CyberArk Privileged Access Manager Competitors and Alternatives

Get our free report covering BeyondTrust, Thycotic, Microsoft, and other competitors of CyberArk Privileged Access Manager. Updated: May 2021.
510,534 professionals have used our research since 2012.

Read reviews of CyberArk Privileged Access Manager competitors and alternatives

RI
VP Risk Management at a financial services firm with 1,001-5,000 employees
Real User
We can record everything third-party vendors do to ensure that they're only doing the needed changes

What is our primary use case?

The three main use cases that we have are: * Ensure our human and non-human privilege accounts are locked up in a password vault. * Have workflows to handle the major types of usage, such as break glass and business as usual. * Changes in usage of the credentials are tied into approved change requests. These drive our first goal to take all our privileged users on the help desk, our local accounts on our desktops, our servers (web servers, app servers, or database servers), and individuals in our network group who do our firewalls, then migrate all these human accounts into Safeguard Password… more »

Pros and Cons

  • "We are able to log and get reporting on all privileged activity that is being performed. We like the fact that we can leverage the session recording feature, which is especially valuable when we're dealing with third-party vendors that have to remote into our our boxes and servers to do any work on behalf of the bank. Now, we can record everything they are doing to ensure that they're only doing the changes that were needed. In addition, we use it to leverage knowledge transfer with our internal staff."
  • "Some of the out-of-the-box reporting isn't that rich. We spoke to our Safeguard reps who have acknowledged that some of the reporting features can certainly be improved and that we're not the only customer who has cited this. There are very little out-of-the-box reporting capabilities. You have to build the queries and the report. I believe in the next release they're going to be addressing this."

What other advice do I have?

The solution is part of our identity and access management product. We use Saviynt as our identity, governance and administrative tool. We certify all privilege accounts on a schedule basis. There is some integration with our identity and access management platform/program at the bank. It allows us to be in a position where we can identify and detect as well as prevent any type of privilege act that's being used as a threat at the bank. The integration was easy. It didn't pose any problems. We have had a mixed bag regarding the solution’s usability and functionality. We have had some people…
GJ
PAM Architect at a tech services company with 11-50 employees
Real User
Top 5Leaderboard
A stable, scalable, and easy-to-deploy solution that can track malicious use or send analytics to a host

What is our primary use case?

We are an integrator, and we do a lot of Identity and Access Management and Privileged Identity. I am only just getting into this solution. I am not trained in it, but I've been reading about it. I have recommended it for a client based on their requirements and based on what I know about CyberArk versus a couple of others. I have not implemented it yet. I have the agent running on the system where I am actually profiled. I have its latest version. In terms of use case, it primarily has two things, and you can choose whatever you want in the middle. One side is that you can use it to allow the… more »

Pros and Cons

  • "What I liked about this solution is that it can also integrate for tracking malicious use or sending analytics to a host that can process them. I don't know if CyberArk, Centrify, or Thycotic can do that. The analytics was something the client really wanted, and they already had BeyondTrust. It is very scalable. The agent on the workstation is very thin, and the processing power required on a server is nothing out of the ordinary. It is also very stable and easy to deploy."
  • "What's bothering me, which is true of all of them, is that sometimes, the error codes that come up don't necessarily get reflected in the searches within their support sites or they're out of date. I would rather search by an error code than type in the text and search for it by text because the error code means that it is programmatic, and it is known. It might not be desired, but it at least is not unexpected. If you don't have an error code, you just get an anomalous error, and if it is lengthy, it can be difficult to search and find the specific instance you're looking for. This is something I would like all of them to improve. BeyondTrust, CyberArk, Centrify, and Thycotic could do some improvements in staying up to date and actually allowing you to search based on the product version. They are assuming that everybody is on their way to release. They put out a new release, but it is not reflected on the support site, which makes no sense to me, especially when they revamp all the error codes. They all have been guilty of this in some way."

What other advice do I have?

I would rate BeyondTrust Endpoint Privilege Management a nine out of ten.
Executive Director at Semaphore
Real User
Excellent access management that can serve very large networks

What is our primary use case?

The primary use case is managing access for user groups and individuals in a very large environment.

Pros and Cons

  • "The GUI interface is well-designed and user-friendly."
  • "This product is excellent in every way except minor details in handling extremely large environments."

What other advice do I have?

On a scale from one to ten where one is the worst and ten is the best, I would rate Thycotic as probably a nine. That is only because I have to rank them slightly lower after we decided to make the switch to CyberArk, and replacing a product that is a ten would not make a lot of sense. So a nine-out-of-ten it is. Thycotic is a product that is so friendly that it can be used by nearly anyone and everyone, and that is a good place to be. As for the limitations in a very large environment, Thycotic could invest in making changes in the product to handle structuring in a segmented way. It would be…
RSSI at a comms service provider with 10,001+ employees
Real User
Top 20
Great video recording capabilities, but some performance issues need to be addressed

What is our primary use case?

Within our company, there are roughly 200 employees that use this solution, including partners and outsourced employees. There are two of us that handle all maintenance-related issues.

Pros and Cons

  • "Its video recording capabilities have definitely been key for us."
  • "For me, the main issue has to do with the system performance itself."

What other advice do I have?

I wouldn't advise others to start with a huge license. Overall, on a scale from one to ten, I would give this solution a rating of seven. There are some features we have not tested yet like two-factor authentication. If I had, maybe I could give it a higher rating. For me, the main issue has to do with the system performance itself. If you don't size it properly, it will be very difficult to handle. We bought our licenses based on the number of devices that we can manage, but it seems like we have a limitation on the number of people that can gain access, which has been pretty difficult to…
Get our free report covering BeyondTrust, Thycotic, Microsoft, and other competitors of CyberArk Privileged Access Manager. Updated: May 2021.
510,534 professionals have used our research since 2012.