We performed a comparison between CyberArk Privileged Access Manager and IBM Security Secret Server based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We know when passwords will be expiring so we can force users to change their passwords, as well as requiring specific password requirements for length, complexity, etc."
"There are no issues with scalability. Our clients are very happy to use the product."
"Password rotation, session recording & isolation and on-demand privileges."
"The product is an important security measure against credential theft. It ensures session isolation and password rotation including pushing passwords to the endpoints."
"The combination of CPM and PSM resolves a lot of use cases."
"It is a central repository. Therefore, if someone needs to access a server, then they go through CyberArk PAM. It provides a secure way to do this and CyberArk PAM records everything. For example, if you are connecting to a Linux server, then once you get into the Linux server and if it is integrated with CyberArk, it will automatically start recording everything that is being done. In most banks, seeing the recordings is very useful. If there are any gaps or something has happened which shouldn't have happened, then we can check the logs and videos. So, it gives security, in a robust manner, to the organization."
"We are utilizing CyberArk to secure applications, credentials, and endpoints."
"It is a single tool that isolates possible kinds of malware. You get lateral movement blocking and auditing information, e.g., you know who is doing what. You are getting protections from the service as well as a useful environment. All your admins can easily go in and out of your company while accessing your servers in a secure way, even if they are working abroad."
"One of the most valuable features is scalability, and how it allows you to scale it without affecting the underlying core components."
"Stability-wise, I think it is a very good solution."
"As a PAM solution, Secret Server performs all the use cases in our environment."
"What I like best about IBM Security Secret Server is its single-access console. It's also easy to manage and fulfills the requirements with the least resistance."
"The live recording is a very useful feature."
"Stability is a huge concern right now. We are on a version which is very unstable. We have to upgrade to stabilize it. It is fine, but the problem is we have to hire CyberArk to do the upgrade. This costs money, and it is their bug."
"The continuous scanning of the assets is limited to Windows and Unix. We like to have the solution scan any databases, network devices, and security devices for privileged accounts. That would be very helpful."
"One thing that could be improved is to create of a better alternative for fixing group policy fees. We currently use Microsoft, but they have introduced new policies that may not be compatible."
"The current user interface is a little dated. However, I hear there are changes coming in the next version."
"They can do a better job in the PSM space."
"The one place where we found that this product really needs to improve is the cloud. Simple integrations don't exist, even today. We don't have anything specific on CyberArk for managing, SaaS products, SaaS vendors, SaaS credentials. I understand it's a vendor-based thing and that they have to coordinate with the other vendors to be able to do that, and there are integrations coming. But these are the major places where CyberArk definitely needs to invest some more time."
"Initially, there was a lot of hiccups, because there were a lot of transitions due to manual installations."
"When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time."
"What needs improvement in IBM Security Secret Server is support. The local partner provides good support, but IBM itself doesn't. Most of the time, the IBM support team does not aggressively resolve issues reported through chat or the IBM website."
"It would be preferable if the full proxy was included in the IBM Security Secret Server."
"The newer interface is more difficult to use than the previous one, and consequently, new users might need more training."
"Secret Server should have the ability to discover privileged accounts in the servers, like the administrator or users, from SQL and Oracle without having to import a script."
"The nonclustered index is working in an area with a problem that needs improvement."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews while IBM Security Secret Server is ranked 13th in Privileged Access Management (PAM) with 7 reviews. CyberArk Privileged Access Manager is rated 8.8, while IBM Security Secret Server is rated 8.2. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of IBM Security Secret Server writes "User-friendly, granular features, and is simple to implement, but the technical support could be improved". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas IBM Security Secret Server is most compared with Delinea Secret Server and Delinea Privileged Access Service. See our CyberArk Privileged Access Manager vs. IBM Security Secret Server report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.