Try our new research platform with insights from 80,000+ expert users

CyberArk Privileged Access Manager vs One Identity Safeguard comparison

CyberArk and One Identity are both solutions in the Privileged Access Management (PAM) category. CyberArk is ranked #1 with an average rating of 8.9, while One Identity is ranked #3 with an average rating of 7.2. CyberArk holds a 20.9% mindshare in PAM, compared to One Identity’s 4.5% mindshare. Additionally, 94% of CyberArk users are willing to recommend the solution, compared to 93% of One Identity users who would recommend it.
CyberArk Privileged Access ...
Read 196 CyberArk Privileged Access Manager reviews
  • 10,442 Views
  • 6,179 Comparison Views
94% willing to recommend
One Identity Safeguard
Read 40 One Identity Safeguard reviews
  • 3,212 Views
  • 1,302 Comparison Views
93% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 6, 2024

CyberArk Privileged Access Manager and One Identity Safeguard are leading solutions in the privileged access management category. CyberArk holds an upper hand with its security features, while One Identity is favored for ease of management capabilities.

Features: CyberArk provides extensive security controls, comprehensive policy management, and customizable integration options. One Identity Safeguard offers easy management of privileged accounts, session monitoring, and user-friendly features.

Room for Improvement: CyberArk can improve its complex configuration process, increase usability, and reduce the expertise required. One Identity needs to enhance its reporting features, frequency of updates, and enrich integration options.

Ease of Deployment and Customer Service: CyberArk's deployment is complex, requiring technical expertise, but offers dependable support. One Identity allows for faster deployment but needs improved customer support for smoother transitions.

Pricing and ROI: CyberArk has a high initial cost but shows considerable long-term ROI. One Identity is more cost-effective upfront, though opinions differ on the long-term value.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed CyberArk Privileged Access Manager vs. One Identity Safeguard Report (Updated: December 2024).
Buyer's Guide
CyberArk Privileged Access Manager vs. One Identity Safeguard
December 2024
Download the complete report
Helped 823,875 peers since 2012
 

Categories and Ranking

CyberArk Privileged Access ...
Ranking in Privileged Access Management (PAM)
1st
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
196
Ranking in other categories
User Activity Monitoring (1st), Enterprise Password Managers (3rd), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)
One Identity Safeguard
Ranking in Privileged Access Management (PAM)
3rd
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
40
Ranking in other categories
User Entity Behavior Analytics (UEBA) (6th)
 

Mindshare comparison

As of December 2024, in the Privileged Access Management (PAM) category, the mindshare of CyberArk Privileged Access Manager is 20.9%, down from 23.8% compared to the previous year. The mindshare of One Identity Safeguard is 4.5%, down from 5.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Privileged Access Management (PAM)
 

Q&A Highlights

AG
Aug 14, 2023
Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A
Based on your extensive list of requirements, CyberArk Privileged Access Manager appears to align well with your needs due to its comprehensive feature set, strong security controls, integration capabilities, and advanced analytics for privileged access. However, it's important to conduct in-depth evaluations, demos, and discussions with each vendor to ensure that the chosen tool meets all your specific needs and integrates seamlessly into your existing infrastructure. However, I recommend visiting the official website of Broadcom (the company that acquired Symantec's enterprise security business) or contacting their sales representatives to get the most up-to-date information about their PAM solutions, including any rebranding or changes that may have occurred. When evaluating any PAM solution, it's essential to consider factors such as security, integration capabilities, ease of use, vendor support, scalability, and alignment with your organization's specific needs and compliance requirements. It's also a good practice to request demonstrations, proofs of concept, and references from vendors to ensure that the solution meets your expectations. Remember to involve key stakeholders, such as IT, security, compliance, and management teams, in the decision-making process to ensure alignment with organizational goals and requirements.
See all answers
 

