BeyondTrust Endpoint Privilege Management vs CyberArk Privileged Access Manager comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between BeyondTrust Endpoint Privilege Management and CyberArk Privileged Access Manager based on real PeerSpot user reviews.

Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
765,234 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The features related to application elevate is amazing. It helped the company to remove almost all admin local users.""I'm a BeyondTrust partner and I have multiple deployments, four or five banks right now. The features that give us quite an edge compared to what our competitors are offering - like IBM or Thycotic - are the Session Management, that is quite a big one; also the recording of keystrokes. In addition, there is the password vaulting and state-of-the-art Password Management, which I haven't seen in other products.""The privileged access and the application control are helpful in making sure we have good, robust challenge responses. Blacklisting with trusted application protection is also beneficial for us.""The solution's technical support is good.""The privileged access management into sensitive systems is very valuable. That includes control from the endpoint all the way through to the managing of passwords and credentials that are used by the person to access the sensitive information. It's very useful, because nobody ever really maintains passwords for those endpoint systems. It's maintained in the Dropbox password file.""BeyondTrust has very good integrations with quite a lot of security vendors such as SailPoint, IBM, FortiGuard, Splunk, etc.""What I liked about this solution is that it can also integrate for tracking malicious use or sending analytics to a host that can process them. I don't know if CyberArk, Centrify, or Thycotic can do that. The analytics was something the client really wanted, and they already had BeyondTrust. It is very scalable. The agent on the workstation is very thin, and the processing power required on a server is nothing out of the ordinary. It is also very stable and easy to deploy.""Scalability is good. I would rate the scalability a nine out of ten."

More BeyondTrust Endpoint Privilege Management Pros →

"This solution is quite stable.""All access to our servers by both staff and vendors is monitored and recorded.""The most valuable feature of CyberArk Privileged Access Manager is privileged threat analytics.""It has helped us with our adoption with other teams, and it has also helped us to integrate it at the ground level.""We have demoted a lot of domain admins and taken a lot of that away from people, giving it a shared account structure.""Automates password management to remove the human chain weakness.""Their legacy of more than 20 years is very valuable. It brings a lot of stability to the product and a wide variety of integration with the ecosystem. Because of these factors, it has also been very successful in deployment. So, the legacy and integration with other technologies make the PAM platform very stable and strong. In terms of features, most of the other vendors are still focusing just on the privileged access management or session recording, but CyberArk has incorporated artificial intelligence to make PAM a more proactive system. They have implemented threat analytics into this, and there is also a lot of focus on domain controller production, Windows Server protection, and stuff like that. They have also further advanced it with the security on the cloud and DevOps systems. They have a bundle licensing model, which really helps. They don't have a complex licensing model. Even though in our market, people say CyberArk is expensive as compared to some of the other products, but in terms of overall value and as a bundling solution, it is an affordable and highly scalable product.""It has the ability to scale out. We have scaled out quite a bit with our product and use of it to get to multiple locations and businesses, so it has the breadth to do that."

More CyberArk Privileged Access Manager Pros →

Cons
"The product should improve its price.""The other area to improve is that they rely on MS SQL servers only. You cannot have any other database behind them. They have to be on MS SQL. If they can do something about these issues, this would be a better alternative for some customers.""They are doing good for now, but they should start to consider tight integration with Mac solutions. There should be more integration with Mac. There should be Active Directory (AD) Bridging. Thycotic and Centrify have it currently because they merged and joined forces, and it was a feature available in Centrify. So, basically, they joined forces to create a kind of perfect product. If you have a hybrid or mixed environment with Windows and Mac, your Active Directory can only manage or enforce policies on Windows, but what about your Mac devices? How do you control them? So, AD Bridging will act as a bridge to bring all your Mac devices into your Active Directory. This way you have full control over your entire environment.""It keeps on breaking every now and then. It is not yet mature. Every time something new comes up or we run into some new issues, the culprit is BeyondTrust because the agents and the adapter are not mature. The new development process goes on, and they're not able to handle things. It should be mature. It shouldn't break every now and then.""The program updates are very rare and the frequency is too far apart to take care of bug fixes and adding the latest features.""How the accounts are presented in the solution's UI can be improved.""The weaknesses are related to the effort required to migrate from existing technologies or having no Privilege Access Management (PAM) at all to adopting technologies like BeyondTrust. It involves changes in processes and can take a significant amount of time, typically six to twelve months.""If you don't get the implementation right at the outset, you will struggle with the product."

