We just raised a $30M Series A: Read our story

CyberArk Endpoint Privilege Manager OverviewUNIXBusinessApplication

CyberArk Endpoint Privilege Manager is the #29 ranked solution in our list of endpoint security software. It is most often compared to BeyondTrust Endpoint Privilege Management: CyberArk Endpoint Privilege Manager vs BeyondTrust Endpoint Privilege Management

What is CyberArk Endpoint Privilege Manager?

CyberArk Endpoint Privilege Manager enables organizations to enforce least privilege policies for business and administrative users, as well as control applications to reduce the attack surface without halting productivity. The solution helps organizations revoke everyday local administrator privileges from business users while seamlessly elevating privileges when required by trusted applications. CyberArk Endpoint Privilege Manager also enables security teams to enforce granular least privilege policies for IT administrators, helping organizations effectively segregate duties on Windows servers. Complementing these privilege controls, the solution also delivers application controls, which are designed to manage and control which applications are permitted to run on endpoints and servers and prevent malicious applications from penetrating the environment.

CyberArk Endpoint Privilege Manager is also known as Viewfinity.

CyberArk Endpoint Privilege Manager Buyer's Guide

Download the CyberArk Endpoint Privilege Manager Buyer's Guide including reviews and more. Updated: October 2021

CyberArk Endpoint Privilege Manager Customers

Clearstream, McKesson, Boston Childrens Hospital

CyberArk Endpoint Privilege Manager Video

Archived CyberArk Endpoint Privilege Manager Reviews (more than two years old)

Filter by:
Filter Reviews
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
Filter Unavailable
Filter Unavailable
Order by:
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Showingreviews based on the current filters. Reset all filters
Uchechukwu Ukazu
Tech Support at a tech services company with 11-50 employees
Real User
DNS Scanning allows for the reporting of account location information

Pros and Cons

  • "This is the number one product for privilege account security."
  • "For an experienced system implementer it will take approximately one day. However, for somebody who is inexperienced it may take up to five days."

What is our primary use case?

Our primary use case for this solution is to manage enterprise passwords and monitor session connections.

How has it helped my organization?

Prior to using this solution, we did not know where our accounts were being created. The DNS scanning is a very good tool that allows us to manage existing accounts.

What is most valuable?

While I find all of the features valuable, one of them that stands out is the DNS scanning. This provides information with respect to the locations of accounts that are created. We then get an overview of the location information. 

What needs improvement?

What I would really like to see improved is the AIM (Application Identity Manager). I think that it could be simpler to use, and much more straight forward.

In terms of additional features, I cannot think of any that I would like to see implemented at the moment.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

I find the product to be very stable.

What do I think about the scalability of the solution?

This product is very, very scalable. Currently we have about one hundred users, and we have plans to increase the usage.

How are customer service and technical support?

I found the technical support to be good. They are always available and ready to answer questions and provide support.

Which solution did I use previously and why did I switch?

No, beyond evaluating other solutions we did not use a different one.

How was the initial setup?

I found the initial setup to be quite complex. You really have to pay attention to detail during the process, because any mistake will render the installation and setup useless.

For an experienced system implementer it will take approximately one day. However, for somebody who is inexperienced it may take up to five days.

Once the deployment is complete, no staff is required for maintaining the solution. Everything is pretty much straight forward.

What about the implementation team?

We take care of the implementation for our customers.

What was our ROI?

We have indeed seen a return on investment with this solution. I cannot put a monetary value on it, but it is valuable information that we are protecting. If it were to be leaked then it would result in damage to reputation, as well as a loss in confidence.

What's my experience with pricing, setup cost, and licensing?

As I am the technical contact for this product, I do not have direct knowledge of the pricing. However, I can say that the licensing for this solution is based on the number of APV (privileged users), and the number of sessions that you want to record.

Which other solutions did I evaluate?

Yes, we evaluated three other products before choosing this one. They were Security from CA, BeyondTrust, and ObserveIT.

What other advice do I have?

This is the number one product for privilege account security.

I suggest getting the best help available when it comes time to implement and deploy this solution. Once this is complete, everything else will fall into place.

I would rate this product eight out of ten. It is very good, but there is always room for improvement.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Information Security Senior Engineer at a tech vendor with 10,001+ employees
It identifies the original source, and all instances of malicious applications in the environment​​.

Valuable Features

It has removed the need for the local admin.

Improvements to My Organization

It identifies the original source, and all instances of malicious applications in the environment.

Room for Improvement

Some technical admins create crazy rules, which allow the staff to run anything they want. Currently I'm reviewing our Viewfinity rules and I have noticed different kinds of rules, such as permitting any installation from "download folder." I would suggest that Viewfinity add a new feature which refuses these rules.

Use of Solution

I've used it for four years.

Deployment Issues

There have been no issues with the deployment.

Stability Issues

There have been no issues with its stability.

Scalability Issues

There have been no issues with the scalability.

Customer Service and Technical Support

Customer Service:


Technical Support:


Initial Setup

It was complex to introduction the product to the end-users and the technical team.


We have better product management, review, and the training of our admins.

Other Solutions Considered

We're comparing Viewfinity to Bit9.

Other Advice

Keep the product managed by specialists and create global rules.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free CyberArk Endpoint Privilege Manager Report and get advice and tips from experienced pros sharing their opinions.