Please share with the community what you think needs improvement with Thycotic Secret Server.
What are its weaknesses? What would you like to see changed in a future version?
If you look at Thycotic, it is a great product that has pretty much all the same features as CyberArk — which will be replacing it. There is not much difference between the two. We will be switching away from using Thycotic, however, before the end of the year. The catalyst for the change was a formal comparison of the two products that we did using each to evaluate how we would use it in solving actual use case issues. In the presentation of the scoring over specific categories, CyberArk had slightly better professional service marks and the same price. Besides that, the two products were neck-and-neck and almost identical in the scoring. CyberArk just came out just a little bit better than Thycotic in the details, and not by much at all. Be that as it may, the formal comparison is the reason for the change.
There are some things that I know are really important to include like A/B version features that are available in Windows. I would say that they should be included in the road map.
The solution is very good at improving based on customer feedback. If, for example, a customer asks for updated functionality, the next version will likely fit the requirements or requests. They're very responsive in that sense. There could be tweaks here and there. For example, instead of going to one main function to do this and another main function to do that, the solution could remap the user interface so that a person only has to go through one function. The way that function branches off should make a bit more sense. I'd like to see more automation on parts of the solution that cover APIs and disk space. There should be more automation in terms of what's out-of-the-box. It would help some customers as not all of them are knowledgable and well-skilled. It would make it easier for the layman.
They need to open a data center in Malaysia so that we can better provide cloud-based services to our customers. I would like to see more training sessions made available online. Having more detailed reporting would improve this solution.
I think the services could be improved by making it more 'friendly.' Documentation could be improved if they were to include more about connectors. Technically speaking, and in comparison to other software such as CyberArk, the documentation was not enough. CyberArk has extensive documentation and I believe Thycotic doesn't have enough. The same applies for additional features - improved documentation in the next release would be helpful.
I would like to see the shadowing of ongoing terminal sessions (Remote Desktop Mirroring). Recording of keyboards in the current Remote Desktop session would be a helpful feature.
I don't know what kind of a cryptographic it uses to encrypt the password but it should be one of the stronger ones. Some of the cryptos have been accessed by hackers. The encryption algorithm that they use is weak and could be hacked.
We could definitely use some help with API tokenization. If we had a way to store tokens that would be fabulous.
One of the things that we want is to be able to do some of the management of it using APIs. Also, their release schedule is slower than I would like. A better release cadence, more frequent releases, would be better, even if they were smaller.