Try our new research platform with insights from 80,000+ expert users

CyberArk Endpoint Privilege Manager vs One Identity Safeguard comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 6, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
6.9
CyberArk Endpoint Privilege Manager enhances security, reduces breach vulnerabilities, and saves resources, yielding around $10,000 in value.
Sentiment score
7.0
One Identity Safeguard enhances security and compliance, ensuring PCI-DSS compliance, reducing risks, and improving operational efficiency with substantial ROI.
Deploying CyberArk Endpoint Privilege Manager has secured the infrastructure, which saves money, time, and resources.
Any PAM solution, when I deploy it well and customers use it, leads to a return on investment.
 

Customer Service

Sentiment score
6.6
CyberArk support is effective but inconsistent; response times vary and complex processes can frustrate users despite helpful resources.
Sentiment score
6.5
One Identity Safeguard’s customer service is praised for responsiveness and efficiency, but standard support faces mixed reviews.
They respond immediately to our inquiries, resolve issues promptly, and provide valuable guidance, especially in critical situations.
We engage them when needed and receive prompt responses that typically resolve our issues.
Earlier, we received support for normal tickets within a day, but now it takes one or two days to resolve issues.
I sometimes need escalations to reach expertise.
Sometimes, I get a very helpful response and they address issues on a call.
When I have day-to-day incidents and problems, the response is good enough in terms of time and quality.
 

Scalability Issues

Sentiment score
7.7
CyberArk Endpoint Privilege Manager scales efficiently for device management but requires careful planning for large configurations, users report.
Sentiment score
7.1
One Identity Safeguard is praised for scalability and ease of resource deployment but may affect performance and high availability.
We can set permissions per team or department, allowing some teams to elevate specific applications while others have different permissions.
CyberArk Endpoint Privilege Manager is quite scalable.
The available reports and other security tools assist in scaling it according to my organization's needs.
The scalability of One Identity Safeguard is perfect, scoring ten out of ten.
We have a cluster of SPPs and a cluster of SPSs, and we can add a node to that cluster without much fuss.
I would rate it a nine out of ten for scalability.
 

Stability Issues

Sentiment score
8.2
CyberArk Endpoint Privilege Manager is stable with minor issues, better Windows performance, and requires frequent server restarts.
Sentiment score
7.5
One Identity Safeguard is highly stable and reliable, with minor issues promptly addressed through regular updates.
It is a robust solution that has effectively supported our environment without major issues.
Since implementing it, we have not experienced any outages or stability issues.
CyberArk Endpoint Privilege Manager offers multiple options for creating and stopping policies.
I would rate it a nine out of ten for stability.
In terms of stability, I rate One Identity Safeguard nine to ten out of ten.
I encounter problems primarily with the failover procedure.
 

Room For Improvement

CyberArk Endpoint Privilege Manager needs improved interface, integration, performance, support, pricing, threat detection, compatibility, automation, and synchronization.
One Identity Safeguard needs improvements in integration, management, documentation, interface, support, monitoring, threat detection, and pricing.
CyberArk Endpoint Privilege Manager could be improved by simplifying the administration process, specifically when setting up policies and applications.
Currently, no user-based policy option is available inside the EPM console.
Some features provided in the self-hosted version of EPM are not supported in the software as a service version, like connection to some analysis applied by Palo Alto.
For some configurations on the SPS side, if I need to make changes, such as for DNS servers, I must redeploy the machine.
There are many steps. We are still in the onboarding phase, and it seems very manual.
Another area for improvement could be the threat detection capabilities, like those seen in other PAM vendors.
 

Setup Cost

CyberArk Endpoint Privilege Manager is costly but offers quality features, making it appealing for large enterprises in finance.
One Identity Safeguard is costly but valued for flexibility and robust security, with straightforward licensing and worthwhile investment.
CyberArk Endpoint Privilege Manager is slightly expensive, but costs can be negotiated to become more competitive.
CyberArk Endpoint Privilege Manager is costly compared to other solutions.
I've received feedback that the pricing is high, however, for me, the value it brings is worth the cost.
It is one of those where the more you buy, the cheaper it is.
It is cheaper than CyberArk.
It is more expensive than Secret Server but way less expensive than CyberArk.
 