Featured Reviews

SatishIyer - PeerSpot reviewer
Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK
When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time. PTA is essentially the monitoring interface of the broker (e.g. Privileged Access Management, the Vault, CPM, PSM, etc.), and it's where you can capture your broker bypass and perform related actions. For this reason, we thought that this kind of mapping would be required, but CyberArk informed us that they did not have the capability we had in mind with regard to MITRE ATT&CK. I am not sure what the situation is now, but it would definitely help to have that kind of alignment with one of the more well-known frameworks like MITRE. For CyberArk as a vendor, it would also help them to clearly spell out in which areas they have full functionality and in which ares they have partial or none. Of course, it also greatly benefits the customers when they're evaluating the product.
Read full review
Tor Nordhagen - PeerSpot reviewer
Transparent mode for privileged sessions will greatly simplify our client's administrative situation
We're introducing the solution's transparent mode for privileged sessions. This is part of what the client hasn't used before. It will simplify their administrative situation greatly. So far, the rollout of this feature has been a seamless process, but we're still in the midst of rolling it out. The benefits will be on the risk side. Right now, the way accounts are managed, you don't necessarily know who is using an account. There's a shared admin account, and that's not a good thing. And those accounts are shared in wallets by several people. One of the real benefits of safeguarding here is that the client will have an absolute audit of who is using an administrative interface, whether it's server or network.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials."
"Our go-to solution for securing against the pass the hash attack vector and auditing privileged account usage."
"CyberArk is not just an IT security or cybersecurity tool. It's also an administrator tool. I had a fair number of systems where the passwords were not fully managed by CyberArk yet, and they were expiring every 30 or 45 days. I was able to get management turned on for those accounts. From an administrator perspective, I didn't have to go back into those systems and manually change those passwords anymore. CyberArk... lightened the load on our administrative work."
"Previously, we used to share passwords for service and normal admin accounts among team members. However, since we started managing it through the product, we've transitioned to individual admin accounts or implemented dual control for shared accounts. With dual control, exclusive checking and checkout options are available, and passwords are not stored in clear text anywhere in the credentials."
"The most valuable feature of CyberArk Privileged Access Manager is the vault. I am satisfied with the interface and the documentation."
"It's a good solution, it works, and the bank is happy with it."
"Our privileged accounts are now stored in a more secure location and lateral movement within the network have been lessened."
"We have demoted a lot of domain admins and taken a lot of that away from people, giving it a shared account structure."
More CyberArk Privileged Access Manager pros
"I like Safeguard's snapshot feature that enables us to review the last time an application was opened and by whom. If there are any issues, we can look behind the scenes to see what has been done. We can suspend a user's access or close off a server."
"We use the solution’s Approval Anywhere feature which enables us to add an extra layer of security for critical passwords without adding time-consuming approval processes. By using this platform, if someone goes on a vacation, out of office, or needs urgent/planned leave, then our setup will select the functions tied to that person and automatically delegate them to the next person. That person can start performing that duty based on their access. No sharing of passwords is required."
"It is generally easy-to-use and install."
"We deployed it into our company for controlling a client's behavior in our data center. It is very useful to control their connections, such as RDP."
"In terms of the user experience, it is a pretty useful product. It works in a good way."
"We use the solution’s “transparent mode” feature for privileged sessions. It is very easy because it is only a simple configuration for our users. We don't have to modify our network. We install it, configure it, and it works. So, it is super easy. The rollout for our users is seamless."
"It is easy to manage. There is a very logical, clear user interface. Also, the integration of scripts is thoughtfully implemented. Overall, it's a nice product to manage."
"There are a lot of features, so it's going to sound funny, but one of the most simplistic features, the Favorites feature, is the one we like the best. You do a full run-through of configuration to check out a server and then you can save that whole configuration as a favorite. So the next time you go in, you click on the favorite that you configured and it automatically takes you to the end so you can check the server out that much faster. It saves a lot of time..."
More One Identity Safeguard pros
 

