CyberArk Endpoint Privilege Manager Benefits

WarranGrin
Enterprise Cyber Security Advisor at a energy/utilities company with 5,001-10,000 employees
Day-to-day, normally when administrative access is required for a user, they have a UAC prompt that comes up and they have to click yes or no. When we whitelist an application, it automatically elevates, so it's one less click for the user. It's improving efficiency and it's making it easier for them, at the end of the day. The tool has great functionality in reducing risk in the environment, especially if an endpoint is compromised. It reduces pass-the-hash and same-account harvesting. And if something were to happen, we would be able to report on that right away and let the SOC know. In terms of removing local admin credentials on the endpoint and the effect on the size of the attack surface in our organization, it has drastically reduced the attack surface for local administrative rights and the chance of escalation of privilege. We've removed, at this point, close to 98 percent of the local administrative accounts on workstations. If there were an incident, it would stop at that point and we'd be able to know. We have also been able to reduce the number of local admins. We originally scoped out to only have a certain number of licenses for the software and we have reduced it significantly from what we thought we would need, purely based on a policy perspective and who actually really needs some administrative access. View full review »
Uchechukwu Ukazu
Tech Support at a tech services company with 11-50 employees
Prior to using this solution, we did not know where our accounts were being created. The DNS scanning is a very good tool that allows us to manage existing accounts. View full review »
Find out what your peers are saying about CyberArk, Carbon Black, CrowdStrike and others in Endpoint Protection (EPP) for Business. Updated: May 2020.
418,901 professionals have used our research since 2012.