We performed a comparison between CyberArk Privileged Access Manager and Delinea Secret Server based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Delinea Secret Server has an edge over CyberArk in this comparison. According to reviews, Secret Server is easier to set up, more reasonably priced, and more user friendly.
"We found the initial setup to be easy."
"It enables us to secure accounts and make sure they are compliant."
"It has helped from an auditing perspective identify who has access to privileged accounts."
"It has helped us with our adoption with other teams, and it has also helped us to integrate it at the ground level."
"Enterprise Password Vault, Privilege Session Manager, and Application Identity Management have been very useful for our client environment."
"Performance-wise, it is excellent."
"You can write different types of policies for custom business needs or any developer needs. If they need certain functions allocated, they can be customized easily."
"Right off the bat, the most valuable feature is the DNA scan. It gives us the ability to scan our environment and find the accounts that we're going to need to take under control."
"The most valuable feature of Delinea Secret Server is secret password management."
"It works for us."
"I like the one-way hash, as well as the ability to store it in the cloud and access it from anywhere."
"The secret template, password rotation, and recording sessions are the most valuable."
"One of the features I find most valuable is workflow, which allows you to configure the solution to have multiple approvals."
"The solution is scalable."
"The privileged access management, which is the Safe Access Model is the most valuable feature."
"The discovery engine is really robust and flexible. It had some session management features that are better compared to some other vendors. Overall the GUI is very good and straightforward to operate compared to other solutions. For example, CyberArk and Hitachi tend to be hard to navigate."
"The PTA could be improved. Currently, companies often have multiple domains and sometimes it's difficult to implement CyberArk in this kind of infrastructure. For example, you can add CPM (Central Policy Manager) and PSM (Privileged Session Manager and PVWA (Password Vault Web Access) for access, but if you want to add PTA (Privileged Threat Analysis) to scan Vault logs, it is difficult because this component may be adding multiple domain environments."
"it manages creds based on Organizational Units. That is, a "safe" is limited to specific OUs. That makes for very elaborate OU structure, or you risk exposing too many devices by putting most of them in fewer OUs."
"There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
"PAM could be more user-friendly and CyberArk could update the documentation to include more real-world examples. You have to learn it yourself through trial and error. In particular, the online documentation should have more information about troubleshooting."
"Many of the infrastructure folks who use the product dislike it because it complicates their workflow. They get a little less control, and they have to go through a specific solution. It proactively logs in for them, which obfuscates some of the issues that they may be troubleshooting."
"The web access piece needs improvement. We have version 9.5 or 9.9.5, and now we have to upgrade to version 10."
"Report creation could be improved. The policies could be more customized."
"New functionalities and discovered bugs take longer to patch. We would greatly appreciate quicker development of security patches and bug corrections."
"The solution could be more user-friendly."
"The API is no good."
"When working with larger enterprises Thycotic Secret Server becomes a little cumbersome to work with because they do not allow as much flexibility as some of the other competitors, such as CyberArk. Thycotic Secret Server could improve by being more flexible when it comes to customization, and increase the number of API integrations."
"The technical support needs improvement. For example, if you have any problems on the server configuring the IIS, they would provide you very limited details and they would tell you the problem is on your end."
"Installation can sometimes be difficult, depending on the environment."
"Support could be better. I have heard about a lot of problems in the Bangladesh market. People are saying that there are support issues. So, Delinea should focus on support and services."
"Delinea Secret Server can improve by extending the monitoring policies and making the performance better."
"The tool should integrate additional features like OCR."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews while Delinea Secret Server is ranked 2nd in Privileged Access Management (PAM) with 47 reviews. CyberArk Privileged Access Manager is rated 8.8, while Delinea Secret Server is rated 8.2. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Delinea Secret Server writes "Effective for password rotation policies triggered by audit requirements, it helps maintain compliance standards and seamless integration with third-party tools ". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, WALLIX Bastion, One Identity Safeguard and ManageEngine PAM360, whereas Delinea Secret Server is most compared with Azure Key Vault, HashiCorp Vault, IBM Security Secret Server, ManageEngine PAM360 and CyberArk Enterprise Password Vault. See our CyberArk Privileged Access Manager vs. Delinea Secret Server report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hello Avinash, it all depends on the timeline and urgency of the project. If you need to deploy a PAM tool that focuses on standing privileges, stopping lateral movement, and incorporating Zero Standing Privileges as part of Zero Trust, then please consider looking at Remediant. I've worked for BeyondTrust and have gone up against the other big players such as Delinea, Centrify, CyberArk, and HashiCorp. They more or less all offer similar solutions, but looking at your current requirements, Remediant really excels in delivering a simple, yet very effective tool in a matter of days and weeks, not months and years.