We performed a comparison between BeyondTrust Password Safe and HashiCorp Vault based on real PeerSpot user reviews.
Find out in this report how the two Enterprise Password Managers solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product has improved security and login due to the system recordings. In case, there is a doubt that someone has done something which they shouldn't have been doing, we can just go back and check what the user actually did."
"Smart Rules is a nice feature in BeyondTrust. It is a unique feature that BeyondTrust has as compared to other vendors such as CyberArk. With Smart Rules, you can do automatic onboarding of accounts. There are a lot of options and features. For example, you can do onboarding based on different AD attributes. It is a nice feature in BeyondTrust that some of the other PAM vendors don't have. With other vendors, we have to create our own scripts, whereas, with BeyondTrust, we can just use the in-built Smart Rules."
"Screen recording is valuable, and integration with applications is easy. We can customize whatever we want. We did a lot of application integration using scripting."
"Its number one feature is discovery. The discovery engine in BeyondTrust is off the charts. When they perform a discovery, you know everything there is about a server, including what software is installed. For example, if you want to group all of your database servers together, you can do that by using discovery and Smart Rules. If a server has Microsoft SQL installed, it gets put into a group based on a Smart Rule. It makes it very easy to determine what is what in your environment. As organizations grow or acquire other companies and merge, they lose track of what they have. BeyondTrust can help you throw a rope around it very rapidly."
"It simplifies your compliance and tracking to benchmark other credentials and analytics."
"It provides integrated password and session management in one solution, which is important for us because, from an auditing standpoint, we are accountable for the type of access being used. We need to ensure that accounts are securely stored and there is the right type of accountability around who is gaining the access. After gaining it, how they're using it, where they're using it, etc."
"One of the most valuable features is that this is a product designed with enterprises in mind."
"The ability to manage privileged account passwords is the most valuable feature."
"The tool's dynamic rotation of the password credentials is good."
"For me, the most valuable features include that it's easy to manage and maintain the password API for retrieving passwords and other things."
"The solution is stable. It has been working perfectly without any problem."
"We use the solution for secret management."
"We were using it because we have compliance requirements around secret management. Having a secure vault and encrypting data was an additional requirement. When we looked at it first, we were just looking for a vault, like a lockbox. The greatest benefit of HashiCorp is its ability to manage encryption on the fly. It provides encryption of data at rest, in use, in transit, on the fly, and linked with applications, which was really attractive."
"The interface is very simple to navigate."
"It can still be configured by a separate team other than developers. That's why I think it's more secure."
"The most valuable feature of HashiCorp Vault is that it's an open source solution. Second, it's cloud agnostic, so it's very easy to maintain and control, which is why we prefer HashiCorp."
"There is a limited capacity on the appliance, which I wasn't informed about when I purchased the product. I can have a maximum of 150 rules per appliance; any more than that and rule processing becomes very complex, especially regarding password revision. Hitting a capacity limit you don't know about can be problematic. Ideally, we would not have a limited capacity, allowing us to be in a completely managed state with password rotation for every service account, not just the highly privileged ones."
"The database instance onboarding should be simplified. The problem is that you can scan the assets and databases inside a server, but you cannot onboard them or manage them with the smart tools. It has to be done manually. I think they should try to include more custom platforms."
"Its documentation can be improved. Its documentation is currently complicated, and it is not good. It needs to be better. Their technical support can also be improved. It is not bad, but it can be better."
"If there was one thing, it would be having the documentation standardized. They should keep the documentation consistent. For example, when BeyondTrust updated one of their admin guides, they left out the information on the discovery account requirements, and then over a period of time, we ended up having to search multiple different documents to put together a string of information for a specific topic, which was problematic. It was minor, but it was problematic. Standardized documentation would be the one thing I would suggest."
"The pricing is not cheap, but it could be better."
"We don't have much control over the appliance. When anything happens in the backend, we have to depend on the support team. We need to raise a case so that they can update the appliance. If we have control over it, we would be able to troubleshoot easily."
"Named accounts don't work well in this solution. If you use named accounts for your administrative access, the way Smart Rules work is that it takes your SAM account name and matches it to the account name of your privileged ID, which creates limitations on size and how big those names can be because the directory has a 20-character limit."
"The only feature they could improve is the banners because they aren't informative. For example, if something is not correct and I open the error notification, the dialogue box simply says, "This is an error." It would be great if they could provide some valuable comments about how to fix the errors."
"In terms of features, the only thing that I found a little bit hinky was that there was no revocation or deletion on the model we were using. Once in a financial year, a client interacts, and you pay for that client for the year. So, there are just little things like that in the pricing. There should be more clarity around the end of the key. I know there is no system like this. They all are the same. I tested Microsoft, Google, and some others, and none of them really want you to delete a key, which makes sense. You delete a key, and you lose everything that it has wrapped or encrypted, but it's actually just a language. Deletion isn't really deletion. It's really revocation, but overall, HashiCorp Vault ticked all the boxes for us, and I couldn't fault it."
"The technical support was hard to get a hold of and lacking in service."
"In my opinion, HashiCorp Vault could improve its user interface. Right now, they don't offer much in terms of a graphical interface, which means you usually have to manage things manually through API calls. I think CyberArk has a better approach because it provides a UI that integrates features across all its components, making it easier, especially for new users or those from organizations with strict licensing policies."
"I would like to see better integration of HashiCorp Vault with SAP products."
"I would rate the stability a six out of ten. There are some bugs and glitches. We are in touch with the vendor to resolve them."
"The solution could be much easier to implement."
"The product needs to improve its customization. It should be also more like easy to plug and play."
"There could be a plugin for the database to change the secret automatically. It would be an efficient feature for password security."
BeyondTrust Password Safe is ranked 5th in Enterprise Password Managers with 19 reviews while HashiCorp Vault is ranked 3rd in Enterprise Password Managers with 16 reviews. BeyondTrust Password Safe is rated 7.6, while HashiCorp Vault is rated 8.2. The top reviewer of BeyondTrust Password Safe writes "Allows us to automatically rotate passwords, set the complexity, and enforce password policies on privileged accounts". On the other hand, the top reviewer of HashiCorp Vault writes "Useful for machine-to-machine communication and has secret engine feature ". BeyondTrust Password Safe is most compared with Azure Key Vault, LastPass, Delinea Secret Server, BeyondTrust Privileged Remote Access and CyberArk Enterprise Password Vault, whereas HashiCorp Vault is most compared with Azure Key Vault, AWS Secrets Manager, CyberArk Enterprise Password Vault, Keeper and LastPass. See our BeyondTrust Password Safe vs. HashiCorp Vault report.
See our list of best Enterprise Password Managers vendors.
We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.