Cons

"The initial setup can get complex."
"I would like to see more integration with more tools, for more APIs."
"There should be more models and licensing plans for this software."
"We had an issue with the Copy feature... Apparently, in version 10, that Copy feature does not work. You actually have to click Show and then copy the password from within Show and then paste it. We've had a million tickets and we had to figure out a workaround to it."
"The tool needs to improve its usage and interface. They need to have a modern and useful interface. I want the product to improve its integration capabilities as well since some of the integration features do not work always."
"CyberArk Enterprise Password Vault can improve the distributive vault feature. Distributing the vault in multiple areas and multiple data centers should improve."
"The initial setup was somewhat complex."
"The major pain point that we have is the capacity of CyberArk due to the sheer volume of NPAs that we are managing. We are a large organization and we have hundreds of thousands of non-personal accounts to manage. We have already found out that there are certain capacity limitations within CyberArk that might introduce performance issues. From my perspective, something that would be valuable would be if the vault could hold more passwords and be more scalable."
More CyberArk Privileged Access Manager cons
"On a scale of one to ten, the stability is an eight."
"We've had issues managing accounts and access to some data saved on the servers. Accounts are granted a new working certificate daily. We have an account to do it on APIs online and sync it with that. If the path changes at some point or someone changes the password, I don't know if it's from the Active Directory or what."
"Monitoring of the platform should be easier and more functional so that you can have a clear picture of the running service."
"Cost-wise, it is a little bit expensive, which makes it difficult to get management approval. Its price should be reduced."
"There is a lack of documentation and many problems with the plugins."
"The multilanguage functionality does not support the Arabic language, even though this solution is deployed in an Arabic region."
"The main point regarding the user experience is that Safeguard has two separate management consoles."
"When we compare One Identity Safeguard with Cyberark, we know CyberArk has other tools or other features that are more complex and more useful for the customers. For example, I have one customer that wants to elevate the permission that is available in CyberArk."
More One Identity Safeguard cons
 

Pricing and Cost Advice

"This solution is considered to be more expensive than others out there on the market today."
"Compared to other solutions, it is costly."
"The price of CyberArk Privileged Access Manager could be less expensive."
"With reducing the privileged account access, there has been a huge improvement. They are now bringing more accounts on a little at a time."
"It is in line with its competitors, but all such solutions cost too much money."
"I believe that this solution is priced well. It's the market leader and I think that it's the best solution."
"It's expensive, certainly. But CyberArk is the leader in the market with regards to privileged access management. You pay a lot, but you are paying for the value that is being delivered."
"Network and security licenses are currently being managed by other outsource vendors, so they are facing some type of problems in the digital aspect."
More CyberArk Privileged Access Manager pricing and cost advice
"Our licensing costs are on a yearly basis."
"Setup cost, pricing and licensing are all very expensive."
"The full license is expensive but if you plan to use it in a big organization then it is the best option because it is more flexible."
"They offer a fair price for a robust solution."
"It was definitely cheaper than the other two products that we evaluated."
"We have a yearly license. The cost depends on how much a company wants to invest in technology. In our organization, we believe in modern digitization and automation processes so we found it affordable. One Identity was not that much less than other solutions and it is not a cheap solution. There were number of cheaper solutions. However, it's the most effective, according to our evaluation."
"They have comparable pricing. All identity products are essentially priced in a similar way. It's a per-user base."
"Safeguard is cheaper than CyberArk."
More One Identity Safeguard pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
See recommendations
823,875 professionals have used our research since 2012.
 

Answers from the Community

AG
Aug 14, 2023
Aug 14, 2023
Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A
Based on your extensive list of requirements, CyberArk Privileged Access Manager appears to align well with your needs due to its comprehensive feature set, strong security controls, integration capabilities, and advanced analytics for privileged access. However, it's important to conduct in-depth evaluations, demos, and discussions with each vendor to ensure that the chosen tool meets all your...
See 2 answers
Nurlan Temirbulatov - PeerSpot reviewer
Dec 7, 2022
Hello Avinash, it all depends on the timeline and urgency of the project. If you need to deploy a PAM tool that focuses on standing privileges, stopping lateral movement, and incorporating Zero Standing Privileges as part of Zero Trust, then please consider looking at Remediant. I've worked for BeyondTrust and have gone up against the other big players such as Delinea, Centrify, CyberArk, and HashiCorp. They more or less all offer similar solutions, but looking at your current requirements, Remediant really excels in delivering a simple, yet very effective tool in a matter of days and weeks, not months and years. 
Read full answer
DN
Aug 14, 2023
Based on your extensive list of requirements, CyberArk Privileged Access Manager appears to align well with your needs due to its comprehensive feature set, strong security controls, integration capabilities, and advanced analytics for privileged access. However, it's important to conduct in-depth evaluations, demos, and discussions with each vendor to ensure that the chosen tool meets all your specific needs and integrates seamlessly into your existing infrastructure. However, I recommend visiting the official website of Broadcom (the company that acquired Symantec's enterprise security business) or contacting their sales representatives to get the most up-to-date information about their PAM solutions, including any rebranding or changes that may have occurred. When evaluating any PAM solution, it's essential to consider factors such as security, integration capabilities, ease of use, vendor support, scalability, and alignment with your organization's specific needs and compliance requirements. It's also a good practice to request demonstrations, proofs of concept, and references from vendors to ensure that the solution meets your expectations. Remember to involve key stakeholders, such as IT, security, compliance, and management teams, in the decision-making process to ensure alignment with organizational goals and requirements.
Read full answer
 

