We performed a comparison between BeyondTrust Endpoint Privilege Management and CyberArk Privileged Access Manager based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"I find the solution’s features like section management, password management, and analytics valuable."
"It is straightforward. It is a good technology, and it is made to do one single thing."
"I find the comprehensive Privilege Access Management features valuable, including automation, and the ability to integrate with applications and the Windows operating system."
"BeyondTrust has very good integrations with quite a lot of security vendors such as SailPoint, IBM, FortiGuard, Splunk, etc."
"The tool is easy to use and deploy. It has PAM capabilities like privilege access. The solution helps with the management of third parties and vendors. It is an effective solution compared to other alternatives."
"Scalability is good. I would rate the scalability a nine out of ten."
"The notable aspect is its ability to capture the application's behavior comprehensively and this thorough analysis is crucial for effective policy management."
"It scales easily and the product is stable."
"It takes people out of the machine work of ensuring credentials remain up-to-date, and handles connection brokering such that human usage and credential management remain independent."
"It's secure and reliable. I especially appreciate that it's locked down and only allows access to authorized components."
"Automatic password management, which will automatically change passwords based on compliance requirements."
"The established sessions on the target systems are fully isolated and the privileged account credentials are never exposed to the end-users or their client applications and devices."
"The automatic password management is the most important feature. The second most important feature is the ability to enforce dual control on the release of those passwords. The combination of these two features is the most important thing for us because we can show that we're in control of who uses any non-personal account, and when they do so."
"DVR like video recording and text-based recording for easier audits."
"We are able to rotate privileged user passwords to eliminate fraudulent use."
"Rather than multiple tools for maintaining regulatory compliance around passwords and privileged accounts, we have centralized as much as possible with CyberArk. This is now a one stop shop for end users to access their elevated credentials."
"What's bothering me, which is true of all of them, is that sometimes, the error codes that come up don't necessarily get reflected in the searches within their support sites or they're out of date. I would rather search by an error code than type in the text and search for it by text because the error code means that it is programmatic, and it is known. It might not be desired, but it at least is not unexpected. If you don't have an error code, you just get an anomalous error, and if it is lengthy, it can be difficult to search and find the specific instance you're looking for. This is something I would like all of them to improve. BeyondTrust, CyberArk, Centrify, and Thycotic could do some improvements in staying up to date and actually allowing you to search based on the product version. They are assuming that everybody is on their way to release. They put out a new release, but it is not reflected on the support site, which makes no sense to me, especially when they revamp all the error codes. They all have been guilty of this in some way."
"Reporting analytics is one of the areas that can be improved. It is a new cloud-based solution. So, many more specific reports can come out natively. Currently, we get all the events, and we put them in plug-ins. From there, we generate our own design of reports. If there is a much more solid or robust reporting analytics framework within the product itself, it would be helpful."
"The deployment process should be clarified or made simpler. It would be helpful if the solution had in-app tutorials for users to look at as they progress through the system. Sometimes we get lost and need to go back to check what exactly the function was. There should be small hints around major key functions. It would go a long way in speeding up the deployment process."
"Its feature for establishing workflows needs improvement."
"It should support XWindows Remote Desktop Access protocol for Linux/Unix."
"There are three types of endpoints. If we need to use them in the solution, then we need to purchase the licenses separately. The tool needs to improve its licensing."
"The product should improve its price."
"The other area to improve is that they rely on MS SQL servers only. You cannot have any other database behind them. They have to be on MS SQL. If they can do something about these issues, this would be a better alternative for some customers."
"The web access piece needs improvement. We have version 9.5 or 9.9.5, and now we have to upgrade to version 10."
"The admin interface of the Password Vault Web Access (PVWA) is moving from an old style (the classic interface) to a new style (the v10 interface) and unfortunately, this process is quite slow."
"This is probably a common thing, but they do ask for a lot of log files, a lot of information. They ask you to provide a lot of information to them before they're willing to give you anything at all upfront. It would be better if they were a little more give-and-take upfront: "Why don't you try these couple of things while we take your log files and stuff and go research them?" A little bit of that might be more helpful."
"The tool’s pricing and scalability can be better."
"CyberArk has to continue to evolve with that threat landscape to make sure that they're still protecting those credentials that are owned by those that have privileged accounts in the firms."
"It is easily customized, and that customization makes it very easy to start trying to shoehorn the solution into roles it was never intended to fill."
"I'd like to see a more expansive SSH tunneling situation through PSMP. Right now you have an account that exists in the vault and you say, "I want to create a tunnel using this account." I'd like to see something that is not account-based where I could say, "I want to create a tunnel to this machine over here," and then authenticate through the PSMP and then your tunnel is set up. You wouldn't need to then authenticate to a machine."
"Many of the infrastructure folks who use the product dislike it because it complicates their workflow. They get a little less control, and they have to go through a specific solution. It proactively logs in for them, which obfuscates some of the issues that they may be troubleshooting."
More BeyondTrust Endpoint Privilege Management Pricing and Cost Advice →
More CyberArk Privileged Access Manager Pricing and Cost Advice →
BeyondTrust Endpoint Privilege Management is ranked 4th in Privileged Access Management (PAM) with 27 reviews while CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews. BeyondTrust Endpoint Privilege Management is rated 8.0, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of BeyondTrust Endpoint Privilege Management writes "Admin rights can be granted and revoked within minutes and that is what everything comes down to, for us". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". BeyondTrust Endpoint Privilege Management is most compared with CyberArk Endpoint Privilege Manager, Cisco ISE (Identity Services Engine), Delinea Secret Server, ARCON Privileged Access Management and Microsoft Defender for Endpoint, whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard. See our BeyondTrust Endpoint Privilege Management vs. CyberArk Privileged Access Manager report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
