We performed a comparison between BeyondTrust Endpoint Privilege Management and CyberArk Endpoint Privilege Manager based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is straightforward. It is a good technology, and it is made to do one single thing."
"What I liked about this solution is that it can also integrate for tracking malicious use or sending analytics to a host that can process them. I don't know if CyberArk, Centrify, or Thycotic can do that. The analytics was something the client really wanted, and they already had BeyondTrust. It is very scalable. The agent on the workstation is very thin, and the processing power required on a server is nothing out of the ordinary. It is also very stable and easy to deploy."
"One of the valuable features is the absence of any local user in a unique system. All users are defined in the AD; communication is only between Unix and AD."
"The tool is easy to use and deploy. It has PAM capabilities like privilege access. The solution helps with the management of third parties and vendors. It is an effective solution compared to other alternatives."
"It scales easily and the product is stable."
"Logs that get collected on the Privilege Management console from the agents are very good. They help us to identify the aspects from which we have to whitelist an application."
"The features related to application elevate is amazing. It helped the company to remove almost all admin local users."
"The product is secure."
"It has drastically reduced the attack surface for local administrative rights and the chance of escalation of privilege. We've removed, at this point, close to 98 percent of the local administrative accounts on workstations. If there were an incident, it would stop at that point and we'd be able to know."
"The most valuable features of CyberArk Endpoint Privilege Manager are password management, session management, onboarding rules, platform customization, and safety management."
"I like that you can remove the admin rights from the user's computer and have control over the environment. That means you can delete the local admins and grant them proper privileges with the console. So, they will get proper permissions for applications they need, but we don't have to do it. In the domain where we don't have control, the user can only do specified actions, but not all of them."
"The most valuable feature of CyberArk Endpoint Privilege Manager is its ability to reset passwords every time that it is needed or periodically."
"The product is very flexible"
"I am impressed with the product's seamless integration. The PAM wallet and enterprise password wallet are good also good."
"What sets CyberArk apart is its continuous innovation, staying ahead of the competition."
"The most valuable feature of the solution is its performance."
"How the accounts are presented in the solution's UI can be improved."
"We faced some challenges with remote desktop sessions."
"They are doing good for now, but they should start to consider tight integration with Mac solutions. There should be more integration with Mac. There should be Active Directory (AD) Bridging. Thycotic and Centrify have it currently because they merged and joined forces, and it was a feature available in Centrify. So, basically, they joined forces to create a kind of perfect product. If you have a hybrid or mixed environment with Windows and Mac, your Active Directory can only manage or enforce policies on Windows, but what about your Mac devices? How do you control them? So, AD Bridging will act as a bridge to bring all your Mac devices into your Active Directory. This way you have full control over your entire environment."
"What's bothering me, which is true of all of them, is that sometimes, the error codes that come up don't necessarily get reflected in the searches within their support sites or they're out of date. I would rather search by an error code than type in the text and search for it by text because the error code means that it is programmatic, and it is known. It might not be desired, but it at least is not unexpected. If you don't have an error code, you just get an anomalous error, and if it is lengthy, it can be difficult to search and find the specific instance you're looking for. This is something I would like all of them to improve. BeyondTrust, CyberArk, Centrify, and Thycotic could do some improvements in staying up to date and actually allowing you to search based on the product version. They are assuming that everybody is on their way to release. They put out a new release, but it is not reflected on the support site, which makes no sense to me, especially when they revamp all the error codes. They all have been guilty of this in some way."
"A valuable enhancement could be the capability to deploy agents directly through the console."
"Reports to the end user."
"It only has limited support for Mac."
"The program updates are very rare and the frequency is too far apart to take care of bug fixes and adding the latest features."
"For an experienced system implementer it will take approximately one day. However, for somebody who is inexperienced it may take up to five days."
"CyberArk Endpoint Privilege Manager is not suitable for the current situation because when you compare it to OTP, OTP is the strongest password solution. You can use it as a one-time password, but you have to log into the password manager itself and if you don't change your password, it will be the weakest link in the security. In OTP, you don't have that weakest link."
"CyberArk is a pretty heavy solution."
"It's an old product and has many areas that can be improved."
"The product needs a streamlined user interface; improvements to the user interface can enhance user experience and make the solution more intuitive to navigate."
"It cannot be on-prem. It is only cloud-based. Sometimes, that's a restriction in terms of usage."
"The solution can be complex to use at times."
"The product's threat protection and defense capabilities need enhancement."
More BeyondTrust Endpoint Privilege Management Pricing and Cost Advice →
More CyberArk Endpoint Privilege Manager Pricing and Cost Advice →
BeyondTrust Endpoint Privilege Management is ranked 5th in Privileged Access Management (PAM) with 28 reviews while CyberArk Endpoint Privilege Manager is ranked 6th in Privileged Access Management (PAM) with 28 reviews. BeyondTrust Endpoint Privilege Management is rated 8.0, while CyberArk Endpoint Privilege Manager is rated 8.2. The top reviewer of BeyondTrust Endpoint Privilege Management writes "Admin rights can be granted and revoked within minutes and that is what everything comes down to, for us". On the other hand, the top reviewer of CyberArk Endpoint Privilege Manager writes "Offers integrated solutions and expands its capabilities through strategic acquisitions". BeyondTrust Endpoint Privilege Management is most compared with Cisco ISE (Identity Services Engine), CyberArk Privileged Access Manager, Delinea Secret Server, ARCON Privileged Access Management and Microsoft Defender for Endpoint, whereas CyberArk Endpoint Privilege Manager is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, CyberArk Privileged Access Manager, Tanium and Cortex XDR by Palo Alto Networks. See our BeyondTrust Endpoint Privilege Management vs. CyberArk Endpoint Privilege Manager report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.