We performed a comparison between BeyondTrust Endpoint Privilege Management and CyberArk Endpoint Privilege Manager based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The implementation is quite easy because the documents are always online."
"Scalability is good. I would rate the scalability a nine out of ten."
"The notable aspect is its ability to capture the application's behavior comprehensively and this thorough analysis is crucial for effective policy management."
"The solution's technical support is good."
"Logs that get collected on the Privilege Management console from the agents are very good. They help us to identify the aspects from which we have to whitelist an application."
"The features related to application elevate is amazing. It helped the company to remove almost all admin local users."
"I find the comprehensive Privilege Access Management features valuable, including automation, and the ability to integrate with applications and the Windows operating system."
"The privileged access management into sensitive systems is very valuable. That includes control from the endpoint all the way through to the managing of passwords and credentials that are used by the person to access the sensitive information. It's very useful, because nobody ever really maintains passwords for those endpoint systems. It's maintained in the Dropbox password file."
"You can use it to strip users of their local admin rights and, at the same time, elevate applications for them."
"The most valuable feature is that their database is completely encrypted and protected with multiple layers."
"It has drastically reduced the attack surface for local administrative rights and the chance of escalation of privilege. We've removed, at this point, close to 98 percent of the local administrative accounts on workstations. If there were an incident, it would stop at that point and we'd be able to know."
"The department management aspect of the solution is the most valuable aspect."
"The solution is scalable."
"Users can scale the solution."
"I have always found that CyberArk is a very tight, foolproof product compared to most other products available."
"The most valuable feature is that it does lifecycle management and that it will change to whatever the end target is."
"It keeps on breaking every now and then. It is not yet mature. Every time something new comes up or we run into some new issues, the culprit is BeyondTrust because the agents and the adapter are not mature. The new development process goes on, and they're not able to handle things. It should be mature. It shouldn't break every now and then."
"How the accounts are presented in the solution's UI can be improved."
"They are doing good for now, but they should start to consider tight integration with Mac solutions. There should be more integration with Mac. There should be Active Directory (AD) Bridging. Thycotic and Centrify have it currently because they merged and joined forces, and it was a feature available in Centrify. So, basically, they joined forces to create a kind of perfect product. If you have a hybrid or mixed environment with Windows and Mac, your Active Directory can only manage or enforce policies on Windows, but what about your Mac devices? How do you control them? So, AD Bridging will act as a bridge to bring all your Mac devices into your Active Directory. This way you have full control over your entire environment."
"Reports to the end user."
"We use a program to automate all of this, but it's not a default feature of BeyondTrust Endpoint Privilege Management."
"The product should improve its price."
"The help system should be improved to provide a quick help guide with each tab within the solution, which explains what each particular function does."
"What's bothering me, which is true of all of them, is that sometimes, the error codes that come up don't necessarily get reflected in the searches within their support sites or they're out of date. I would rather search by an error code than type in the text and search for it by text because the error code means that it is programmatic, and it is known. It might not be desired, but it at least is not unexpected. If you don't have an error code, you just get an anomalous error, and if it is lengthy, it can be difficult to search and find the specific instance you're looking for. This is something I would like all of them to improve. BeyondTrust, CyberArk, Centrify, and Thycotic could do some improvements in staying up to date and actually allowing you to search based on the product version. They are assuming that everybody is on their way to release. They put out a new release, but it is not reflected on the support site, which makes no sense to me, especially when they revamp all the error codes. They all have been guilty of this in some way."
"Technical support is slow to respond when we run into issues."
"It cannot be on-prem. It is only cloud-based. Sometimes, that's a restriction in terms of usage."
"One area that has room for improvement is in managing the credentials for network devices."
"The solution's pricing could be better."
"Performance could be better. We have a couple of problems with CyberArk right now. One of the problems is performance in our environment. Support also takes a long time to respond. If the user already has local admin rights, then I can't collect any events in the console from this device. There are also some options in CyberArk that are not working properly, and are not helpful in this case. I can't collect any information to create a proper policy for the device. I have to investigate everything manually, or even disable the local admin from the device. I can collect the events only after this, and it's very time consuming. In my case, it's a waste of resources."
"CyberArk Endpoint Privilege Manager is not suitable for the current situation because when you compare it to OTP, OTP is the strongest password solution. You can use it as a one-time password, but you have to log into the password manager itself and if you don't change your password, it will be the weakest link in the security. In OTP, you don't have that weakest link."
"It is hard to deal with technical support if you are not certified."
"The price of the solution should improve."
More BeyondTrust Endpoint Privilege Management Pricing and Cost Advice →
More CyberArk Endpoint Privilege Manager Pricing and Cost Advice →
BeyondTrust Endpoint Privilege Management is ranked 4th in Privileged Access Management (PAM) with 27 reviews while CyberArk Endpoint Privilege Manager is ranked 6th in Privileged Access Management (PAM) with 26 reviews. BeyondTrust Endpoint Privilege Management is rated 8.0, while CyberArk Endpoint Privilege Manager is rated 8.0. The top reviewer of BeyondTrust Endpoint Privilege Management writes "Admin rights can be granted and revoked within minutes and that is what everything comes down to, for us". On the other hand, the top reviewer of CyberArk Endpoint Privilege Manager writes "Offers integrated solutions and expands its capabilities through strategic acquisitions". BeyondTrust Endpoint Privilege Management is most compared with Cisco ISE (Identity Services Engine), CyberArk Privileged Access Manager, Delinea Secret Server, ARCON Privileged Access Management and Microsoft Defender for Endpoint, whereas CyberArk Endpoint Privilege Manager is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, CyberArk Privileged Access Manager, Tanium and SentinelOne Singularity Complete. See our BeyondTrust Endpoint Privilege Management vs. CyberArk Endpoint Privilege Manager report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.