We performed a comparison between CyberArk Privileged Access Manager and Saviynt based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."We found the initial setup to be easy."
"The automatic change of the password and Privileged Session Manager (PSM) are the most valuable features. With Privileged Session Manager, you can control the password management in a centralized way. You can activate these features in a session; the session isolation and recording. You apply the full intermediation principle. So, you must pass through CyberArk PAM to get access to the target system. You don't need to know the password, and everything that you do is registered and auditable. In this case, no one gets to touch the password directly. Also, you can implement detection and response behavior in case of a breach."
"It takes people out of the machine work of ensuring credentials remain up-to-date, and handles connection brokering such that human usage and credential management remain independent."
"The most valuable features of the solution are control and analytics."
"We have been able to manage application credentials in CyberArk, whether they come as a custom plugin or straight out-of-the-box."
"We like it for the ability to automatically change passwords. At least for my group, that's the best thing."
"Our go-to solution for securing against the pass the hash attack vector and auditing privileged account usage."
"The most valuable feature is Special Monitoring."
"It gives very good and in-depth knowledge about a particular identity. Everything is through a single click. We get to know the workflows related to a particular identity with a single click."
"Saviynt is used for the greenfield implementation for the whole IAM, IGA, MFA, SSO, and access management."
"It is a flexible tool because it works on JSON."
"Some of the self-service capabilities are quite powerful."
"Saviynt provides built-in access recommendations, while SailPoint IdentityNow offers access recommendations through a separate AI integration that requires additional licensing. Saviynt functions as a unified platform for various business operations, consolidating user and access data from multiple sources into a single platform. This allows for leveraging the same user base and data across different business functions, including access governance, privileged access management, data access governance, and third-party access governance. In contrast, SailPoint is a decoupled tool, requiring separate integration for managing access and permissions, especially for unstructured data. Saviynt's approach is more integrated and streamlined, providing a unified platform for access recommendations and various business operations."
"Saviynt has better integration with enterprise systems like SAP, Microsoft, Adobe, and AWS."
"The repository has many features where you can define primary and secondary owners."
"It's a highly functional system and a very well rounded solution. The onboarding of applications is solid. Their user access reviews are very good. Their role-based model and their identity life cycle stuff are solid. It's a very well rounded, strong product."
"The documentation is rather basic and it is missing many use cases."
"Make it easier to deploy."
"The product could be easier to use. More work needs to be done on this aspect; it is not good enough yet. It also takes up a lot of server space. Sometimes we need to use up to seven servers."
"They can do a better job in the PSM space."
"Areas the product could be improved are in some of the reporting capabilities and how the reports are configured."
"Performance of PIM could be better and intended for usability as well as security."
"Some aspects of the administration need improvement, though they have recently made improvements to the API. However, the management with the interface and configuration are not so user-friendly. It has not changed much during all the years that CyberArk has been on the market. The management part, like platform management as well as PSM connectors definition and management, could be improved, even if it has already been done with the API."
"CyberArk PAM is a very broad product as everyone's requirements for implementation are different. In our particular case, the initial implementation was planned and developed by people who didn't know our specific network requirements, so the initial implementation needed to be tweaked over time. While this is normal, at the time all these "major" changes required CyberArk professional services to come in-plant and "assist" with the changes."
"The product's stability is not easy to maintain."
"An area for improvement in Saviynt is that there's a limitation on the number of logs you can get from the past twenty-four hours. For example, if the data is huge, the tool can only give you a maximum of one hundred logs. You can't get any further than that. In the next version of Saviynt, however, you can get more logs and you'll see them inside the log rotation. For example, when you're trying to search inside the log, you can select a date range, and then you can search for a particular log. We haven't used that new log rotation feature yet, but it's included in the next release of Saviynt. Another area for improvement in the tool is that it doesn't have a server monitoring feature, so if your server has a high load, it should give you a warning. You're supposed to get an alert similar to what's being done in WebLogic. In WebLogic, we had a separate facility, but in Saviynt, that feature's missing."
"In terms of improvement, it's really just a matter of them getting more mature. It's a relatively new solution and they probably need to streamline a few of the processes as they mature. But there are not too many problems."
"According to feedback I've received, some users prefer SailPoint over Saviynt in real complex environments. SailPoint has its provisioning platform. Complex integrations may pose challenges in scenarios like a large bank with thousands of users, making SailPoint a preferred choice for some."
"It should support more customizations. In SailPoint, we can do many customizations, but we are not able to do that in Saviynt. For workflows and other things, we can only use what is already in place. Saviynt has a lot of scope for improvement on the customization part."
"The customer support and implementation services need to be improved."
"The solution is hosted on AWS cloud, and there is some dependency that affects our bottom line."
"The biggest drawback is that for every change you want to make, you have to go back to them and ask for it."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews while Saviynt is ranked 5th in Identity Management (IM) with 21 reviews. CyberArk Privileged Access Manager is rated 8.8, while Saviynt is rated 7.4. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Saviynt writes "Used for IAM, IGA, MFA, SSO, and access management". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and Fortinet FortiAuthenticator, whereas Saviynt is most compared with SailPoint Identity Security Cloud, Microsoft Entra ID, Okta Workforce Identity, Microsoft Identity Manager and Microsoft Entra Permissions Management.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