More BeyondTrust Endpoint Privilege Management Cons →

"Stability is a huge concern right now. We are on a version which is very unstable. We have to upgrade to stabilize it. It is fine, but the problem is we have to hire CyberArk to do the upgrade. This costs money, and it is their bug.""The initial setup has room for improvement to be more straightforward.""I would like to see is the policy export and import. When we expend, we do not want to just hand do a policy.""The current interface is not very intuitive.""New functionalities and discovered bugs take longer to patch. We would greatly appreciate quicker development of security patches and bug corrections.""They need to provide better training for the System Integrator.""Sometimes the infrastructure team is hesitant to provide more resources.""Its pricing is a big challenge here. When it started, the product came in at a very low cost. Now, they are the leaders in the market, so the cost has grown and is quite huge."

More CyberArk Privileged Access Manager Cons →

Pricing and Cost Advice
  • "I'm sure everyone should have the cluster environment, which means more expensive, anyway, cheaper than the other solutions."
  • "PowerBroker for a Mac client is three times the price of the Windows version."
  • "What BeyondTrust was providing was user-based licensing which was a great benefit from the client point of view. Recently, I don't know why, the licensing model has been changed, and that is the reason that they have lost a bit of their edge when it comes to the PAM, against our competition. The asset-based licensing, from the user's point of view, is not beneficial. The licensing should be based on the users. The greater the number of users, the greater will be the load and the greater the scalability problems. I presume that is why the licensing model has changed."
  • "This solution is expensive compared to its competitors."
  • "Price-wise, it is very competitive. In our area, government entities and banks don't go for the monthly payment. It is a headache even for us in terms of finance and procurement to go for monthly payments. Quarterly might be more logical and reasonable, but the minimum that we go for is one year, and sometimes, we even try to compile and give one offering for three years."
  • "Its pricing and licensing are okay. We were in the perpetual model when it was on-prem, and now, with the SaaS service, we have a subscription model. As a customer, I would always like to see a lower price, but it seems to be priced at the right model currently, and we are trying to get the maximum benefits out of it."
  • "The product’s licensing is different for Windows, Linux, and Mac. The tool’s licensing is yearly."
  • "It was very expensive."
  • More BeyondTrust Endpoint Privilege Management Pricing and Cost Advice →

  • "Pricing and licensing depend on the environment."
  • "It is not a cheap solution. It is expensive as compared with other solutions. However, it is one of the best solutions in their domain."
  • "It can be an expensive product."
  • "Cost efficiency is the number one thing that can be improved in my mind. This would change lots of companies minds on purchasing the product."
  • "The cost is high compared to other products."
  • "CyberArk provides all the features bundled. This is compared to other vendors who provide them as a different license for each functionality."
  • "Our risk is definitely significantly lower. Also, our resources are low."
  • "If you are looking at implementing this solution, buy the training and go to it."
  • More CyberArk Privileged Access Manager Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpoint… more »
    Top Answer:The solution's least privilege enforcement has helped us ensure access is given to only the required people.
    Top Answer:On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a seven out of ten.
    Top Answer:We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the… more »
    Top Answer:The product is expensive. I rate the product’s pricing a seven out of ten, where one is cheap and ten is expensive.
    Ranking
    Views
    4,473
    Comparisons
    1,964
    Reviews
    11
    Average Words per Review
    676
    Rating
    8.0
    Views
    11,460
    Comparisons
    6,546
    Reviews
    35
    Average Words per Review
    639
    Rating
    8.9
    Comparisons
    Also Known As
    BeyondTrust PowerBroker, BeyondTrust Endpoint Privilege Management for Windows, BeyondTrust Endpoint Privilege Management for Mac, BeyondTrust Endpoint Privilege Management for Linux, BeyondTrust Endpoint Privilege Management for Unix, Avecto Defendpoint
    CyberArk Privileged Access Security
    Learn More
    Overview

