We performed a comparison between Check Point SandBlast Network and CyberArk Privileged Access Manager based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."In terms of the scalability, it's expandable across the cloud."
"Check Point SandBlast Network Solution provides signature-based as well as zero-day threat protection. Also sandboxing can be performed on an on-premise device, cloud as well as the combination of both. Threat emulation is done on multiple OS & verdict is provided."
"The main feature of the solution is that it protects against malicious threats from the outside."
"The Check Point SandBlast Network gives us incredibly good features."
"It looks out for new cyber threats and generates predictions based on behaviors that are already detected on a daily basis."
"We didn't really have any IPS before. So, Check Point has improved our security posture. People get used to doing things certain ways, which might not be the best or most secure way, and they can't do that now, which just requires more education of the user base. With the endpoint client, we've started to use Check Point for remote access."
"Threat Emulation gives networks the necessary protection against unknown threats in files that are attached to emails. The Threat Emulation engine picks up malware at the exploit phase before it enters the network. It quickly quarantines and runs the files in a virtual sandbox, which imitates a standard operating system, to discover malicious behavior before hackers can apply evasion techniques to bypass the sandbox."
"It provides a high rate of catching the zero-day advanced threats."
"The product has allowed us to improve both the management and access to privileged credentials, while also creating a full audit trail of all activities happening within isolated sessions of all tasks and activities taking place within the solution."
"The users have the ability to rotate passwords on a daily basis with a Reconcile Account. Or, if they want to do one-time password checkouts, we can manage those, check in, check out. I like the flexibility of the changing of the password, specifically."
"For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks."
"The voice technology is very good."
"I love the ability to customize the passwords: the forbidden characters, the length of the password, the number of capital, lowercase, and special characters. You can customize the password so that it tailor fits, for example, mainframes that can't have more than eight characters. You can say, "I want a random password that doesn't have these special characters, but it is exactly eight characters," so that it doesn't throw errors."
"Allows secure, logged access to highly sensitive servers and services."
"The most valuable aspects of the solution include password management and Rest API retrieval of vaulted credentials."
"AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials."
"We would like to see this solution reach mobile devices more efficiently, through apps or more specific products."
"I imagine there will be improvements in later versions. There are hotfixes that come out all the time."
"They need to improve the GUI interface."
"Using it in the beginning was difficult because I had never used anything similar. In terms of navigating the UI, it was all not too bad, but there is definitely a learning curve."
"Today, we have it as part of a solution or a package. However, we'd like there to be a way where we can have the solution's features available to us in a cheaper way in the future."
"In Check Point SandBlast, improvement has to be made with respect to the GUI."
"The initial setup was complex because of the lack of information from the consultant."
"At the support level, they could improve the attention times and have the resolution of cases happen a little faster."
"I would like to see is the policy export and import. When we expend, we do not want to just hand do a policy."
"I would like to see better automation in granting access, better tools, more efficient tools, to be able to customize the solution that CyberArk provides."
"When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time."
"Our DevOps team is looking in the direction of cloud, because we are not in it today. We are hoping to build it with Conjur from the ground up."
"The web interface has come a long way, but the PrivateArk client seems clunky and not intuitive. It could use an update to be brought up to speed with the usability of PVWA."
"it manages creds based on Organizational Units. That is, a "safe" is limited to specific OUs. That makes for very elaborate OU structure, or you risk exposing too many devices by putting most of them in fewer OUs."
"More additional features as far as the REST is concerned, because we have something which was the predecessor to REST. A lot of the features which were in the predecessor have not necessarily been ported over to REST yet."
"The initial setup was a bit complex."
More Check Point SandBlast Network Pricing and Cost Advice →
More CyberArk Privileged Access Manager Pricing and Cost Advice →
Check Point SandBlast Network is ranked 8th in Advanced Threat Protection (ATP) with 33 reviews while CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews. Check Point SandBlast Network is rated 8.4, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of Check Point SandBlast Network writes "High detection with few false positives and able to handle large volumes of data". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". Check Point SandBlast Network is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox, Cisco Secure Network Analytics, Microsoft Defender for Office 365 and Trellix Network Detection and Response, whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard. See our Check Point SandBlast Network vs. CyberArk Privileged Access Manager report.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