Top Industries

By visitors reading reviews
Educational Organization
32%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
6%
Computer Software Company
23%
Financial Services Firm
12%
Manufacturing Company
6%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
See all answers
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
See all answers
What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?
CyberArk Privileged Access Manager comes at a high cost. But the solution is worth its price.
See all answers
What do you like most about One Identity Safeguard?
The identity discovery is good, and the performance is pretty good value.
See all answers
What is your experience regarding pricing and costs for One Identity Safeguard?
One Identity Safeguard is expensive. The license is around $3,000 per month.
See all answers
What needs improvement with One Identity Safeguard?
One Identity's support is not appropriately structured, and it has a lot of room to improve.
See all answers
 

Comparisons

Microsoft Entra ID vs CyberArk Privileged Access Manager Logo
Microsoft Entra ID vs CyberArk Privileged Access Manager
Compared 10% of the time
Delinea Secret Server vs CyberArk Privileged Access Manager Logo
Delinea Secret Server vs CyberArk Privileged Access Manager
Compared 8% of the time
Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager Logo
Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager
Compared 8% of the time
WALLIX Bastion vs CyberArk Privileged Access Manager Logo
WALLIX Bastion vs CyberArk Privileged Access Manager
Compared 6% of the time
Saviynt vs CyberArk Privileged Access Manager Logo
Saviynt vs CyberArk Privileged Access Manager
Compared 3% of the time
More CyberArk Privileged Access Manager Competitors
WALLIX Bastion vs One Identity Safeguard Logo
WALLIX Bastion vs One Identity Safeguard
Compared 14% of the time
Delinea Secret Server vs One Identity Safeguard Logo
Delinea Secret Server vs One Identity Safeguard
Compared 10% of the time
BeyondTrust Privileged Remote Access vs One Identity Safeguard Logo
BeyondTrust Privileged Remote Access vs One Identity Safeguard
Compared 7% of the time
SailPoint Identity Security Cloud vs One Identity Safeguard Logo
SailPoint Identity Security Cloud vs One Identity Safeguard
Compared 6% of the time
Fudo PAM vs One Identity Safeguard Logo
Fudo PAM vs One Identity Safeguard
Compared 6% of the time
More One Identity Safeguard Competitors
 

Product Reports

Buyer's Guide
CyberArk Privileged Access Manager
December 2024
CyberArk Privileged Access Manager reportDownload CyberArk Privileged Access Manager product report
Buyer's Guide
One Identity Safeguard
November 2024
One Identity Safeguard reportDownload One Identity Safeguard product report
 

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
No data available
 

Learn More

CyberArk
One Identity
 

Overview

CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

Benefits of CyberArk Privileged Access Manager

Some of CyberArk Privileged Access Manager’s benefits include:

  • The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
  • The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
  • The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

Reviews from Real Users

CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

One Identity Safeguard manages and monitors privileged access, enhancing security with features like automatic session recording, real-time monitoring, and credential rotation. It integrates seamlessly, supports compliance with audit trails, and improves operational efficiency across organizations. This robust platform significantly bolsters security protocols while controlling sensitive operations.

 

Sample Customers

Rockwell Automation
Cavium
Buyer's Guide
CyberArk Privileged Access Manager vs. One Identity Safeguard
December 2024
Free Report: CyberArk Privileged Access Manager vs. One Identity Safeguard
Find out what your peers are saying about CyberArk Privileged Access Manager vs. One Identity Safeguard and other solutions. Updated: December 2024.
DOWNLOAD NOW
823,875 professionals have used our research since 2012.
See our CyberArk Privileged Access Manager vs. One Identity Safeguard report.
See our list of best Privileged Access Management (PAM) vendors.

We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.