BeyondTrust Endpoint Privilege Management Overview

BeyondTrust Endpoint Privilege Management is the #4 ranked solution in our list of top Privileged Access Management tools. It is most often compared to CyberArk Privileged Access Manager: BeyondTrust Endpoint Privilege Management vs CyberArk Privileged Access Manager

What is BeyondTrust Endpoint Privilege Management?

BeyondTrust Endpoint Privilege Management enables organizations to mitigate attacks by removing excess privileges on Windows, Mac, Unix/Linux and networked devices. Remove excessive end user privileges and control applications on Windows, Mac, Unix, Linux, and networked devices without hindering end-user productivity.

Key Solutions Include:

-ENTERPRISE PASSWORD SECURITY

Discover, manage and monitor all privileged accounts and SSH keys, secure privileged assets, and report on all privileged account activity in a single solution.

-ENDPOINT LEAST PRIVILEGE

Enforce least privilege across all Windows and Mac endpoints, gain visibility into target system vulnerabilities, and control access to privileged applications without disrupting user productivity or compromising security.

-SERVER PRIVILEGE MANAGEMENT

Gain control and visibility over Unix, Linux and Windows server user activity without sharing the root or administrator account.

-A SINGLE PLATFORM FOR MANAGEMENT, POLICY, REPORTING AND THREAT ANALYTICS

Utilize a single solution to manage PAM policies and deployment, understand vulnerability and threat analytics, and provide reporting to multiple stakeholders and complementary security systems.

Learn more at https://www.beyondtrust.com/privilege-management

BeyondTrust Endpoint Privilege Management is also known as BeyondTrust PowerBroker, PowerBroker, BeyondTrust Endpoint Privilege Management for Windows, BeyondTrust Endpoint Privilege Management for Mac, BeyondTrust Endpoint Privilege Management for Linux, BeyondTrust Endpoint Privilege Management for Unix.

BeyondTrust Endpoint Privilege Management Buyer's Guide

Download the BeyondTrust Endpoint Privilege Management Buyer's Guide including reviews and more. Updated: June 2021

BeyondTrust Endpoint Privilege Management Customers

Aera Energy LLC, Care New England, James Madison University

BeyondTrust Endpoint Privilege Management Video

Pricing Advice

What users are saying about BeyondTrust Endpoint Privilege Management pricing:
  • "This solution is expensive compared to its competitors."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
GJ
PAM Architect at a tech services company with 11-50 employees
Real User
Top 5Leaderboard
A stable, scalable, and easy-to-deploy solution that can track malicious use or send analytics to a host

What is our primary use case?

We are an integrator, and we do a lot of Identity and Access Management and Privileged Identity. I am only just getting into this solution. I am not trained in it, but I've been reading about it. I have recommended it for a client based on their requirements and based on what I know about CyberArk versus a couple of others. I have not implemented it yet. I have the agent running on the system where I am actually profiled. I have its latest version. In terms of use case, it primarily has two things, and you can choose whatever you want in the middle. One side is that you can use it to allow the… more »

Pros and Cons

  • "What I liked about this solution is that it can also integrate for tracking malicious use or sending analytics to a host that can process them. I don't know if CyberArk, Centrify, or Thycotic can do that. The analytics was something the client really wanted, and they already had BeyondTrust. It is very scalable. The agent on the workstation is very thin, and the processing power required on a server is nothing out of the ordinary. It is also very stable and easy to deploy."
  • "What's bothering me, which is true of all of them, is that sometimes, the error codes that come up don't necessarily get reflected in the searches within their support sites or they're out of date. I would rather search by an error code than type in the text and search for it by text because the error code means that it is programmatic, and it is known. It might not be desired, but it at least is not unexpected. If you don't have an error code, you just get an anomalous error, and if it is lengthy, it can be difficult to search and find the specific instance you're looking for. This is something I would like all of them to improve. BeyondTrust, CyberArk, Centrify, and Thycotic could do some improvements in staying up to date and actually allowing you to search based on the product version. They are assuming that everybody is on their way to release. They put out a new release, but it is not reflected on the support site, which makes no sense to me, especially when they revamp all the error codes. They all have been guilty of this in some way."

What other advice do I have?

I would rate BeyondTrust Endpoint Privilege Management a nine out of ten.
Technical Manager at Gulf IT
Reseller
Great session management features and out-of-box connectors

What is our primary use case?

The primary use case for BeyondTrust is for when one needs to control the administrative accesses on their critical assets, whether that be Windows, Linux, or UNIX servers, databases, and application servers.

Pros and Cons

  • "I would say session management on the go is the most valuable feature. When the session is going on, you can stop the session without terminating it for justification. You can cancel it. The recording takes very little space. Those are some things which the customers are worried about when they talk about session recording."
  • "The other area to improve is that they rely on MS SQL servers only. You cannot have any other database behind them. They have to be on MS SQL. If they can do something about these issues, this would be a better alternative for some customers."

What other advice do I have?

Don't start the implementation until you get the prerequisite sheet confirmed from the customer. If not, you may waste a lot of time at the customer's site. I have learned a couple of things from this product. First, if the organization doesn't have a structured hierarchy of the work or the segregation of duties properly implemented, no matter what kind of security there is, it tends to fail. Operationally, it tends to fail. The tasks never get finished. BeyondTrust helps define those duties properly. That was one major thing. The other thing I learned is that PAM is not for an inexperienced…
Learn what your peers think about BeyondTrust Endpoint Privilege Management. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
510,534 professionals have used our research since 2012.
LN
General Manager, Head of Information Security at a tech services company with 51-200 employees
Reseller
Top 10
Good authentification but offers poor technical support and is rather pricey

What is our primary use case?

