Technology Integrations

Leverage your existing security investments

One Identity Safeguard provides integrations with many leading IT vendors in the fields of virtualization, cloud, identity management and SIEM. Through our flexible API and plugin framework, you can seamlessly leverage Safeguard's capabilities for your existing security ecosystem to bolster your protection against internal and external threats.

Technology Platforms


One Identity is a Citrix Ready PLUS partner. As a Citrix verified solution, Safeguard for Privileged Sessions supports the Citrix ICA protocol to access virtual desktop and application server infrastructures of Citrix. SPS is the first client- and server independent solution, which can transparently control and audit access to XenDesktop and XenApp deployments. SPS is a powerful Citrix Session Recording alternative. SPS is a quickly deployable enterprise device – integrating seamlessly into existing Citrix environments.


Quest/One Identity is a VMware Technology Alliance Partner. Safeguard for Privileged Sessions supports the VMware View protocol, allowing to monitor and record all user activities in a VMware Horizon environment. As Safeguard for Privileged Sessions supports the HTTP(s) protocol, you can also audit your VMware administrator managing the vSphere infrastructure. In addition, Safeguard is available as a virtual appliance, that runs on VMware ESX.

Learn More

Microsoft Azure

Controlling and monitoring privileged users in the cloud is a major security challenge today. To prevent insider threats in your Microsoft cloud, you can deploy Safeguard for Privileged Sessions from the Microsoft Azure Marketplace, with a bring-your-own-license model. This option enables small and mid-sized enterprises to conveniently audit the activity of their privileged users across their on-premises and cloud infrastructures. SPS is also available as a virtual appliance, that runs on Microsoft Hyper-V.

Learn More

Amazon Web Services

You can also deploy Safeguard for Privileged Sessions to your AWS cloud environment with a bring-your-own-license model. This option enables small and mid-sized enterprises to conveniently audit the activity of their privileged users across on-premises and cloud infrastructures. Safeguard for Privileged Passwords can even securely manage the credentials of AWS users.

Learn More


One Identity is a member of the NetApp Alliance Program. Safeguard for Privileged Sessions supports the NetApp CIFS, the file system supported by NetApp, the leading storage manufacturer. Audit trails can be natively backed up and archived to NetApp NAS storage appliances.

Security Information and Event Management (SIEM)

Splunk Enterprise

Security events managed by Splunk can be extended to cover privileged user activity with Safeguard for Privileged Sessions. Safeguard for Privileged Analytics enriches Splunk data by sending issued commands and prioritized user and activity lists. Also, all information is searchable and visualized in the Splunk web GUI, simplifying security operations.

Micro Focus ArcSight

One Identity is a Micro Focus Technology Alliance Partner. Our Safeguard for Privileged Sessions has a Micro Focus ArcSight Certified integration, which means it can send logs containing user-related data and activity information to the Micro Focus ArcSight Data Platform. With this integration, security analysts can monitor privileged users’ daily activities via a single pane of glass in the SIEM system. It means that security operations can be simplified by improved alerting, faster incident investigations and deep, forensic visibility of high-risk user actions.

Learn More

Infrastructure Security


Quest is a Registered Integration Partner of Qualys. Qualys scanner appliances have an integration with One Identity’s password vault product the One Identity TPAM. This enables mutual customers to do authenticated vulnerability scans on their IT infrastructure.

IT Services Management


As change management (e.g. ticketing) systems are not enforcement points, they are not capable of monitoring the real activities of support staff in IT systems. Safeguard provides a plugin to integrate with ServiceNow, enabling ticket ID request and validation prior to authentication on target servers. By granularly controlling and monitoring the work of IT support staff in real-time, Safeguard for Privileged Sessions provides an additional layer of security for your organization.

Learn More

Multifactor Authentication


One Identity is an RSA Ready Technology Partner. Safeguard offers certified integration with RSA SecurID, implementing two-factor authentication to ensure that only authorized users can access their privileged accounts. This can simplify strong authentication implementation while enforcing MFA authentication requirements across the board. This integration provides an extra security layer enabling a centralized, secure access for privileged users via single sign-on to an organization’s IT assets.

Yubico Yubikey

Safeguard for Privileged Sessions and One Identity Defender 2FA integrates with Yubico’s Yubikey hardware for two-factor authentication. The additional factor is processed in-line with the connection, so users don’t have to switch to an external application to process the additional factor. This results in an efficient user experience that is readily accepted by the users. In addition, other One Identity products including Identity Manager, Password Manger, Safeguard, and Cloud Access Manager also have tested integration with Yubikey.

Download SPS Plugin

Other MFA integrations are available with the following products:

Okta Adaptive Multi-Factor Authentication - Download plugin

DUO MFA - Download plugin

InWebo 2fa - Download plugin

Privileged Identity Management

One Identity TPAM

Privileged password vaults such as TPAM are a necessary first line of defense for privileged accounts. However, they have access control and monitoring limitations, which is why behavior has become so important. Safeguard for Privileged Sessions offers plugin support to integrate with One Identity TPAM (formerly known as Quest TPAM). So, you can control and monitor privileged user sessions, without giving users access to the privileged passwords managed by TPAM.

Cyberark® Enterprise Password Vault®

One Identity offers an easy way to connect our Safeguard for Privileged Sessions with CyberArk® Enterprise Password Vault®. Using these products together, you can create a comprehensive Privileged Access Management solution that protects critical assets and meets compliance requirements related to access control.


Other PIM integrations are available with the following products:

  • Thycotic Secret Server
  • Bomgar Privileged Identity (formerly Lieberman Rapid Enterprise Defense (RED) Identity Management)
Note: The One Identity name is trademark of One Identity S.A. All other registered and unregistered logos and trademarks used on this Site are the property of their respective owners. One Identity is not an authorized partner of CyberArk®. The technical interoperability with CyberArk® is based on CyberArk® Enterprise Password Vault® ver.7.20. The interoperability has not been endorsed or authorized by CyberArk®.