We performed a comparison between CyberArk Privileged Access Manager and Okta Workforce Identity based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task."
"The automatic password management is the most important feature. The second most important feature is the ability to enforce dual control on the release of those passwords. The combination of these two features is the most important thing for us because we can show that we're in control of who uses any non-personal account, and when they do so."
"CyberArk has been easy for us to implement and the adoption has been good. We've been able to standardize a bunch of things. We've been able to standardize relatively easily with the use of the platforms and managing the policies."
"I found it valuable that CyberArk Privileged Access Manager can be integrated with PTA (privileged threat analytics), and this means that it will tell you if there's a risk to the logins and signs of risk and if risky behavior is observed. It's a good feature. Another good feature is the CPM (central password manager) because it helps you rotate the passwords automatically without involving the admins. It can go and update the scheduled tasks and the services. At the same time, if there's an application where it cannot do all of these, CPM will trigger an automatic email to the application owners, telling them that they should go ahead and change the password. This allows you to manage the account password that CyberArk cannot manage, which helps mitigate the risk of old passwords, where the password gets compromised, and also allows you to manage the security of the domain."
"I really like the PTA (Privileged Threat Analytics). I find this the best feature."
"The product has allowed us to improve both the management and access to privileged credentials, while also creating a full audit trail of all activities happening within isolated sessions of all tasks and activities taking place within the solution."
"The automatic rotation of credentials is probably the most useful feature."
"The automatic change of the password and Privileged Session Manager (PSM) are the most valuable features. With Privileged Session Manager, you can control the password management in a centralized way. You can activate these features in a session; the session isolation and recording. You apply the full intermediation principle. So, you must pass through CyberArk PAM to get access to the target system. You don't need to know the password, and everything that you do is registered and auditable. In this case, no one gets to touch the password directly. Also, you can implement detection and response behavior in case of a breach."
"Okta controls all the users. It has context-based access from the user and type of device. It identifies the risk and can do a step of authentication when that user is trying to access some sensitive application from an unknown device."
"The product is easy to use."
"The solution so far has been very stable."
"Other than Okta being an easy and awesome integration tool, one of the best features it has is the provisioning and deprovisioning, which makes management way easier. You don't need to be too technical to understand how it works."
"The most valuable features depend on a customer's needs. Our customers generally find multi-factor authentication very useful."
"The solution can scale very well."
"It's easy to use and straightforward."
"One of the most beneficial features of the solution is the user provisioning and the de-provisioning feature."
"The documentation is rather basic and it is missing many use cases."
"One thing that could be improved is to create of a better alternative for fixing group policy fees. We currently use Microsoft, but they have introduced new policies that may not be compatible."
"The authentication port is available in CyberArk Alero but not Fortinet products."
"As a customer, I might need a plugin for a specific product, or an application, and CyberArk might have already worked with some other client on it. There has to be some platform where it is available for everybody else to go and grab it, instead of my having to reinvent the wheel."
"The support services could act faster when people reach out to resolve issues."
"I would like to see improvement in the custom connector for integration with different devices."
"As they grow, the technical support is having growing pains. One of the things is just being able to get somebody on the phone sometimes."
"More than the product itself, there is room for improvement in the documentation. The documentation should be very detailed and very structured. It has a lot of good information, on one level, but I feel that it could be more elaborate and more structured."
"On the admin side, we can create our own passwords instead of generating one, which is usually difficult to explain to a user."
"We still had to write several internal programs/scripts to complete the user-provisioning process. Okta does not have the ability to provision mailbox accounts for on-premise Exchange or in a hybrid O365 environment. The Group Push function from Okta to AD did not work reliably in our environment."
"In my country, there's a lot of stealing of mobile phones, and mobile phones are the authentication device through the Okta application. If someone should steal my mobile phone, which is very common in my country, he or she might have access to my company account. That's my concern."
"The product is expensive compared to other tools."
"Okta Workforce Identity could improve the support system, they are too slow."
"The pricing could be improved."
"It can have more API integrations."
"It only facilitates provisioning and not de-provisioning."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 143 reviews while Okta Workforce Identity is ranked 3rd in Access Management with 58 reviews. CyberArk Privileged Access Manager is rated 8.8, while Okta Workforce Identity is rated 8.4. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Okta Workforce Identity writes "Extremely easy to work with, simple to set up, and reasonably priced ". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas Okta Workforce Identity is most compared with Microsoft Entra ID, Google Cloud Identity, SailPoint IdentityIQ, Saviynt and Cisco Duo. See our CyberArk Privileged Access Manager vs. Okta Workforce Identity report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.