Try our new research platform with insights from 80,000+ expert users

CyberArk Endpoint Privilege Manager vs Symantec Privileged Access Manager comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 6, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CyberArk Endpoint Privilege...
Ranking in Privileged Access Management (PAM)
4th
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
38
Ranking in other categories
Endpoint Compliance (5th), Anti-Malware Tools (5th), Application Control (5th), Ransomware Protection (5th)
Symantec Privileged Access ...
Ranking in Privileged Access Management (PAM)
18th
Average Rating
7.8
Reviews Sentiment
7.0
Number of Reviews
53
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Privileged Access Management (PAM) category, the mindshare of CyberArk Endpoint Privilege Manager is 3.2%, down from 3.7% compared to the previous year. The mindshare of Symantec Privileged Access Manager is 1.6%, up from 1.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Privileged Access Management (PAM)
 

Featured Reviews

Sumit Chavan - PeerSpot reviewer
Helps secure the infrastructure and control users with admin rights
There are many features that are currently missing. A customization option is required for certain policies. For instance, if we need to stop PowerShell scripting, we have to create a different policy for that. Being able to create a sub-level policy within a top-level policy would be good. Currently, no user-based policy option is available inside the EPM console. We can only create computer-based policies. The database is available, but there is a drawback in not being able to create local groups on the EPM console. We only have to depend on Active Directory. This limits infrastructure security as we depend on the Active Directory team to manage user groups. If they remove any users, we lose control. If we could create groups locally and block them or set specific policies, we would have more control. Local endpoint management is missing from the EPM site. Moreover, there is an issue with policies not running as expected when we make enhancements. We have to find multiple ways to whitelist applications or enhance policies.
Muzi Lubisi - PeerSpot reviewer
Secure management of sensitive servers and seamless applications with direct linking
The credential injection feature is highly valued, particularly for RDP sessions. A majority of customers use it for RDP, and a couple for Linux servers. The broader capabilities, including access to multiple systems, web-based applications, and clustering, have never posed an issue. The threat analytics aspect is also a robust feature that analyzes all pertinent information.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"What sets CyberArk apart is its continuous innovation, staying ahead of the competition."
"We can do both server and endpoint protection."
"Our setup process is moving to the cloud, which is very good. It reduces complexity."
"Users can scale the solution."
"The most valuable feature of CyberArk Endpoint Privilege Manager is its scalability."
"The most valuable features of CyberArk Endpoint Privilege Manager are password management, session management, onboarding rules, platform customization, and safety management."
"The product is very flexible"
"The most valuable feature is the ability to control users with admin rights. Even if developers and senior folks maintain their admin rights, we can still manage their activities."
"We can check the activities in the server for fragile files and documents in case of any issues."
"Password Management and Session Recording. The simplicity and ease that it is to be up and running out-of-the-box is very much appreciated."
"For me, it is the robust API which is the most valuable feature. This allows for low maintenance costs and allows applications to automatically connect. This is great to automate security of the DevOps pipeline for shared secrets across environments. Also, being on Linux and a virtual appliance is great."
"The product is very scalable in terms of concurrent sessions that it can handle at a time, number of device it can support, accounts that it can manage, or number of nodes that you can deploy in a cluster."
"We found that the architecture is scalable and very resilient."
"Whoever built it from the ground up, they understand how an organization is laid out."
"It's easy to use and easy to configure."
"It gives you list of servers, so you can see which users have access to which servers. This is really useful, so we can make sure nobody is getting extra access than what is needed."
 