We primarily offer this solution to our clients. Our clients use it for access. For example, if there is a user who is not from their existing network and he's a contractor, they have to be able to give him the privilege to come inside, otherwise, that person can't access anything internally like a regular end user can. This solution allows them to offer separate privileged user access for specific users.

Pros and Cons

  • "BeyondTrust has very good integrations with quite a lot of security vendors such as SailPoint, IBM, FortiGuard, Splunk, etc."
  • "Their technical support could be more responsive and helpful."

What other advice do I have?

Overall, I'd rate the solution five out of ten. I would definitely recommend it, however, I would recommend organizations test a couple of solutions based on their requirements. There will be a different requirement for a retail outlet and a different requirement for an oil and gas company. Even though it is privileged remote access, different accesses most likely need to be granted. If somebody is a software developer, and somebody is just for support, they will need different types of access. Whether this solution offers that a company needs depends on different requirements from different…
AB
Consultant- Information Security at a tech services company with 11-50 employees
Consultant
Top 20
Monitors all infrastructure activities but program updates are very rare and it gets buggy

What is our primary use case?

Our primary use case of this solution is data access management. When you have a complex infrastructure you obviously need a solution that can monitor the activities that are going on in the infrastructure. The usernames, passwords, and activities have to be monitored, and this program helps you with that. So it is nothing but a monitoring and security tool that will monitor all the infrastructure activities and help you to manage the passwords of the infrastructure so that the passwords are not being exposed to the third parties or your users. These passwords will be secure in your… more »

Pros and Cons

  • "The implementation is quite easy because the documents are always online."
  • "The program updates are very rare and the frequency is too far apart to take care of bug fixes and adding the latest features."

What other advice do I have?

This program has a good reputation in the market and it is more required for the security of your infrastructure. It is a product that you can trust. The only thing I'm looking for in the next version is that the bug fixes have to be more frequent and the solution has to be more reliable and more flexible. On a scale from one to 10, I'll give it a six.
OS
Team Lead, Network Infrastructure Business at a tech services company with 51-200 employees
Reseller
Top 10
Good asset discovery and management capability

What is our primary use case?

We are a technical services company and this is one of the solutions that we provide for our clients. It is used to manage privileged access for our customers and their server resources. One of our customers had administrators that shared credentials to access some of their enterprise applications. We needed to remove those credentials because they were compromised at some point, leaving other people to access them and the organization was not able to keep track of who was logging in, or what they were doing at any particular point in time. Implementing this solution has allowed us to remove… more »

Pros and Cons

  • "The most valuable feature is the asset discovery, which makes it very easy to locate and identify assets and pull them into the manager."
  • "The help system should be improved to provide a quick help guide with each tab within the solution, which explains what each particular function does."

What other advice do I have?

This is a good solution that I would recommend, but in the Nigerian market, the price of this solution is challenging. Many companies are choosing competing solutions like CyberArk because the cost is lower. If the price were more friendly then it would have a better share of the market. I would rate this solution an eight out of ten.
GK
VP Cyber Risk at a tech services company with 501-1,000 employees
Real User
Good for meeting compliance objectives but it has a complex setup

What is our primary use case?

In terms of meeting compliance objectives of securing endpoints, this product is very useful. It works for things like ISO, PCI, DSS, and the CIA. BeyondTrust meets all of the technical requirements from the compliance perspective. The vault, remote access management, and VP enlisted VPNs will become very useful in terms of being able to manage and maintain infrastructure security without having the complexities of changing passwords all of the time. It also helps to maintain all of the compliance objectives with password complexity changes. All of those things get managed under one product… more »

Pros and Cons

  • "The privileged access management into sensitive systems is very valuable. That includes control from the endpoint all the way through to the managing of passwords and credentials that are used by the person to access the sensitive information. It's very useful, because nobody ever really maintains passwords for those endpoint systems. It's maintained in the Dropbox password file."

    What other advice do I have?

    Approach it slowly. Don't rush in and drop things down there. Do it carefully, because you might end up breaking access to systems, which is complicated when you're running a production environment. Make sure you go through the testing process vigorously before you deploy. I would give BeyondTrust a seven out of ten. There are some features in CyberArk that are better, cheaper, or easier to implement. Some of those running in CyberArk don't have the conflicts that BeyondTrust has, as there are many products in the suite. You've got to compare apples with apples.
    OS
    Team Lead, Network Infrastructure Business at a tech services company with 51-200 employees
    Reseller
    Top 10
    Offers good stability and asset discovery makes it easy to pull assets into the database of the solution manager

    What is our primary use case?

    At one point, our users shared credentials to access some enterprise applications within our environment. We had to take off user credentials because those credentials were getting compromised at one point. We also had trouble keeping track of who logged in or when people were doing work at any given period of time. With this solution, we're able to log the credentials from those applications and then move it into the facility for proper credential management.

    Pros and Cons

    • "The asset discovery feature is the solution's most valuable aspect. It's very easy to pull assets into the database of the solution manager."
    • "The deployment process should be clarified or made simpler. It would be helpful if the solution had in-app tutorials for users to look at as they progress through the system. Sometimes we get lost and need to go back to check what exactly the function was. There should be small hints around major key functions. It would go a long way in speeding up the deployment process."

    What other advice do I have?

    We're a BeyondTrust reseller. I'd recommend the solution. However, the pricing is not competitive and I find in the Nigerian market we're losing ground to CyberArk because the pricing is so unfriendly for the region. They need to try and match their competitors here in order to stay competitive overall in the market. I'd rate the solution eight out of ten.
    Buyer's Guide
    Download our free BeyondTrust Endpoint Privilege Management Report and get advice and tips from experienced pros sharing their opinions.