Try our new research platform with insights from 80,000+ expert users

CyberArk Privileged Access Manager vs IBM Security Verify Access comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

CyberArk Privileged Access ...
Average Rating
8.6
Number of Reviews
193
Ranking in other categories
User Activity Monitoring (1st), Enterprise Password Managers (2nd), Privileged Access Management (PAM) (1st), Mainframe Security (3rd), Operational Technology (OT) Security (3rd)
IBM Security Verify Access
Average Rating
7.8
Number of Reviews
7
Ranking in other categories
Single Sign-On (SSO) (14th), Identity Management (IM) (24th), Identity and Access Management as a Service (IDaaS) (IAMaaS) (15th), Access Management (12th)
 

Featured Reviews

SatishIyer - PeerSpot reviewer
Jun 21, 2022
Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK
When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time. PTA is essentially the monitoring interface of the broker (e.g. Privileged Access Management, the Vault, CPM, PSM, etc.), and it's where you can capture your broker bypass and perform related actions. For this reason, we thought that this kind of mapping would be required, but CyberArk informed us that they did not have the capability we had in mind with regard to MITRE ATT&CK. I am not sure what the situation is now, but it would definitely help to have that kind of alignment with one of the more well-known frameworks like MITRE. For CyberArk as a vendor, it would also help them to clearly spell out in which areas they have full functionality and in which ares they have partial or none. Of course, it also greatly benefits the customers when they're evaluating the product.
Jared Ochieng - PeerSpot reviewer
Mar 13, 2024
Offers multiple authentication methods like tokens and one-time passwords
The authentication process with IBM Security Verify Access is good and is considered one of the best identity and access management solutions. It helps with multi-factor authentication. It offers multiple authentication methods like tokens and one-time passwords, enhancing security. It also includes features like password vaults and single sign-on, streamlining the access process for remote and local users across different solutions. The tool provides a password vault, single sign-on, and multifactor authentication. It offers various authentication methods like fingerprint integration, one-time passwords, or tokens sent via email or SMS. This ensures secure access to your accounts by providing multiple authentication options. The policy control feature allows you to set authentication measures and policies for your organization's identity governance. This feature helps create standardized policies and organize them into groups based on departments or specific needs. It simplifies access management for both administrators and users. IBM Security Verify Access can be integrated with almost any solution using APIs. The time required for integration depends on whether the solution is out of the box or custom. Out-of-the-box solutions can be integrated quickly, typically within a few days or hours, while custom solutions may require additional steps and take longer to integrate.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Our most valuable features would probably be key rotation, the SKM or SSH key manager, and account discovery."
"With CyberArk, you can be fully confident that your existing accounts are secure. You will be 100 percent"
"We are able to centrally manage credentials, touch applications, and rotate passwords."
"It's a good solution, it works, and the bank is happy with it."
"If any intruder gets inside, they would not be able to move around nor do lateral movements. It minimize any attack problems within our network."
"CyberArk Privileged Access Manager is stable."
"Service count rotation is probably one of my favorite features... The ability to automatically rotate any password I need to really helps with the entire enterprise strategy that we're pushing right now."
"I find value in notifications from CyberArk when passwords fail verification and have other issues."
"The most valuable feature of IBM Security Access Manager, at least for my company, is multi-factor authentication. That's the only feature my company is using. The solution works well and has no glitches. IBM Security Access Manager is a very good solution, so my company is still using it."
"It's a good solution for identification and access management."
"I have found this solution to be really practical and when a user wants to log in, it is effortless and runs smooth."
"The tool provides a password vault, single sign-on, and multifactor authentication. It offers various authentication methods like fingerprint integration, one-time passwords, or tokens sent via email or SMS. This ensures secure access to your accounts by providing multiple authentication options."
"The solution has powerful authentification and authorization. It offers a good way to increase security."
"Its stability and UI are most valuable."
"From the integration point of view, it supports SAML, OIDC, and OAuth. For legacy applications that don't have support for SAML and other new protocols, it provides single sign-on access to end-users. From the integration compatibility point of view, it is highly capable."
 