Cons

"CyberArk has some performance issues. For example, servers could not handle the solution when we first took CyberArk Endpoint Privilege Manager."
"CyberArk should consider whitelisting important applications like PowerShell and DLL that are currently not allowed due to some malicious content."
"The installation process is pretty difficult."
"For an experienced system implementer it will take approximately one day. However, for somebody who is inexperienced it may take up to five days."
"A customization option is required for certain policies. For instance, if we need to stop PowerShell scripting, we have to create a different policy for that. Being able to create a sub-level policy within a top-level policy would be good."
"CyberArk Endpoint Privilege Manager is not suitable for the current situation because when you compare it to OTP, OTP is the strongest password solution. You can use it as a one-time password, but you have to log into the password manager itself and if you don't change your password, it will be the weakest link in the security. In OTP, you don't have that weakest link."
"The management of Privilege Access is not satisfactory."
"CyberArk Endpoint Privilege Manager could be improved by simplifying the administration process, specifically when setting up policies and applications."
"We have to do a lot of manual work to automate features."
"Technical support was good when CA handled it. After Broadcom took over, it's not as good."
"I would like this solution to be simpler. It should have a one-click access that works together with AWS."
"It'd be great if you just stuck in your PIV card and Windows popped up, asked you for your password. You typed it in, then it remembered your credentials."
"The support for other remote assistance tools would be excellent. Free included tools in Windows (Remote Assist) and Microsoft SCCM Configuration Manager (ConMgr Remote Control) allow companies to reduce the amount of RDP connections and expand the usage of the tools are frequently used by companies to provide technical support for remote assistance."
"I wish it could create local accounts on desktops."
"Bring more technology into the portfolio and being able to collapse those products into a much more integrated way."
"They need to do a little bit more on the mainframe side.​"
 

Pricing and Cost Advice

"It is an expensive solution."
"The solution's pricing is reasonable compared to other vendors' products."
"The product's license is easy to procure."
"licensing for this solution is based on the number of APV (privileged users), and the number of sessions that you want to record."
"I feel that the price of the product is nominal. It must be around 10 to 15 USD per installation. I rate the product price an eight to nine out of ten, where one is high price, and ten is low price."
"CyberArk Endpoint Privilege Manager is slightly expensive, but costs can be negotiated to become more competitive."
"I believe it's quite a reasonably priced solution. It's not very common to use CyberArk because it's a niche solution, but customers who are willing to control administrative accounts are willing to pay this money."
"I rate the solution's pricing an eight out of ten since the price can be too high for smaller businesses."
"It is more expensive than other solutions on the market."
"Appliances are relatively cheap, don’t skimp. Make sure you have redundancy, high availability, and enough appliances to manage the concurrent workload."
"They offer per-device, per-user, or monthly and yearly licensing models."
"The prices are not low, but one can ask for a discount. It’s not the cheapest PAM solution."
"Pricing is fair compared to other top vendors."
"I would prefer better licensing options for the 20-100 users we have at a given time."
"Don’t go with an agent model. Don’t go with a model that has you buying a thousand different parts. Go with PAM that gives you everything, or you’ll just be paying costs of implementing another tool that PAM would have just given you up front."
"The version we are using is affordable compared to BeyondTrust, which is maybe three to four times as expensive, but it depends on the features."
report
Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
860,168 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
11%
Government
9%
Computer Software Company
17%
Comms Service Provider
13%
Financial Services Firm
12%
Manufacturing Company
11%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Looking for recommendations and a pros/cons template for software to detect insider threats
This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpo...
What do you like most about CyberArk Endpoint Privilege Manager?
The most valuable feature of the solution is its performance.
What is your experience regarding pricing and costs for CyberArk Endpoint Privilege Manager?
I believe it's quite a reasonably priced solution. It's not very common to use CyberArk because it's a niche solution, but customers who are willing to control administrative accounts are willing t...
What do you like most about Symantec Privileged Access Manager?
We can check the activities in the server for fragile files and documents in case of any issues.
What is your experience regarding pricing and costs for Symantec Privileged Access Manager?
Due to the nature of the solution, it is hard to gauge, but compared to competitors, the pricing is very good. I would rate it as an eight and a half out of ten.
What needs improvement with Symantec Privileged Access Manager?
Recent releases need improvement in webpage management. For instance, navigating through a webpage that acts like a wizard, where I proceed to the next page and enter more information, is not handl...
 

Also Known As

Viewfinity
CA PAM, Xceedium Xsuite, CA Privileged Access Manager
 

Overview

 

Sample Customers

Information Not Available
NEOVERA, Telesis, eSoft
Find out what your peers are saying about CyberArk Endpoint Privilege Manager vs. Symantec Privileged Access Manager and other solutions. Updated: June 2025.
860,168 professionals have used our research since 2012.