We performed a comparison between CyberArk Privileged Access Manager and Delinea Secret Server based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Delinea Secret Server has an edge over CyberArk in this comparison. According to reviews, Secret Server is easier to set up, more reasonably priced, and more user friendly.
"The solution helps our developers access internal systems. It also helps us in Privilege Access Management."
"The product has allowed us to improve both the management and access to privileged credentials, while also creating a full audit trail of all activities happening within isolated sessions of all tasks and activities taking place within the solution."
"AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials."
"We have been able to manage application credentials in CyberArk, whether they come as a custom plugin or straight out-of-the-box."
"Within the solution, I love the fact that everything is recorded. The configuration capabilities are great, too."
"Our go-to solution for securing against the pass the hash attack vector and auditing privileged account usage."
"What I found most valuable in CyberArk Privileged Access Manager is the Session Manager as it allows you to split the connection between the administrator site and the target site. I also found the Password Manager valuable as it lets you rotate the passwords of privileged users."
"It is a scalable product."
"It is a stable solution."
"The most valuable feature of this solution is that it provides us with a secure way of managing passwords."
"Its technical support is good."
"I really like the zero trust piece."
"One of the features I find most valuable is workflow, which allows you to configure the solution to have multiple approvals."
"I have found most valuable the automatic scheduled password rotation and remote desktop monitoring. Additionally, the documentation is readily available and easy to find and the dashboard is straightforward."
"It works for us."
"Number one is the password vault; it's very good. Number two, they have a feature for remote desktops that are created on a per session basis, which is very good for security."
"There is some stuff that we still have not fully integrated, which is our AIM solution. We are having all types of issues with it. I have been working with Level 3 support on it, but otherwise, from a functionality perspective, everything has been working except for the AIM solution."
"This is probably a common thing, but they do ask for a lot of log files, a lot of information. They ask you to provide a lot of information to them before they're willing to give you anything at all upfront. It would be better if they were a little more give-and-take upfront: "Why don't you try these couple of things while we take your log files and stuff and go research them?" A little bit of that might be more helpful."
"Online help needs to be looked into with live agent support."
"If there is an area that has room for improvement, it's probably working with their support and getting people on the phone. That is hard to do with most products in general, but that seems to be the difficult area. The product is fantastic, but sometimes we want somebody on the phone."
"CyberArk Privileged Access Manager could improve the integration with other solutions and ease of use. Additionally, there should be a feature to have remote connections without a VPN."
"It needs better documentation with more examples for the configuration files and API/REST integration"
"I'd like to see a more expansive SSH tunneling situation through PSMP. Right now you have an account that exists in the vault and you say, "I want to create a tunnel using this account." I'd like to see something that is not account-based where I could say, "I want to create a tunnel to this machine over here," and then authenticate through the PSMP and then your tunnel is set up. You wouldn't need to then authenticate to a machine."
"In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."
"When working with larger enterprises Thycotic Secret Server becomes a little cumbersome to work with because they do not allow as much flexibility as some of the other competitors, such as CyberArk. Thycotic Secret Server could improve by being more flexible when it comes to customization, and increase the number of API integrations."
"The technical support needs improvement. For example, if you have any problems on the server configuring the IIS, they would provide you very limited details and they would tell you the problem is on your end."
"I think that the main interface should integrate better with non-standard applications and clients, to connect with other systems."
"We always ask for partner enablement, which is more like a soft requirement rather than a product requirement. It would be great if they can provide us deeper knowledge of their products for integration."
"I would like to see improvement with the integration with Azure Active Directory. This would mean that we can have support on multiple platforms such as Windows, Linux, and Mac."
"It would be better if they had a Linux version of the secret server."
"The tool should integrate additional features like OCR."
"It is expensive compared to other solutions in this category and for what it does."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews while Delinea Secret Server is ranked 2nd in Privileged Access Management (PAM) with 47 reviews. CyberArk Privileged Access Manager is rated 8.8, while Delinea Secret Server is rated 8.2. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Delinea Secret Server writes "Effective for password rotation policies triggered by audit requirements, it helps maintain compliance standards and seamless integration with third-party tools ". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, WALLIX Bastion, One Identity Safeguard and ManageEngine PAM360, whereas Delinea Secret Server is most compared with Azure Key Vault, HashiCorp Vault, IBM Security Secret Server, ManageEngine PAM360 and CyberArk Enterprise Password Vault. See our CyberArk Privileged Access Manager vs. Delinea Secret Server report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hello Avinash, it all depends on the timeline and urgency of the project. If you need to deploy a PAM tool that focuses on standing privileges, stopping lateral movement, and incorporating Zero Standing Privileges as part of Zero Trust, then please consider looking at Remediant. I've worked for BeyondTrust and have gone up against the other big players such as Delinea, Centrify, CyberArk, and HashiCorp. They more or less all offer similar solutions, but looking at your current requirements, Remediant really excels in delivering a simple, yet very effective tool in a matter of days and weeks, not months and years.