We performed a comparison between BeyondTrust Endpoint Privilege Management and BeyondTrust Password Safe based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Reduces major vulnerabilities by removing local administrator privileges."
"It scales easily and the product is stable."
"The privileged access and the application control are helpful in making sure we have good, robust challenge responses. Blacklisting with trusted application protection is also beneficial for us."
"The features related to application elevate is amazing. It helped the company to remove almost all admin local users."
"Logs that get collected on the Privilege Management console from the agents are very good. They help us to identify the aspects from which we have to whitelist an application."
"It's relatively straightforward to set up, especially if you are deploying to the cloud."
"The implementation is quite easy because the documents are always online."
"What I liked about this solution is that it can also integrate for tracking malicious use or sending analytics to a host that can process them. I don't know if CyberArk, Centrify, or Thycotic can do that. The analytics was something the client really wanted, and they already had BeyondTrust. It is very scalable. The agent on the workstation is very thin, and the processing power required on a server is nothing out of the ordinary. It is also very stable and easy to deploy."
"The product has improved security and login due to the system recordings. In case, there is a doubt that someone has done something which they shouldn't have been doing, we can just go back and check what the user actually did."
"Smart Rules is a nice feature in BeyondTrust. It is a unique feature that BeyondTrust has as compared to other vendors such as CyberArk. With Smart Rules, you can do automatic onboarding of accounts. There are a lot of options and features. For example, you can do onboarding based on different AD attributes. It is a nice feature in BeyondTrust that some of the other PAM vendors don't have. With other vendors, we have to create our own scripts, whereas, with BeyondTrust, we can just use the in-built Smart Rules."
"One of the most valuable features is that this is a product designed with enterprises in mind."
"The best aspect of the product is the ability to onboard devices. You can scan the IP subnets and onboard all the devices. You can then segregate them if it's a network device or a firewall. If it's a Windows server or a UNIX, you can basically scan your IT infrastructure and onboard the efforts, which should be managed. Once they have been onboarded, then the session management and password management are easy and nicely configurable."
"I like the session recording feature. I also like the analytics and reports. You can pull up a report, and the UI is fantastic. The system is recording when nobody's there, so we have a record of what's happening."
"The solution protects organizations from internal and external threats."
"Session recording, password rotation, and password vaulting are the most valuable features."
"The actual innovations offered by the vendor stand out to me. They are quick to respond to market demands and the changing environment of privileged access management."
"The initial setup was very difficult. Even if you are an expert in EPM, it is still very difficult."
"The weaknesses are related to the effort required to migrate from existing technologies or having no Privilege Access Management (PAM) at all to adopting technologies like BeyondTrust. It involves changes in processes and can take a significant amount of time, typically six to twelve months."
"It should support XWindows Remote Desktop Access protocol for Linux/Unix."
"The deployment process should be clarified or made simpler. It would be helpful if the solution had in-app tutorials for users to look at as they progress through the system. Sometimes we get lost and need to go back to check what exactly the function was. There should be small hints around major key functions. It would go a long way in speeding up the deployment process."
"How the accounts are presented in the solution's UI can be improved."
"There is room for improvement in having the solution align more with standards. We're always shoehorning the product into the standards. It's not that it doesn't work for standards, it does. But Quick Start Policies are pretty close to what we need. The vendor needs to keep looking at GDPR, 27001, and 27701. That's why our clients buy the product."
"The program updates are very rare and the frequency is too far apart to take care of bug fixes and adding the latest features."
"Their technical support could be more responsive and helpful."
"It has crashed on us in the past."
"The pricing is not cheap, but it could be better."
"There is a limited capacity on the appliance, which I wasn't informed about when I purchased the product. I can have a maximum of 150 rules per appliance; any more than that and rule processing becomes very complex, especially regarding password revision. Hitting a capacity limit you don't know about can be problematic. Ideally, we would not have a limited capacity, allowing us to be in a completely managed state with password rotation for every service account, not just the highly privileged ones."
"The database instance onboarding should be simplified. The problem is that you can scan the assets and databases inside a server, but you cannot onboard them or manage them with the smart tools. It has to be done manually. I think they should try to include more custom platforms."
"The product needs to have better integration with SAP products."
"We don't have much control over the appliance. When anything happens in the backend, we have to depend on the support team. We need to raise a case so that they can update the appliance. If we have control over it, we would be able to troubleshoot easily."
"I think that BeyondTrust Password Safe could be improved with more testing. In the beginning, they were practically using customers as beta testers. Maybe the product has evolved since I last used it, but if you look at PAM, privileged access management, whatever's out there has already been done. I don't see there being any other enhancements that are being made regarding PAM, except to support more cloud-based applications."
"We weren't aware that the Password Safe virtual appliance runs on a Windows server. As part of our monthly patching process, we ran into an issue. BeyondTrust Password Safe wasn't compatible with the patching we used to put on our server."
More BeyondTrust Endpoint Privilege Management Pricing and Cost Advice →
BeyondTrust Endpoint Privilege Management is ranked 5th in Privileged Access Management (PAM) with 27 reviews while BeyondTrust Password Safe is ranked 7th in Privileged Access Management (PAM) with 19 reviews. BeyondTrust Endpoint Privilege Management is rated 8.0, while BeyondTrust Password Safe is rated 7.6. The top reviewer of BeyondTrust Endpoint Privilege Management writes "Admin rights can be granted and revoked within minutes and that is what everything comes down to, for us". On the other hand, the top reviewer of BeyondTrust Password Safe writes "Allows us to automatically rotate passwords, set the complexity, and enforce password policies on privileged accounts". BeyondTrust Endpoint Privilege Management is most compared with CyberArk Endpoint Privilege Manager, Cisco ISE (Identity Services Engine), CyberArk Privileged Access Manager, Delinea Secret Server and Symantec Identity Governance and Administration, whereas BeyondTrust Password Safe is most compared with HashiCorp Vault, Azure Key Vault, LastPass, BeyondTrust Privileged Remote Access and WALLIX Bastion. See our BeyondTrust Endpoint Privilege Management vs. BeyondTrust Password Safe report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.