We performed a comparison between Azure Key Vault and BeyondTrust Password Safe based on real PeerSpot user reviews.
Find out in this report how the two Enterprise Password Managers solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I would say it's granular controller who can access them."
"The integration with other Azure services is one of the standout features for me. It allows us to use secrets from the Azure Key Vault seamlessly without direct interaction.Additionally, the ability to easily mark secrets for expiration and receive notifications is invaluable."
"We use Azure Key Vault to store secrets."
"All its features are really valuable. It's really well thought-out. It's a complete turnkey solution that has all the concerns taken care of, such as access control and management. You can use it in infrastructure as code to create key vaults, APIs, PowerShells, CLIs, even Terraform."
"The tool is highly secure and very easy to manage."
"Azure Key Vault allows only identified users to get the credentials and rotates the keys automatically."
"Azure Key Vault's performance is excellent. It makes infrastructure management easier."
"AI has been introduced to Azure."
"The CI/CD and REST API are also satisfactory; the solution has a full PAM feature set and they all work well."
"The best aspect of the product is the ability to onboard devices. You can scan the IP subnets and onboard all the devices. You can then segregate them if it's a network device or a firewall. If it's a Windows server or a UNIX, you can basically scan your IT infrastructure and onboard the efforts, which should be managed. Once they have been onboarded, then the session management and password management are easy and nicely configurable."
"The solution protects organizations from internal and external threats."
"The product has improved security and login due to the system recordings. In case, there is a doubt that someone has done something which they shouldn't have been doing, we can just go back and check what the user actually did."
"The ability to manage privileged account passwords is the most valuable feature."
"BeyondTrust Password Safe is a good PAM tool."
"Smart Rules is a nice feature in BeyondTrust. It is a unique feature that BeyondTrust has as compared to other vendors such as CyberArk. With Smart Rules, you can do automatic onboarding of accounts. There are a lot of options and features. For example, you can do onboarding based on different AD attributes. It is a nice feature in BeyondTrust that some of the other PAM vendors don't have. With other vendors, we have to create our own scripts, whereas, with BeyondTrust, we can just use the in-built Smart Rules."
"One of the most valuable features is that this is a product designed with enterprises in mind."
"The solution needs to improve reliability and protection."
"The solution does not allow you to integrate with XML parties if it is not inside Azure itself."
"Many times, the first round of support itself will fail, and they will bring some more competent people in the subsequent support. So it gets into a hierarchical mode. By then, we will lose a good amount of time. The technical support needs improvement."
"The integration with Thales HSM is complex and is not out-of-the-box. Uploading the keys was quite a tedious process."
"While it's very reliable in terms of stability, there's always room for improvement."
"I would like more code examples."
"One area for improvement is the notification system for secret expiration. It would be beneficial if the service could handle this more autonomously, eliminating the need for additional integrations."
"It needs to offer dynamic secrets management."
"When we deploy BeyondTrust, we have to deploy our own database on a SQL server. It doesn't deploy the database. I wish BeyondTrust packages the whole solution in one and includes the MySQL database so that when you deploy it, it deploys everything for you. BeyondTrust gives you the software, but you are in charge of setting up your own database. It is a single appliance just for the BeyondTrust portion but not the database. Unless that has changed in later releases, you have to set up your own database for BeyondTrust Password Safe. I find that part complex because we then need the expertise and help of the database team to set it up, which also increases the deployment time. If they can deploy the database, it will reduce the deployment time."
"The only feature they could improve is the banners because they aren't informative. For example, if something is not correct and I open the error notification, the dialogue box simply says, "This is an error." It would be great if they could provide some valuable comments about how to fix the errors."
"We don't have much control over the appliance. When anything happens in the backend, we have to depend on the support team. We need to raise a case so that they can update the appliance. If we have control over it, we would be able to troubleshoot easily."
"Named accounts don't work well in this solution. If you use named accounts for your administrative access, the way Smart Rules work is that it takes your SAM account name and matches it to the account name of your privileged ID, which creates limitations on size and how big those names can be because the directory has a 20-character limit."
"There is a limited capacity on the appliance, which I wasn't informed about when I purchased the product. I can have a maximum of 150 rules per appliance; any more than that and rule processing becomes very complex, especially regarding password revision. Hitting a capacity limit you don't know about can be problematic. Ideally, we would not have a limited capacity, allowing us to be in a completely managed state with password rotation for every service account, not just the highly privileged ones."
"The database instance onboarding should be simplified. The problem is that you can scan the assets and databases inside a server, but you cannot onboard them or manage them with the smart tools. It has to be done manually. I think they should try to include more custom platforms."
"We'd like to have incremental backups to ensure the solution's information is protected regularly."
"I think that BeyondTrust Password Safe could be improved with more testing. In the beginning, they were practically using customers as beta testers. Maybe the product has evolved since I last used it, but if you look at PAM, privileged access management, whatever's out there has already been done. I don't see there being any other enhancements that are being made regarding PAM, except to support more cloud-based applications."
Azure Key Vault is ranked 1st in Enterprise Password Managers with 46 reviews while BeyondTrust Password Safe is ranked 5th in Enterprise Password Managers with 19 reviews. Azure Key Vault is rated 8.6, while BeyondTrust Password Safe is rated 7.6. The top reviewer of Azure Key Vault writes "Allows us to securely store our keys to prevent unauthorized access to unwanted users". On the other hand, the top reviewer of BeyondTrust Password Safe writes "Allows us to automatically rotate passwords, set the complexity, and enforce password policies on privileged accounts". Azure Key Vault is most compared with AWS Secrets Manager, HashiCorp Vault, CyberArk Enterprise Password Vault, AWS Certificate Manager and Microsoft Entra ID, whereas BeyondTrust Password Safe is most compared with HashiCorp Vault, LastPass, BeyondTrust Privileged Remote Access, Delinea Secret Server and CyberArk Enterprise Password Vault. See our Azure Key Vault vs. BeyondTrust Password Safe report.
See our list of best Enterprise Password Managers vendors.
We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.