Valuable Features

CyberArk Endpoint Privilege Manager enhances security with features like DNS scanning, admin access delegation, ransomware protection, and threat detection.
One Identity Safeguard enhances security with seamless user experience, extensive features, centralized access, and robust monitoring for on-prem and cloud management.
CyberArk Endpoint Privilege Manager effectively reduces malicious content in applications by allowing us to identify and block dangerous applications.
CyberArk Endpoint Privilege Manager enhances computer security by providing minimal access, effectively preventing ransomware attacks.
The most valuable feature is the ability to control users with admin rights.
The auditing and approval mechanisms are features we did not have before and are greatly appreciated.
I think One Identity should improve its documentation because it is vast and not clear, and clear documentation on implementing the solution would be advantageous for consultants.
Compared to other PAM solutions, it is easy to implement and use from an administrator's point of view.
 

Categories and Ranking

CyberArk Endpoint Privilege...
Ranking in Privileged Access Management (PAM)
3rd
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
36
Ranking in other categories
Endpoint Compliance (4th), Anti-Malware Tools (5th), Application Control (5th), Ransomware Protection (7th)
One Identity Safeguard
Ranking in Privileged Access Management (PAM)
4th
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
45
Ranking in other categories
User Entity Behavior Analytics (UEBA) (7th), Non-Human Identity Management (NHIM) (4th)
 

Mindshare comparison

As of April 2025, in the Privileged Access Management (PAM) category, the mindshare of CyberArk Endpoint Privilege Manager is 3.5%, down from 3.6% compared to the previous year. The mindshare of One Identity Safeguard is 4.2%, down from 4.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Privileged Access Management (PAM)
 

Featured Reviews

Sumit Chavan - PeerSpot reviewer
Helps secure the infrastructure and control users with admin rights
There are many features that are currently missing. A customization option is required for certain policies. For instance, if we need to stop PowerShell scripting, we have to create a different policy for that. Being able to create a sub-level policy within a top-level policy would be good. Currently, no user-based policy option is available inside the EPM console. We can only create computer-based policies. The database is available, but there is a drawback in not being able to create local groups on the EPM console. We only have to depend on Active Directory. This limits infrastructure security as we depend on the Active Directory team to manage user groups. If they remove any users, we lose control. If we could create groups locally and block them or set specific policies, we would have more control. Local endpoint management is missing from the EPM site. Moreover, there is an issue with policies not running as expected when we make enhancements. We have to find multiple ways to whitelist applications or enhance policies.
Tor Nordhagen - PeerSpot reviewer
Transparent mode for privileged sessions will greatly simplify our client's administrative situation
We're introducing the solution's transparent mode for privileged sessions. This is part of what the client hasn't used before. It will simplify their administrative situation greatly. So far, the rollout of this feature has been a seamless process, but we're still in the midst of rolling it out. The benefits will be on the risk side. Right now, the way accounts are managed, you don't necessarily know who is using an account. There's a shared admin account, and that's not a good thing. And those accounts are shared in wallets by several people. One of the real benefits of safeguarding here is that the client will have an absolute audit of who is using an administrative interface, whether it's server or network.
report
Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
11%
Government
8%
Computer Software Company
25%
Financial Services Firm
11%
Government
6%
Energy/Utilities Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Looking for recommendations and a pros/cons template for software to detect insider threats
This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpo...
What do you like most about CyberArk Endpoint Privilege Manager?
The most valuable feature of the solution is its performance.
What is your experience regarding pricing and costs for CyberArk Endpoint Privilege Manager?
I've received feedback that the pricing is high, however, for me, the value it brings is worth the cost. It's really one of the best solutions.
What do you like most about One Identity Safeguard?
The identity discovery is good, and the performance is pretty good value.
What is your experience regarding pricing and costs for One Identity Safeguard?
The pricing of One Identity Safeguard is fairly priced and cheaper than other solutions of the same enterprise level. It provides a good cost-benefit ratio.
What needs improvement with One Identity Safeguard?
There is room for improvement in integration between modules. The native integration between SPP and SPS, which is currently based on a plugin, could be enhanced. Customization for lookup passwords...
 

Also Known As

Viewfinity
No data available
 

Overview

 

Sample Customers

Information Not Available
Cavium
Find out what your peers are saying about CyberArk Endpoint Privilege Manager vs. One Identity Safeguard and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.