Which vendor is the leader in IAM and what makes them stand out?
Sort by:
Depends on your use case and how much you want to spend. According the Gartner Magic quadrant the leaders are PING, OKTA, and Forgerock in many areas in IAM. From the maturity, flexibility, and coverage I see Forgerock over these others. ping just recently acquired DaVinci for their orchestration component and it’s being built out with lord connectors- definitely one to watch but for now Forgerock.
Okta because of its breadth of capabilities, but looking at Microsoft.
Okta. Seems right now the cool kid on the block.
Well I have used Microsoft, Oracle, Ping Identity, CyberArk, Oracle, Auth0 and Okta across different organizations. They cater to different segments of the market though Okta probably covers the depth and breadth of offering. So if someone asked me for a recommendation, I would say if you can afford it, go with Okta.
The future is all about decentralized identity; there are many startups promising federated and self-sovereign decentralized identities. One of the startups is Fortytwo42 Technology Innovations* (www.fortytwo42.in).
* Disclosure: I am an investor in this company
I think it depends on your use case. Okta is a great product but doesn’t really address PAM. It also doesn’t work well when you have on-prem AD tools and aren’t mainly using the cloud directory service. It also doesn’t scale incredibly well. At the same time they have a lot of SSO workflows out of the box which can make it incredibly quick to implement.
One of the challenges with answering this question is that IAM is such a broad category that even what you would consider a leader will still have some gaps when it comes to components of the IAM workflow. For example if you’re all Azure then Microsoft can work pretty well with it’s DaaS/SSO/MFA/PIM but once you go outside that ecosystem PIM won’t hold for your PAM at which point you need to start looking at CyberArk or BeyondTrust. This also doesn’t account for how easy a tool is to roll out and how well you can execute from a people/process standpoint.