    BeyondTrust Endpoint Privilege Management enables organizations to mitigate attacks by removing excess privileges on Windows, Mac, Unix/Linux and networked devices. Remove excessive end user privileges and control applications on Windows, Mac, Unix, Linux, and networked devices without hindering end-user productivity.

    Key Solutions Include:

    -ENTERPRISE PASSWORD SECURITY

    Discover, manage and monitor all privileged accounts and SSH keys, secure privileged assets, and report on all privileged account activity in a single solution.

    -ENDPOINT LEAST PRIVILEGE

    Enforce least privilege across all Windows and Mac endpoints, gain visibility into target system vulnerabilities, and control access to privileged applications without disrupting user productivity or compromising security.

    -SERVER PRIVILEGE MANAGEMENT

    Gain control and visibility over Unix, Linux and Windows server user activity without sharing the root or administrator account.

    -A SINGLE PLATFORM FOR MANAGEMENT, POLICY, REPORTING AND THREAT ANALYTICS

    Utilize a single solution to manage PAM policies and deployment, understand vulnerability and threat analytics, and provide reporting to multiple stakeholders and complementary security systems.

    Learn more at https://www.beyondtrust.com/privilege-management

    CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

    CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

    Benefits of CyberArk Privileged Access Manager

    Some of CyberArk Privileged Access Manager’s benefits include:

    • The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
    • The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
    • The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

    Reviews from Real Users

    CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

    PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

    Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

    Sample Customers
    Aera Energy LLC, Care New England, James Madison University
    Rockwell Automation
    Top Industries
    REVIEWERS
    Construction Company14%
    Comms Service Provider14%
    Manufacturing Company14%
    Security Firm14%
    VISITORS READING REVIEWS
    Financial Services Firm13%
    Computer Software Company12%
    Manufacturing Company10%
    Government7%
    REVIEWERS
    Financial Services Firm24%
    Computer Software Company13%
    Insurance Company12%
    Healthcare Company9%
    VISITORS READING REVIEWS
    Educational Organization29%
    Computer Software Company12%
    Financial Services Firm10%
    Manufacturing Company5%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise7%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise13%
    Large Enterprise66%
    REVIEWERS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise66%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise37%
    Large Enterprise48%
    Buyer's Guide
    BeyondTrust Endpoint Privilege Management vs. CyberArk Privileged Access Manager
    March 2024
    Find out what your peers are saying about BeyondTrust Endpoint Privilege Management vs. CyberArk Privileged Access Manager and other solutions. Updated: March 2024.
    765,234 professionals have used our research since 2012.

    BeyondTrust Endpoint Privilege Management is ranked 4th in Privileged Access Management (PAM) with 27 reviews while CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews. BeyondTrust Endpoint Privilege Management is rated 8.0, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of BeyondTrust Endpoint Privilege Management writes "Admin rights can be granted and revoked within minutes and that is what everything comes down to, for us". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". BeyondTrust Endpoint Privilege Management is most compared with CyberArk Endpoint Privilege Manager, Cisco ISE (Identity Services Engine), Delinea Secret Server, ARCON Privileged Access Management and Microsoft Defender for Endpoint, whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard. See our BeyondTrust Endpoint Privilege Management vs. CyberArk Privileged Access Manager report.

    See our list of best Privileged Access Management (PAM) vendors.

    We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.