We performed a comparison between CyberArk Privileged Access Manager, Digital Guardian, and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."With CyberArk, you can be fully confident that your existing accounts are secure. You will be 100 percent"
"We are able to rotate privileged user passwords to eliminate fraudulent use."
"Automatic password management, which will automatically change passwords based on compliance requirements."
"With PAM in place, we've experienced a significant reduction in potential security breaches."
"The established sessions on the target systems are fully isolated and the privileged account credentials are never exposed to the end-users or their client applications and devices."
"Ensures accounts are managed according to corporate policies."
"The most valuable feature is Special Monitoring."
"CyberArk has been easy for us to implement and the adoption has been good. We've been able to standardize a bunch of things. We've been able to standardize relatively easily with the use of the platforms and managing the policies."
"I like the solution's adaptive inspection and container inspection."
"Some of the features that are highly appreciated are its robust data loss prevention capabilities, flexible deployment options, and the ability to monitor data transfer across multiple vectors."
"The most valuable feature of Digital Guardian is its reputation. They have scored high on the Gartner Magic Quadrant."
"In Digital Guardian, they have the cloud correlation servers that give you visibility work like EBR and the correlation server works very well for security analysis."
"There is a built-in endpoint detection response that helps save money."
"The technical support is really terrific."
"The feature we call desktop recording is the most valuable aspect of the solution. Not only can we collect data from the user's usage, but we also capture his screenshots when he is trying to steal the data."
"It has been scalable."
"The server appliance is good."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities."
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"The most valuable feature is the view into the application."
"The installation phase was easy."
"Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats."
"Make it easier to deploy."
"The current interface doesn't scale that well, and has some screens still in the old layout."
"This is probably a common thing, but they do ask for a lot of log files, a lot of information. They ask you to provide a lot of information to them before they're willing to give you anything at all upfront. It would be better if they were a little more give-and-take upfront: "Why don't you try these couple of things while we take your log files and stuff and go research them?" A little bit of that might be more helpful."
"Some aspects of the administration need improvement, though they have recently made improvements to the API. However, the management with the interface and configuration are not so user-friendly. It has not changed much during all the years that CyberArk has been on the market. The management part, like platform management as well as PSM connectors definition and management, could be improved, even if it has already been done with the API."
"It is very complex and difficult to set up the solution."
"PAM could be more user-friendly and CyberArk could update the documentation to include more real-world examples. You have to learn it yourself through trial and error. In particular, the online documentation should have more information about troubleshooting."
"There is some stuff that we still have not fully integrated, which is our AIM solution. We are having all types of issues with it. I have been working with Level 3 support on it, but otherwise, from a functionality perspective, everything has been working except for the AIM solution."
"If there is an area that has room for improvement, it's probably working with their support and getting people on the phone. That is hard to do with most products in general, but that seems to be the difficult area. The product is fantastic, but sometimes we want somebody on the phone."
"There are a lot of issues with the current version of the Endpoint agent. It's not stable, it's resource-consuming, and there are some performance issues. If they could improve the stability of the agent it would be great."
"When considering potential areas for improvement, it may be beneficial for Digital Guardian to optimize its processes and reduce the computational demands on the system, particularly with regard to high CPU usage. Although Digital Guardian offers numerous benefits, it can consume a substantial amount of RAM and CPU power."
"The room for improvement with Digital Guardian is that it will be better with the Linux agent because it is the only DLP solution for Linux workstations. It still needs to upgrade the agents to the latest version for the Linux kernel."
"Some features on Mac and Linux are not complete currently. For example, some device control features haven't been transferred over to the other systems. If they could have their Windows features also available on Mac and Linux, that would be perfect. Some of our customers have a Mac environment for their RD environment. Having the solution fully capable of handling everything in a Mac environment is crucial."
"I would like to see the workflow, to get all the rules and policies set up, be less complicated."
"The solution has complexities around policy creation and deployment."
"Digital Guardian is an excellent solution but our experience with the partner has been the most horrible experience we have ever had with any partner."
"It would be helpful if there was an on-premise version of the solution for companies that cannot use the cloud, such as government sectors."
"Stability issues manifested in terms of throughput maximization."
"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."
"Technical packaging could be improved."
"I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"Management of the appliance could be greatly improved."
"Technical support could be improved."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
More Trellix Network Detection and Response Pricing and Cost Advice →
