We performed a comparison between BeyondTrust Privileged Remote Access and CyberArk Privileged Access Manager based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's a stable product. Based on the demos and interaction with it, it was stable."
"I like all of it. You can access computers that are on a DMZ. You can access computers that are off the network and on the network. You pretty much have access to computers wherever they are. As long as they have the client on them, you can get to them. So, it is convenient, but its main feature is that you can use your smart card to elevate your privileges remotely. That's a great feature."
"It is a real fortress. Its security is very strong. Multi-factor came as a feature out-of-the-box, which was big for us. That helps us meet another compliance requirement. It enforces encryption. Nobody can see what we are doing in our remote system if they happen to be listening for unencrypted traffic. That is its biggest strength."
"This product is very stable and scalable. This is an excellent platform."
"The project goal was to allow staff to run applications with admin privileges without being admins, which was the product's most important feature."
"When it comes to the Privileged Remote Access (PRA) solution, instead of depending on a VPN client, from Cisco or any other vendor, we can directly use this product from the internet. It is very easy to do the implementation, and it is easy for every user to access the server from outside of their organization. They can open the URL and put their name and password, and it'll do the multi-factor authentication. They can easily access the server. Prior to this solution, the users had to log into the VPN, which is not required with BeyondTrust. Now, they can use their computer over the internet."
"Its initial setup process is straightforward."
"The most valuable feature is that this solution can be implemented regardless of the operating system."
"Automatic password management, which will automatically change passwords based on compliance requirements."
"We also use CyberArk’s Secrets Manager. Because AWS is the biggest area for us, we have accounts in AWS that are being rotated by CyberArk. We also have a manual process for the most sensitive of our AWS accounts, like root accounts. We've used Secrets Manager on those and that has resulted in a significant risk reduction, as well."
"The automatic rotation of credentials is probably the most useful feature."
"I really like the PTA (Privileged Threat Analytics). I find this the best feature."
"It is a robust product."
"It provides an accountability to the individuals who are using it, knowing that it is audited and tracked."
"It has the ability to scale out. We have scaled out quite a bit with our product and use of it to get to multiple locations and businesses, so it has the breadth to do that."
"We have demoted a lot of domain admins and taken a lot of that away from people, giving it a shared account structure."
"Some of the capabilities in the solution were not as available or not as outstanding as CyberArk. We had to manage whatever little was available for us, especially its recording capabilities, logs, and a number of things."
"The integration client, backup solution, and SSO setup and provisioning could be improved. There isn't any documented or supported user provisioning currently, which slows down the processes of onboarding and assigning permissions. I would like to see this improved soon."
"Its access process for third-party vendors needs to be simplified."
"The issue I found with the product revolves around the fact that RDP and SSH sessions take too much time, making it an area of concern where improvements are required."
"At the moment, I don't see any major problems with it. If anything, they can just change the look and feel of the login screen because it looks too simple to me. It does not have so much information. When you get to the login screen of the solution, you should have more information. We also have BeyondTrust Remote Support, and the login page looks similar to BeyondTrust Privilege Remote Access. I would love to see more rich information on the login screen or landing page so that rather than having a regular sign-in screen or page where you just provide a username and password and get into the solution, you should have more insight into what the solution does. I've mentioned this to them every time I have had an opportunity."
"Multiple areas can be improved. We've seen lots of updates in the past year. They have a portal where we can submit our ideas. BeyondTrust is immediately implementing user suggestions. The UI could be more informative. Initially, there were two or three connectors, and now we have five or six. It would be nice if they added a few more connectors for third-party integration. There are multiple tools, but the clients may require more for their convenience."
"Its management is through two different portals, and you can't get from one portal to the other. I have to literally open up another website and go into it a different way. There are no inner links between the two. They should interlink the actual virtual server and the appliance. In general, there should be one interface for management for admins."
"One of our gaps or pain points is having multi-factor authentication at the endpoint and using the PRA password injection from BeyondTrust, which does not work in our environment. We can only have MFA at the login of BeyondTrust to check out the password. Therefore, we can't meet our security requirements of having it on the endpoint."
"CyberArk PAM could greatly benefit from an under-the-hood update; integrating machine learning algorithms could provide predictive insights."
"One of the main things that could be improved would be filtering accounts on the main page and increasing the functionality of the filters. There are some filters on the side which are very specific, but I feel there could be more."
"The documentation is rather basic and it is missing many use cases."
"The initial setup of CyberArk Privileged Access Manager difficulty depends on the environment that you are implementing it into. However, it typically is simple."
"Initial setup is complex. Lots of architecture, lots of planning, and lots of education and training are needed."
"CyberArk Privileged Access Manager could improve the integration with other solutions and ease of use. Additionally, there should be a feature to have remote connections without a VPN."
"We had an issue with the Copy feature... Apparently, in version 10, that Copy feature does not work. You actually have to click Show and then copy the password from within Show and then paste it. We've had a million tickets and we had to figure out a workaround to it."
"We would, of course, always prefer it if the pricing was cheaper."
More BeyondTrust Privileged Remote Access Pricing and Cost Advice →
More CyberArk Privileged Access Manager Pricing and Cost Advice →
BeyondTrust Privileged Remote Access is ranked 3rd in Privileged Access Management (PAM) with 21 reviews while CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews. BeyondTrust Privileged Remote Access is rated 8.6, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of BeyondTrust Privileged Remote Access writes "Our support team can do so much more without having to actively engage our customers, which saves us time and money". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". BeyondTrust Privileged Remote Access is most compared with BeyondTrust Remote Support, BeyondTrust Password Safe, WALLIX Bastion, Citrix DaaS (formerly Citrix Virtual Apps and Desktops service) and Apache Guacamole, whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server and WALLIX Bastion. See our BeyondTrust Privileged Remote Access vs. CyberArk Privileged Access Manager report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hello Avinash, it all depends on the timeline and urgency of the project. If you need to deploy a PAM tool that focuses on standing privileges, stopping lateral movement, and incorporating Zero Standing Privileges as part of Zero Trust, then please consider looking at Remediant. I've worked for BeyondTrust and have gone up against the other big players such as Delinea, Centrify, CyberArk, and HashiCorp. They more or less all offer similar solutions, but looking at your current requirements, Remediant really excels in delivering a simple, yet very effective tool in a matter of days and weeks, not months and years.