Cons

"it manages creds based on Organizational Units. That is, a "safe" is limited to specific OUs. That makes for very elaborate OU structure, or you risk exposing too many devices by putting most of them in fewer OUs."
"We require IAM (identify and access management) capability at the administrator level because we need more identification."
"The authentication port is available in CyberArk Alero but not Fortinet products."
"Having a centralized place to manage the solution has been something that I have always wanted, and they are starting to understand that and bring things back together."
"The initial setup was somewhat complex."
"One of the main things that could be improved would be filtering accounts on the main page and increasing the functionality of the filters. There are some filters on the side which are very specific, but I feel there could be more."
"The web access piece needs improvement. We have version 9.5 or 9.9.5, and now we have to upgrade to version 10."
"There were a lot of manual steps in the initial setup which could have been automated. I read the 10.4 release that was sent out about a month or two ago, and I saw the steps required for upgrade have been reduced by about 90%. That was a big thing for me, but I still haven't seen that yet because we have not upgrade past 9.9.5."
"Configuration could be simplified for the end-user."
"The user interface for users and administrators could be improved to make it easier. Automating some functions could also be beneficial."
"The user interface needs to be simplified, it's complex and not user-friendly."
"What we'd like improved in IBM Security Access Manager is its onboarding process as it's complex, particularly when onboarding new applications. We need to be very, very careful during the onboarding. We have no issues with IBM Security Access Manager because the solution works fine, apart from the onboarding process and IBM's involvement in onboarding issues. If we need support related to the onboarding, we've noticed a pattern where support isn't available, or they don't have much experience, or we're not getting a response from them. We're facing the same issue with IBM Guardium. As we're just focusing on the multi-factor authentication feature of IBM Security Access Manager and we didn't explore any other features, we don't have additional features to suggest for the next release of the solution, but we're in discussion about exploring ID management and access management features, but those are just possibilities because right now, we're focused on exploring our domain."
"They can improve the single sign-on configuration for OIDC and OAuth. That is not very mature in this product, and they can improve it in this particular area. OIDC is a third-party integration that we do with the cloud platforms, and OAuth is an authorization mechanism for allowing a user having an account with Google or any other provider to access an application. Organizations these days are looking for just-in-time provisioning use cases, but IBM Security Access Manager is not very mature for such use cases. There are only a few applications that can be integrated, and this is where this product is lagging. However, in terms of configuration and single sign-on mechanisms, it is a great product."
"There are a lot of areas that can be improved, but the main area is the lack of customization. You cannot easily customize anything in the product. It is not easy to tweak the functionality. It is challenging to change the out-of-the-box functionality."
"The solution could be classified as a hilt system. There are a lot of resources being used and it is suitable for very large enterprises or the public sector."
 

Pricing and Cost Advice

"It is not a cheap solution. It is expensive as compared with other solutions. However, it is one of the best solutions in their domain."
"It's per-company, license-based."
"Previously, the pricing was very meager. They started publicizing and advertising the solution, growing CyberArk, as an organization. They also changed their pricing with that growth, e.g., the pricier the product, the more people who will purchase it."
"Pricing is quite high and it could be improved."
"I believe that this solution is priced well. It's the market leader and I think that it's the best solution."
"CyberArk DNA is free if you purchase the CyberArk solution. There is no additional charge for CyberArk DNA, which is great."
"The price of the solution is reasonable."
"Compared to other solutions, it is costly."
"The product is not expensive. It depends on the number of users."
"It costs about 300K AED for a year. Its pricing is a bit on the higher end, but in comparison to other products in the market, its price is still better. There are lots of other products that are very costly."
"The license and costs depend on the amount range of users you have. For just approximately 2,000 users, the price is practical and fair. However, when you have 20,000 users, it starts to become really expensive, and the discount per user is not attractive enough to go ahead and purchase."
report
Use our free recommendation engine to learn which Access Management solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
30%
Financial Services Firm
13%
Computer Software Company
11%
Manufacturing Company
6%
Financial Services Firm
24%
Insurance Company
18%
Computer Software Company
9%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?
CyberArk Privileged Access Manager comes at a high cost. But the solution is worth its price.
What do you like most about IBM Security Access Manager?
The tool provides a password vault, single sign-on, and multifactor authentication. It offers various authentication methods like fingerprint integration, one-time passwords, or tokens sent via ema...
What needs improvement with IBM Security Access Manager?
The user interface for users and administrators could be improved to make it easier. Automating some functions could also be beneficial.
 

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
IBM Security Verify Access (SVA), IBM Security Access Manager, ISAM
 

Learn More

Video not available
 

Overview

 

Sample Customers

Rockwell Automation
POST Luxembourg
Find out what your peers are saying about CyberArk Privileged Access Manager vs. IBM Security Verify Access and other solutions. Updated: October 2024.
814,763 professionals have used our research since 2012.