager pricing and cost advice

"The full license is expensive but if you plan to use it in a big organization then it is the best option because it is more flexible."

"As compared to other products, it is reasonable, but the training sessions are too expensive."

"The license is around $3,000 per month."

"They have comparable pricing. All identity products are essentially priced in a similar way. It's a per-user base."

"Our licensing costs are on a yearly basis."

"It was definitely cheaper than the other two products that we evaluated."

"Setup cost, pricing and licensing are all very expensive."

"The pricing depends on our perspective, our budget, and, of course, the competitors we are taking into account."

More One Identity Safeguard pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.

See recommendations

841,004 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

16%

Computer Software Company

14%

Manufacturing Company

11%

Government

Computer Software Company

23%

Financial Services Firm

12%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Looking for recommendations and a pros/cons template for software to detect insider threats

This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpo...

See all answers

What do you like most about CyberArk Endpoint Privilege Manager?

The most valuable feature of the solution is its performance.

See all answers

What is your experience regarding pricing and costs for CyberArk Endpoint Privilege Manager?

CyberArk Endpoint Privilege Manager is slightly expensive, but costs can be negotiated to become more competitive.

See all answers

What do you like most about One Identity Safeguard?

The identity discovery is good, and the performance is pretty good value.

See all answers

What is your experience regarding pricing and costs for One Identity Safeguard?

One Identity Safeguard is expensive. The license is around $3,000 per month.

See all answers

What needs improvement with One Identity Safeguard?

One Identity's support is not appropriately structured, and it has a lot of room to improve.

See all answers

Comparisons

CrowdStrike Falcon vs CyberArk Endpoint Privilege Manager

Compared 25% of the time

Microsoft Defender for Endpoint vs CyberArk Endpoint Privilege Manager

Compared 17% of the time

BeyondTrust Endpoint Privilege Management vs CyberArk Endpoint Privilege Manager

Compared 15% of the time

CyberArk Privileged Access Manager vs CyberArk Endpoint Privilege Manager

Compared 9% of the time

Tanium vs CyberArk Endpoint Privilege Manager

Compared 5% of the time

More CyberArk Endpoint Privilege Manager Competitors

CyberArk Privileged Access Manager vs One Identity Safeguard

Compared 37% of the time

WALLIX Bastion vs One Identity Safeguard

Compared 16% of the time

Delinea Secret Server vs One Identity Safeguard

Compared 9% of the time

SailPoint Identity Security Cloud vs One Identity Safeguard

Compared 8% of the time

BeyondTrust Privileged Remote Access vs One Identity Safeguard

Compared 7% of the time

More One Identity Safeguard Competitors

Product Reports

Buyer's Guide

CyberArk Endpoint Privilege Manager

March 2025

CyberArk Endpoint Privilege Manager report

Download CyberArk Endpoint Privilege Manager product report

Buyer's Guide

One Identity Safeguard

February 2025

Download One Identity Safeguard product report

Also Known As

Viewfinity

No data available

Overview

CyberArk Endpoint Privilege Manager, a critical and foundational endpoint control addresses the underlying weaknesses of endpoint defenses against a privileged attacker and helps enterprises defend against these attacks through removing local admin rights, enforcing least privilege, and implementing foundational endpoint security controls across all Windows, macOS and Linux endpoints from hybrid to cloud environments.

Click here for a free 30 day trial: CyberArk Endpoint Privilege Manager free trial

CyberArk

One Identity Safeguard manages and monitors privileged access, enhancing security with features like automatic session recording, real-time monitoring, and credential rotation. It integrates seamlessly, supports compliance with audit trails, and improves operational efficiency across organizations. This robust platform significantly bolsters security protocols while controlling sensitive operations.

One Identity

Sample Customers

Information Not Available

Cavium

Buyer's Guide

CyberArk Endpoint Privilege Manager vs. One Identity Safeguard

January 2025

Free Report: CyberArk Endpoint Privilege Manager vs. One Identity Safeguard

Find out what your peers are saying about CyberArk Endpoint Privilege Manager vs. One Identity Safeguard and other solutions. Updated: January 2025.

DOWNLOAD NOW

841,004 professionals have used our research since 2012.

See our CyberArk Endpoint Privilege Manager vs. One Identity Safeguard report.

See our list of best Privileged Access Management (PAM) vendors.

We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.