We performed a comparison between Check Point SandBlast Network and CyberArk Privileged Access Manager based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Preventing zero-day threats and extracting potential threats from incoming files with Threat Extraction is the most valuable feature for us."
"It provides a high rate of catching the zero-day advanced threats."
"The Check Point SandBlast Network uses caching and static analysis to actually reduce the time it takes to scan and isolate the same file for incoming data compromises."
"The most valuable feature of Check Point SandBlast Network is the sandboxing of PDF and Microsoft system files."
"Threat extraction can help us to remove malicious content from documents by converting them to PDF."
"It enables my IT system to apply threat detection intelligence and diffuse the endpoint and potential threat attacks and phishing attacks onto the system in the most proactive and secure manner."
"The forensics reports and the ability to sandbox malware are its most valuable features."
"Check Point SandBlast Network Solution provides signature-based as well as zero-day threat protection. Also sandboxing can be performed on an on-premise device, cloud as well as the combination of both. Threat emulation is done on multiple OS & verdict is provided."
"On the EBB user side, we were able to secure all the server root passwords and admin for Windows. This was a big win for us."
"CyberArk has helped us to identify, store, protect, and monitor the usage of privileged accounts."
"CyberArk Privileged Access Manager is stable."
"Within the solution, I love the fact that everything is recorded. The configuration capabilities are great, too."
"It takes people out of the machine work of ensuring credentials remain up-to-date, and handles connection brokering such that human usage and credential management remain independent."
"AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials."
"The password vault and session monitoring are useful."
"We are able to centrally manage credentials, touch applications, and rotate passwords."
"Many Important controls are only available in CLI & very very complicated. All tecli command features should available on GUI so that it will become easy for normal users to monitor & control queue."
"Using it in the beginning was difficult because I had never used anything similar. In terms of navigating the UI, it was all not too bad, but there is definitely a learning curve."
"I am very leery right now about the stability. We've had three outages in the last month because of Check Point, not because of something that the customer has done, but because of changes on the Check Point side."
"I think Check Point provides standard time which ideally most other vendors take to identify behaviors of a file by sending them into a sandbox environment for inspection."
"The management of alerts could improve them a bit - especially in event management."
"The file types that can be scanned are limited, which means that if the file type is not listed or enabled for the sandbox, they are bypassed and it can lead to a security issue."
"The guides or best practices of Check Point are difficult to find for the client. Therefore, it is sometimes difficult to make better implementations."
"I would like if it could emulate bigger files and somehow improve this usability. I don't know if this would be possible. However, if it was able to scan or emulate bigger files, then it would be safer for a company using it."
"In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."
"The tool’s pricing and scalability can be better."
"Initial setup is complex. Lots of architecture, lots of planning, and lots of education and training are needed."
"Over the past seven years, I have seen a lot of ups and downs with the product."
"There is a bit of a learning curve, but it's a pretty complex solution."
"Tech support staff can be more proactive."
"There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
"Integration with the ticketing system should allow any number of fields to be used for validation before allowing a user to be evaluated and able to access a server."
More Check Point SandBlast Network Pricing and Cost Advice →
More CyberArk Privileged Access Manager Pricing and Cost Advice →
Check Point SandBlast Network is ranked 8th in Advanced Threat Protection (ATP) with 33 reviews while CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews. Check Point SandBlast Network is rated 8.4, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of Check Point SandBlast Network writes "High detection with few false positives and able to handle large volumes of data". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". Check Point SandBlast Network is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox, Microsoft Defender for Office 365, Cisco Secure Network Analytics and Trellix Network Detection and Response, whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard. See our Check Point SandBlast Network vs. CyberArk Privileged Access Manager report.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
