Most Helpful Review
Researched CyberArk PAS but chose BeyondTrust Endpoint Privilege Management: Good asset discovery and management capability
Researched BeyondTrust Endpoint Privilege Management but chose CyberArk PAS: The most valuable feature is that it always provides flexibility, password quality and one-time user check-in and check-out.
Find out what your peers are saying about BeyondTrust Endpoint Privilege Management vs. CyberArk PAS and other solutions. Updated: January 2020.
399,540 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The most valuable feature is the asset discovery, which makes it very easy to locate and identify assets and pull them into the manager.
The asset discovery feature is the solution's most valuable aspect. It's very easy to pull assets into the database of the solution manager.
The implementation is quite easy because the documents are always online.
The privileged access management into sensitive systems is very valuable. That includes control from the endpoint all the way through to the managing of passwords and credentials that are used by the person to access the sensitive information. It's very useful, because nobody ever really maintains passwords for those endpoint systems. It's maintained in the Dropbox password file.
I would say session management on the go is the most valuable feature. When the session is going on, you can stop the session without terminating it for justification. You can cancel it. The recording takes very little space. Those are some things which the customers are worried about when they talk about session recording.
I'm a BeyondTrust partner and I have multiple deployments, four or five banks right now. The features that give us quite an edge compared to what our competitors are offering - like IBM or Thycotic - are the Session Management, that is quite a big one; also the recording of keystrokes. In addition, there is the password vaulting and state-of-the-art Password Management, which I haven't seen in other products.
It scales easily and the product is stable.
Reduces major vulnerabilities by removing local administrator privileges.
CyberArk has been easy for us to implement and the adoption has been good. We've been able to standardize a bunch of things. We've been able to standardize relatively easily with the use of the platforms and managing the policies.
CyberArk is a very stable product and it's a stable product because it has a simple design and a simple architecture that allows you to leverage the economies of scale across the base of your infrastructure that you already have implemented. It doesn't really introduce any new complex pieces of infrastructure that would make it that much more difficult to scale.
When we started with RPA, there was a requirement that every credential and the bots themselves be protected through the PAM system. From the get-go, we've had CyberArk in the middle... We've got a pretty robust RPA implementation with our PAM platform. Users, bots, the credentials — everything is managed via our PAM solution.
Right off the bat, the most valuable feature is the DNA scan. It gives us the ability to scan our environment and find the accounts that we're going to need to take under control.
The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task.
For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks.
There are no issues with scalability. Our clients are very happy to use the product.
We are maintaining compliance in PCI, SOX and HIPPA, which is a big thing. Auditors really like it, and it has made us stay compliant.
The help system should be improved to provide a quick help guide with each tab within the solution, which explains what each particular function does.
The deployment process should be clarified or made simpler. It would be helpful if the solution had in-app tutorials for users to look at as they progress through the system. Sometimes we get lost and need to go back to check what exactly the function was. There should be small hints around major key functions. It would go a long way in speeding up the deployment process.
The program updates are very rare and the frequency is too far apart to take care of bug fixes and adding the latest features.
The other area to improve is that they rely on MS SQL servers only. You cannot have any other database behind them. They have to be on MS SQL. If they can do something about these issues, this would be a better alternative for some customers.
It should support XWindows Remote Desktop Access protocol for Linux/Unix.
It only has limited support for Mac.
There is a bit of a learning curve, but it's a pretty complex solution.
CyberArk has to continue to evolve with that threat landscape to make sure that they're still protecting those credentials that are owned by those that have privileged accounts in the firms.
The one place where we found that this product really needs to improve is the cloud. Simple integrations don't exist, even today. We don't have anything specific on CyberArk for managing, SaaS products, SaaS vendors, SaaS credentials. I understand it's a vendor-based thing and that they have to coordinate with the other vendors to be able to do that, and there are integrations coming. But these are the major places where CyberArk definitely needs to invest some more time.
It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers.
Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use.
Integration with the ticketing system should allow any number of fields to be used for validation before allowing a user to be evaluated and able to access a server.
The initial setup of CyberArk is a challenge if you do not have prior experience with it.
Make it easier to deploy.
Pricing and Cost Advice
This solution is expensive compared to its competitors.
What BeyondTrust was providing was user-based licensing which was a great benefit from the client point of view. Recently, I don't know why, the licensing model has been changed, and that is the reason that they have lost a bit of their edge when it comes to the PAM, against our competition. The asset-based licensing, from the user's point of view, is not beneficial. The licensing should be based on the users. The greater the number of users, the greater will be the load and the greater the scalability problems. I presume that is why the licensing model has changed.
PowerBroker for a Mac client is three times the price of the Windows version.
In comparison to other products on the market, CyberArk is a more costly product.
This solution is considered to be more expensive than others out there on the market today.
I do not have any opinions to add about the pricing of the product.
No, I do not have any advice on the price of the product.
Network and security licenses are currently being managed by other outsource vendors, so they are facing some type of problems in the digital aspect.
With reducing the privileged account access, there has been a huge improvement. They are now bringing more accounts on a little at a time.
If you are looking at implementing this solution, buy the training and go to it.
Our risk is definitely significantly lower. Also, our resources are low.
out of 24 in Privileged Access Management
Average Words per Review
out of 24 in Privileged Access Management
Average Words per Review
Compared 54% of the time.
Compared 11% of the time.
Compared 6% of the time.
Compared 14% of the time.
Compared 9% of the time.
Compared 8% of the time.
Also Known As
|BeyondTrust PowerBroker, PowerBroker||CyberArk Privileged Access Security, CyberArk Privileged Account Security, SSH Key Manager, Privileged Session Manager, Privileged Threat Analytics, Application Identity Manager, On-Demand Privileges Manager, Endpoint Privilege Manager|
The BeyondTrust PowerBroker Privileged Access Management Platform is an integrated solution that provides visibility and control over all privileged accounts and users. By uniting capabilities that many alternative providers offer as disjointed tools, the platform simplifies deployments, reduces costs, improves system security, and reduces privilege risks.
CyberArk is the trusted expert in privileged account security. Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry's most comprehensive Privileged Account Security Solution.
Learn more about BeyondTrust Endpoint Privilege Management
Learn more about CyberArk PAS
|Aera Energy LLC, Care New England, James Madison University||Rockwell Automation|
Software R&D Company31%
Comms Service Provider26%
Financial Services Firm7%
Financial Services Firm28%
Software R&D Company29%
Comms Service Provider15%
Financial Services Firm11%