Pentest-Tools.com vs. SailPoint Identity Security Cloud

This website is well suited for organisations that perform regular security assessments. In particular, external scans and reconnaissance. As an example, I am able to run a report on our Wordpress website to enable me to see whether we are missing any important security updates. We found it to be very useful for training new security analysts, due to the straightforward GUI. You can work on the same projects together to help you to do this. Having it laid out in front of them helps them to understand the concepts much easier than using dozens of different tools to achieve the same goals, and also speeds up training. If you're a personal user it may not be appropriate due to price. If you are a personal user, I would advise using the many open source tools there are that do the same things. The strength of this platform is that it combines them into a single pane of glass, but you can achieve the same things with other tools if necessary. For example, there are many other tools that you could use to run a UDP port scan that do not cost money (EG NMAP)

Incentivized

As discussed in previous sections, it does integrate well with other systems, and basic JML works well; it's very powerful and customizable in these areas (though also complex). The downsides are in areas like access reviews, where it's less customizable (no way to automatically send a review to the owner for a set of access items; each review needs an individual to be selected for it).

Incentivized

• Cheaper than some other platforms
• Good support
• Cloud based
• Integrates well with identity providers

Incentivized

• Brings users access, profiles and accounts all into one place
• Manages the Life Cycle Management process across ALL identities, permanent and Temporary
• Secures and manages access to critical applications and resources across the group
• Enables Info. Security to customise, share and delegate authority across the group
• Single version of the truth across our technology platform

Incentivized

• No logging for things like scanning. This means you don't actually know when the scan has failed if you're not immediately on the ball.
• Reports could look better. It would be good to be able to customise the report with some different styles to suit your company's branding.
• Could have better tutorials.
• It may be useful to have a feature similar to Microsoft Secure Score, which compares your organisation to similar ones, so that you have a reference of how secure your environment actually is.

Incentivized

• The user interface is not very intuitive. It is hard for the occasional user to navigate through the request process. There are no instructions on the screen to help the user to know what to do. It is left up to the user to figure out what to click on and how to navigate through the process.

Incentivized

Its a best tool for a CISO, works very well, easy to use, great connectors and integrations, great reports, automated reviews, full compliance, great support to a JML (Joiners, Movers and Leavers) project;

Always improving the UI, so it's getting better. Some areas are fully featured, but others, such as Separation of Duties reporting and policies, are very weak.

Incentivized

Support for Customizations is very limited.

Incentivized

The first journey isn't easy because you need to win your internal process and problem concern and Sailpoint have many experience to support this phase, and make the real difference into the client experience;

Offers a great number of tools in one interface, giving you a single pane of glass to work from. Therefore, it's favourable compared to some of these other products, that do similar things but are less intuitive and less easy to use. This makes it not only easier to use, but easier to report results to your customers. Also, although the price point can seem high, once you start adding multiple paid tools that do the same job, there probably isn't a massive amount of difference (if any)

Incentivized

The on-prem SailPoint IdentityIQ platform provides the necessary customization that is required in our dynamic environment. Although we may look at a cloud-based Identity Management service again in the future, (there are many advantages), our identity management, authentication, and application assignment processes cannot be quickly consolidated to a single cloud-based service at this time.

• Price point allows us to sell the solution at an excellent margin
• Freed up time due to the automated solutions, allowing us to utilise staff better
• Use from anywhere due to being cloud based

Incentivized

• Over 300,000 password change/reset calls avoided to the helpdesk annually.
• 1,000 plus accounts with proper accesses provisioned via automated birthright processes weekly versus 1-2 days of manual provisioning and approvals. With a call center population that churns many people per week, this brings many dollars of efficiency to the operations teams.
• Flexibility on terminations to manage accounts and access for target applications based on regulatory or business rules to ensure compliance and avoid fines for non-compliance.

Incentivized