We performed a comparison between BeyondTrust Endpoint Privilege Management and CyberArk Endpoint Privilege Manager based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The implementation is quite easy because the documents are always online."
"The notable aspect is its ability to capture the application's behavior comprehensively and this thorough analysis is crucial for effective policy management."
"It scales easily and the product is stable."
"The privileged access and the application control are helpful in making sure we have good, robust challenge responses. Blacklisting with trusted application protection is also beneficial for us."
"I'm a BeyondTrust partner and I have multiple deployments, four or five banks right now. The features that give us quite an edge compared to what our competitors are offering - like IBM or Thycotic - are the Session Management, that is quite a big one; also the recording of keystrokes. In addition, there is the password vaulting and state-of-the-art Password Management, which I haven't seen in other products."
"I find the solution’s features like section management, password management, and analytics valuable."
"I would say session management on the go is the most valuable feature. When the session is going on, you can stop the session without terminating it for justification. You can cancel it. The recording takes very little space. Those are some things which the customers are worried about when they talk about session recording."
"The tool is easy to use and deploy. It has PAM capabilities like privilege access. The solution helps with the management of third parties and vendors. It is an effective solution compared to other alternatives."
"The most valuable feature of CyberArk Endpoint Privilege Manager is its high performance, it's the best identity security platform. The security is good. It's easy to showcase the feature and capabilities and compare it with other competitors. It competes well with other solutions. Additionally, it is a complete solution."
"I have always found that CyberArk is a very tight, foolproof product compared to most other products available."
"You can use it to strip users of their local admin rights and, at the same time, elevate applications for them."
"The solution's technical support is good."
"It offers great performance."
"The feature called PTA, which stands for Privileged Threat Analytics keeps track of what admins are doing and works with Centimeters. If something fishy is going on with a user's credentials, it alerts the security team so they can act fast. Plus, it automates stuff like resetting credentials or blocking users. So, if there's a potential hack, CyberArk can change passwords and lock out users in a snap. It also gives you a heads-up if anything unusual is going on with server activities, like someone creating new users with uncontrolled credentials."
"I like that you can remove the admin rights from the user's computer and have control over the environment. That means you can delete the local admins and grant them proper privileges with the console. So, they will get proper permissions for applications they need, but we don't have to do it. In the domain where we don't have control, the user can only do specified actions, but not all of them."
"CyberArk Endpoint Privilege Manager (EPM) 's most valuable feature is its ability to manage user application privileges and protect against ransomware attacks by controlling access to specific files and applications."
"The help system should be improved to provide a quick help guide with each tab within the solution, which explains what each particular function does."
"The program updates are very rare and the frequency is too far apart to take care of bug fixes and adding the latest features."
"They are doing good for now, but they should start to consider tight integration with Mac solutions. There should be more integration with Mac. There should be Active Directory (AD) Bridging. Thycotic and Centrify have it currently because they merged and joined forces, and it was a feature available in Centrify. So, basically, they joined forces to create a kind of perfect product. If you have a hybrid or mixed environment with Windows and Mac, your Active Directory can only manage or enforce policies on Windows, but what about your Mac devices? How do you control them? So, AD Bridging will act as a bridge to bring all your Mac devices into your Active Directory. This way you have full control over your entire environment."
"Reports to the end user."
"The product should improve its price."
"There is room for improvement in having the solution align more with standards. We're always shoehorning the product into the standards. It's not that it doesn't work for standards, it does. But Quick Start Policies are pretty close to what we need. The vendor needs to keep looking at GDPR, 27001, and 27701. That's why our clients buy the product."
"Reporting analytics is one of the areas that can be improved. It is a new cloud-based solution. So, many more specific reports can come out natively. Currently, we get all the events, and we put them in plug-ins. From there, we generate our own design of reports. If there is a much more solid or robust reporting analytics framework within the product itself, it would be helpful."
"What's bothering me, which is true of all of them, is that sometimes, the error codes that come up don't necessarily get reflected in the searches within their support sites or they're out of date. I would rather search by an error code than type in the text and search for it by text because the error code means that it is programmatic, and it is known. It might not be desired, but it at least is not unexpected. If you don't have an error code, you just get an anomalous error, and if it is lengthy, it can be difficult to search and find the specific instance you're looking for. This is something I would like all of them to improve. BeyondTrust, CyberArk, Centrify, and Thycotic could do some improvements in staying up to date and actually allowing you to search based on the product version. They are assuming that everybody is on their way to release. They put out a new release, but it is not reflected on the support site, which makes no sense to me, especially when they revamp all the error codes. They all have been guilty of this in some way."
"The solution can be complex to use at times."
"It cannot be on-prem. It is only cloud-based. Sometimes, that's a restriction in terms of usage."
"The product needs a streamlined user interface; improvements to the user interface can enhance user experience and make the solution more intuitive to navigate."
"The solution is very expensive."
"The price of the product is an area of concern where improvements are required. The product's price should be made more flexible."
"The solution's pricing could be better."
"Can be improved by allowing computers to be excluded from policies."
"The tool should be more user-friendly."
More BeyondTrust Endpoint Privilege Management Pricing and Cost Advice →
More CyberArk Endpoint Privilege Manager Pricing and Cost Advice →
BeyondTrust Endpoint Privilege Management is ranked 5th in Privileged Access Management (PAM) with 27 reviews while CyberArk Endpoint Privilege Manager is ranked 6th in Privileged Access Management (PAM) with 28 reviews. BeyondTrust Endpoint Privilege Management is rated 8.0, while CyberArk Endpoint Privilege Manager is rated 8.2. The top reviewer of BeyondTrust Endpoint Privilege Management writes "Admin rights can be granted and revoked within minutes and that is what everything comes down to, for us". On the other hand, the top reviewer of CyberArk Endpoint Privilege Manager writes "Offers integrated solutions and expands its capabilities through strategic acquisitions". BeyondTrust Endpoint Privilege Management is most compared with Cisco ISE (Identity Services Engine), CyberArk Privileged Access Manager, Delinea Secret Server, ARCON Privileged Access Management and Microsoft Defender for Endpoint, whereas CyberArk Endpoint Privilege Manager is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, CyberArk Privileged Access Manager, Tanium and SentinelOne Singularity Complete. See our BeyondTrust Endpoint Privilege Management vs. CyberArk Endpoint Privilege Manager report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
