Check Point Application Control vs CyberArk Endpoint Privilege Manager comparison

"Being able to choose specific applications in our policy rule base in order to better manage access and bandwidth utilization has had a significantly positive impact on our environment and saved a lot of management time."

"One of the greatest capacities and the benefits it gives us is the ability to control applications based on defining access or denial policies in specific applications, groups, or category profiles."

"This product logs & monitors event traffic for each application, giving us better visibility."

"We can easily switch from a classical firewall to a next-gen firewall using application security."

"It blocks ransomware attacks that can affect performance-enhancing secure work environments with zero-day attacks."

"It does not require a lot of work to be activated and used."

"The most outstanding feature is the Check Point APK wiki."

"Check Point Application Control offers a wide selection of applications, and even within those, you can configure uploads, downloads, et cetera, on a very granular level."

"The tool is an endpoint management system. It monitors everything a standard user does and helps elevate privileges when necessary for advanced users. It keeps an auditable trail of all activities. Practically, it stops and blocks potentially hazardous user behavior, whether intentional or unintentional. Certain companies must use endpoint management software because of national or international rules or ISO norms."

"It has drastically reduced the attack surface for local administrative rights and the chance of escalation of privilege. We've removed, at this point, close to 98 percent of the local administrative accounts on workstations. If there were an incident, it would stop at that point and we'd be able to know."

"The feature called PTA, which stands for Privileged Threat Analytics keeps track of what admins are doing and works with Centimeters. If something fishy is going on with a user's credentials, it alerts the security team so they can act fast. Plus, it automates stuff like resetting credentials or blocking users. So, if there's a potential hack, CyberArk can change passwords and lock out users in a snap. It also gives you a heads-up if anything unusual is going on with server activities, like someone creating new users with uncontrolled credentials."

"Our setup process is moving to the cloud, which is very good. It reduces complexity."

"The product is stable."

"I have always found that CyberArk is a very tight, foolproof product compared to most other products available."

"The password rotation and the session recording are the most valuable features."

"CyberArk Endpoint Privilege Manager has had a positive impact on my customers' security posture."

"The whitelisting approach should only be on very specific applications. In which only a server should access a certain application and nothing else. If you miss something, you will have to always be investigating why it doesn't have access or why an application is not working."

"Usability needs to be improved."

"We would like the product to be a bit more user-friendly in general."

"They are expensive products due to the fact that we have to buy blades for each solution that we want to integrate into our corporate."

"Custom applications for internal applications must be defined frequently."

"The set performance monitoring systems are complex to interpret and scale down their operations."

"I recommend network upgrades in the next release to meet most company demands and daily changes."

"At this time, Check Point Application control is the best on the market."

"The tool should be more user-friendly."

"CyberArk Endpoint Privilege Manager can be better by making its UI more consistent."

"It cannot be on-prem. It is only cloud-based. Sometimes, that's a restriction in terms of usage."

"The management of Privilege Access is not satisfactory."

"Another enhancement needed is the scheduling of deployment, which I expect in future releases."

"The main issues I experience are related to deployment, which requires dependency on other solutions like AD or SCCM. These tools need to be defined and synced with the client or agent and master, sometimes needing manual checks."

"CyberArk meets clients' need very spot-on. It covers everything customers ask for. As for improvements, honestly, the feedback's been really positive. I haven't heard any specific areas that need work."

"While CyberArk Endpoint Privilege Manager is a great tool, I believe the functionality could be wider. If it could work not only with permissions but also involve pure EDR tasks or User and Entity Behavior Analytics, it would be great."

"I think application control has become a basic feature and it should be enabled automatically, without having to purchase a separate license for it."

"It's a bit expensive and it could be cheaper, but it's part of business politics."

"The price of Check Point Application Control is high. The support and ecosystem around the solution are expensive."

"The blade has its cost but you can take advantage of the license package to pay less for it."

"Check Point Application Control is expensive. The tool's licensing costs are yearly."

"It's not at the lower end of the market. I think the price is reasonable considering the quality it delivers. It is a top-notch solution at a fair price point."

"The tool's pricing is reasonable for customers."

"It is an expensive solution."

"Pricing depends on how many devices you use. Right now, on-premise, it costs us a little, but it's worth it. It seems like the cloud solution is much more expensive. We got this solution one year ago, and it's like we bought the solution, and now they are not going to support it on-premise anymore. We are in the implementation phase, and we missed this, and we already paid for the licenses. This is wasted time from my perspective, and CyberArk should be more customer-friendly."

"The tool is a bit pricey compared to its competitors. My company does work with competitors, but I don't have hands-on experience with other software. I've just done some comparisons."

"The price of CyberArk Endpoint Privilege Manager is expensive."

"The tool is priced high. I would rate its pricing an eight out of ten."

"I rate the solution's pricing an eight out of ten since the price can be too high for smaller businesses."