We performed a comparison between CyberArk Endpoint Privilege Manager and Microsoft Defender for Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It offers great performance."
"It has drastically reduced the attack surface for local administrative rights and the chance of escalation of privilege. We've removed, at this point, close to 98 percent of the local administrative accounts on workstations. If there were an incident, it would stop at that point and we'd be able to know."
"The most valuable feature of CyberArk Endpoint Privilege Manager is its ability to reset passwords every time that it is needed or periodically."
"The most valuable feature is that their database is completely encrypted and protected with multiple layers."
"We were able to reduce the number of privileged accounts by 50%, which helped to simplify our privileged access management environment."
"The most valuable feature of the solution is its performance."
"The solution's technical support is good."
"CyberArk Endpoint Privilege Manager (EPM) 's most valuable feature is its ability to manage user application privileges and protect against ransomware attacks by controlling access to specific files and applications."
"It shows us the risky sign-ins, and if a user's password has been compromised."
"We had Norton Antivirus before, and with Norton, we didn't have a way to centrally manage a lot of features. Defender allowed us to deploy it from our Office 365 admin console. That is probably the biggest thing that made us go with Defender."
"Microsoft Defender for Endpoint is extremely stable."
"We found that because the endpoint devices are based on Microsoft Windows devices and Windows Defender is integrated with the foundation and the core layer, it makes it more integrated and more agile in terms of responding to any security threats or changes or development"
"Defender for Endpoint has one dashboard with security-related information, vulnerability-related information, and basic recommendations from Microsoft, all in different tabs. That's helpful because if we want to fix only the recommended ones, we can go fix all of them..."
"The most valuable aspect is information, specifically the automatic investigation of packages."
"The solution can scale as needed."
"I like Defender's reporting and logging features. The email alerts are also helpful. It's hard sometimes to sift through the email, especially if you're an IT firm managing hundreds if not thousands of endpoints, but we find email reporting useful. For example, last Tuesday, we learned of new vulnerabilities that were discovered as a result of the previous patches. The endpoints without those patches triggered alerts in Defender."
"CyberArk Endpoint Privilege Manager can be better by making its UI more consistent."
"Can be improved by allowing computers to be excluded from policies."
"Technical support is slow to respond when we run into issues."
"The price of the solution should improve."
"CyberArk has some performance issues. For example, servers could not handle the solution when we first took CyberArk Endpoint Privilege Manager."
"CyberArk Endpoint Privilege Manager is a perfect solution, but CyberArk Endpoint Privilege Manager for Linux has many issues. Another area for improvement in CyberArk Endpoint Privilege Manager, specifically for Windows, is that there's no way for you to check credential theft from a text file, such as a notepad file."
"CyberArk meets clients' need very spot-on. It covers everything customers ask for. As for improvements, honestly, the feedback's been really positive. I haven't heard any specific areas that need work."
"They need much better integration with Azure AD."
"On the Mac OS platform, there is no parity between Windows and Mac OS. The solution is very feature-rich and very well-integrated into Windows, and I guess baked into Windows 10 and Windows 11. Whereas, on the Mac OS platform, there is still some work there to give it a more feature-reach platform."
"I would like to see online updates for patches for this solution. I would also like to see online information about what is trending in the market in terms of spams, viruses, or trojans. It takes some time to understand how this solution works. A few things are unclear at the beginning, such as whether it actually restricts the virus or spam at the initial stage, or when there is a security update, how will we come to know and how will it get synchronized. It would be really helpful if there is some kind of knowledge base in the form of video, audio, or document that can explain in a user-friendly way the setup, features, risks, and process to mitigate the risks. Currently, I have installed endpoint security for every individual system. I could not install it like other endpoint solutions where we have a server and a client. It would be really helpful if Microsoft Windows Defender has a server-client based model so that I can save some bandwidth when it downloads or uploads features. It will be helpful if we have a LAN-based or WAN-based controlling system."
"It can get a bit laggy sometimes. Other than that, we don't have any issues. They constantly tweak it and fix it up based on users' feedback. It has improved a lot over the past four years. Defender for Endpoint never really used to be a good endpoint security solution, but over the past couple of years, Microsoft has invested heavily in it. So, it has come a long way in all aspects of endpoint security. If they want to make it better, they should just continue investing in the current path of what they've been doing over the past couple of years."
"Updates are not coming out of preview quickly enough and it is holding back on the development of the product."
"The time it takes to restore the application could be improved. It has a lot of dependencies. It's not like the Microsoft security that comes with the OS. Updating through the command prompt, most of the time, it takes some time to download some of these dependencies."
"The price, in general, could always be a little bit cheaper."
"The application control feature requires improvement."
"Its detection is not as quick. There should also be more frequent updates."
More CyberArk Endpoint Privilege Manager Pricing and Cost Advice →
More Microsoft Defender for Endpoint Pricing and Cost Advice →
CyberArk Endpoint Privilege Manager is ranked 6th in Privileged Access Management (PAM) with 28 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. CyberArk Endpoint Privilege Manager is rated 8.2, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of CyberArk Endpoint Privilege Manager writes "Offers integrated solutions and expands its capabilities through strategic acquisitions". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". CyberArk Endpoint Privilege Manager is most compared with BeyondTrust Endpoint Privilege Management, CrowdStrike Falcon, CyberArk Privileged Access Manager, Tanium and SentinelOne Singularity Complete, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks. See our CyberArk Endpoint Privilege Manager vs. Microsoft Defender for Endpoint report.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
