We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Technical support is good."
"The asset discovery feature is the solution's most valuable aspect. It's very easy to pull assets into the database of the solution manager."
"BeyondTrust has very good integrations with quite a lot of security vendors such as SailPoint, IBM, FortiGuard, Splunk, etc."
"The most valuable feature is the asset discovery, which makes it very easy to locate and identify assets and pull them into the manager."
"It is straightforward. It is a good technology, and it is made to do one single thing."
"The implementation is quite easy because the documents are always online."
"What I liked about this solution is that it can also integrate for tracking malicious use or sending analytics to a host that can process them. I don't know if CyberArk, Centrify, or Thycotic can do that. The analytics was something the client really wanted, and they already had BeyondTrust. It is very scalable. The agent on the workstation is very thin, and the processing power required on a server is nothing out of the ordinary. It is also very stable and easy to deploy."
"I like the one-way hash, as well as the ability to store it in the cloud and access it from anywhere."
"I have found the password management and the secret management features to be the most valuable. Our customers find its ease of integration and the use of power shells really attractive."
"I like that it is Windows-based. It is good that primarily, it is not an appliance. Some of the other applications in the space, such as a Quest Software CPAM or a Safeguard, are appliances, so you can't deploy the ends of them. With Thycotic, you can either install your Temporal Protection module physically in the VM host, or you can use BouncyCastle for high-security module capabilities."
"Technical support is pretty good."
"There has been no downtime this year."
"It is able to manage storage and use of personal passwords."
"What I like best about this product is the interface."
"The user interface is quite good. It's very straightforward."
"The deployment process should be clarified or made simpler. It would be helpful if the solution had in-app tutorials for users to look at as they progress through the system. Sometimes we get lost and need to go back to check what exactly the function was. There should be small hints around major key functions. It would go a long way in speeding up the deployment process."
"They are doing good for now, but they should start to consider tight integration with Mac solutions. There should be more integration with Mac. There should be Active Directory (AD) Bridging. Thycotic and Centrify have it currently because they merged and joined forces, and it was a feature available in Centrify. So, basically, they joined forces to create a kind of perfect product. If you have a hybrid or mixed environment with Windows and Mac, your Active Directory can only manage or enforce policies on Windows, but what about your Mac devices? How do you control them? So, AD Bridging will act as a bridge to bring all your Mac devices into your Active Directory. This way you have full control over your entire environment."
"The program updates are very rare and the frequency is too far apart to take care of bug fixes and adding the latest features."
"What's bothering me, which is true of all of them, is that sometimes, the error codes that come up don't necessarily get reflected in the searches within their support sites or they're out of date. I would rather search by an error code than type in the text and search for it by text because the error code means that it is programmatic, and it is known. It might not be desired, but it at least is not unexpected. If you don't have an error code, you just get an anomalous error, and if it is lengthy, it can be difficult to search and find the specific instance you're looking for. This is something I would like all of them to improve. BeyondTrust, CyberArk, Centrify, and Thycotic could do some improvements in staying up to date and actually allowing you to search based on the product version. They are assuming that everybody is on their way to release. They put out a new release, but it is not reflected on the support site, which makes no sense to me, especially when they revamp all the error codes. They all have been guilty of this in some way."
"If you don't get the implementation right at the outset, you will struggle with the product."
"The help system should be improved to provide a quick help guide with each tab within the solution, which explains what each particular function does."
"Their technical support could be more responsive and helpful."
"Although the password policy was interesting, the default setting was inadequate."
"Having more detailed reporting would improve this solution."
"We always ask for partner enablement, which is more like a soft requirement rather than a product requirement. It would be great if they can provide us deeper knowledge of their products for integration."
"The API is no good."
"The initial setup and deployment can be cumbersome. It's not an easy process."
"When working with larger enterprises Thycotic Secret Server becomes a little cumbersome to work with because they do not allow as much flexibility as some of the other competitors, such as CyberArk. Thycotic Secret Server could improve by being more flexible when it comes to customization, and increase the number of API integrations."
"Documentation could be improved if they were to include more about connectors. There is not enough documentation."
"One thing that I wish they would do is to have a Kubernetes or container-based deployment supported, but they're not quite there yet. Containerization or support for containerization would be fantastic."
"Price-wise, it is very competitive. In our area, government entities and banks don't go for the monthly payment. It is a headache even for us in terms of finance and procurement to go for monthly payments. Quarterly might be more logical and reasonable, but the minimum that we go for is one year, and sometimes, we even try to compile and give one offering for three years."
"This solution is expensive compared to its competitors."
"Secret Server is expensive when compared to the cost to some alternatives."
"The pricing is standard in this business and we have no complaints about it."
"The price of this solution is good."
"It is very expensive, and its price should be lower."
"There are different plans and additional licensing costs that can be instituted for add-ons."
"Its price is okay. We don't compete on pricing. We seldom use price to win over our competitors. We prefer it this way because if we can sustain the price, we make more margin as well. We don't want the price to go down to the bottom where despite the win, there's no margin at all."
"There is an annual license fee per user and the price is fair."
"When comparing the price of Thycotic Secret Server with other solutions it is reasonable."
BeyondTrust Endpoint Privilege Management enables organizations to mitigate attacks by removing excess privileges on Windows, Mac, Unix/Linux and networked devices. Remove excessive end user privileges and control applications on Windows, Mac, Unix, Linux, and networked devices without hindering end-user productivity.
Key Solutions Include:
-ENTERPRISE PASSWORD SECURITY
Discover, manage and monitor all privileged accounts and SSH keys, secure privileged assets, and report on all privileged account activity in a single solution.
-ENDPOINT LEAST PRIVILEGE
Enforce least privilege across all Windows and Mac endpoints, gain visibility into target system vulnerabilities, and control access to privileged applications without disrupting user productivity or compromising security.
-SERVER PRIVILEGE MANAGEMENT
Gain control and visibility over Unix, Linux and Windows server user activity without sharing the root or administrator account.
-A SINGLE PLATFORM FOR MANAGEMENT, POLICY, REPORTING AND THREAT ANALYTICS
Utilize a single solution to manage PAM policies and deployment, understand vulnerability and threat analytics, and provide reporting to multiple stakeholders and complementary security systems.
Learn more at https://www.beyondtrust.com/privilege-management
Secret Server is a fully-featured Privileged Access Management (PAM) solution available both on premise and in the cloud. It empowers security and IT ops teams to secure and manage all types of privileged accounts and offers the fastest time to value of any PAM solution.
BeyondTrust Endpoint Privilege Management is ranked 4th in Privileged Access Management (PAM) with 7 reviews while Thycotic Secret Server is ranked 3rd in Privileged Access Management (PAM) with 14 reviews. BeyondTrust Endpoint Privilege Management is rated 7.6, while Thycotic Secret Server is rated 8.0. The top reviewer of BeyondTrust Endpoint Privilege Management writes "A stable, scalable, and easy-to-deploy solution that can track malicious use or send analytics to a host". On the other hand, the top reviewer of Thycotic Secret Server writes "Excellent access management that can serve very large networks". BeyondTrust Endpoint Privilege Management is most compared with CyberArk Privileged Access Manager, CyberArk Endpoint Privilege Manager, Cisco ISE (Identity Services Engine), ARCON Privileged Access Management and One Identity Manager, whereas Thycotic Secret Server is most compared with CyberArk Privileged Access Manager, Microsoft Azure Key Vault, HashiCorp Vault, IBM Security Secret Server and CyberArk Enterprise Password Vault. See our BeyondTrust Endpoint Privilege Management vs. Thycotic Secret Server report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.