We performed a comparison between CyberArk Privileged Access Manager, Digital Guardian, and NetWitness Platform based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials."
"It takes people out of the machine work of ensuring credentials remain up-to-date, and handles connection brokering such that human usage and credential management remain independent."
"I love the ability to customize the passwords: the forbidden characters, the length of the password, the number of capital, lowercase, and special characters. You can customize the password so that it tailor fits, for example, mainframes that can't have more than eight characters. You can say, "I want a random password that doesn't have these special characters, but it is exactly eight characters," so that it doesn't throw errors."
"We are able to centrally manage credentials, touch applications, and rotate passwords."
"The regulation of accounts is by far the most needed and valuable part of the application."
"It has the ability to scale out. We have scaled out quite a bit with our product and use of it to get to multiple locations and businesses, so it has the breadth to do that."
"DVR like video recording and text-based recording for easier audits."
"Central Password Manager is useful for agentless automated password management through AD integration as well as endpoints for different devices."
"The most valuable feature of Digital Guardian is its reputation. They have scored high on the Gartner Magic Quadrant."
"I like the solution's adaptive inspection and container inspection."
"It has been scalable."
"There is a built-in endpoint detection response that helps save money."
"It can scale from 100 to 10,000. There's no problem with the scalability."
"We have been able to monitor access to files from each of our workstations."
"Some of the features that are highly appreciated are its robust data loss prevention capabilities, flexible deployment options, and the ability to monitor data transfer across multiple vectors."
"The technical support is really terrific."
"The most valuable features are the packet decoder, log decoder, and concentrator."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"The product's initial setup phase was not at all difficult."
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"Their technical support responds quickly and are knowledgable."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"The most valuable feature is the security that it provides."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
"There should be more models and licensing plans for this software."
"The lead product has a slow process. There are some reports and requirements from CyberArk which are not readily available as an applicable solution. We have made consistent management requests in the logs."
"This product needs professional consulting services to onboard accounts effectively based user profiles."
"In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."
"The admin interface of the Password Vault Web Access (PVWA) is moving from an old style (the classic interface) to a new style (the v10 interface) and unfortunately, this process is quite slow."
"I would like to see better automation in granting access, better tools, more efficient tools, to be able to customize the solution that CyberArk provides."
"One of the main things that could be improved would be filtering accounts on the main page and increasing the functionality of the filters. There are some filters on the side which are very specific, but I feel there could be more."
"The solution has complexities around policy creation and deployment."
"It would be helpful if there was an on-premise version of the solution for companies that cannot use the cloud, such as government sectors."
"Technical support could be better."
"If the client uses Windows 10 or 11 and Microsoft updates the operating system's version, Digital Guardian must update their product to match compatibility."
"The initial setup is a bit more complex than other solutions."
"Some features on Mac and Linux are not complete currently. For example, some device control features haven't been transferred over to the other systems. If they could have their Windows features also available on Mac and Linux, that would be perfect. Some of our customers have a Mac environment for their RD environment. Having the solution fully capable of handling everything in a Mac environment is crucial."
"There are a lot of issues with the current version of the Endpoint agent. It's not stable, it's resource-consuming, and there are some performance issues. If they could improve the stability of the agent it would be great."
"I would like to see the workflow, to get all the rules and policies set up, be less complicated."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"It is not so easy to customize this product."
"The product's licensing models are complex to understand. This particular area needs improvement."
"The log system is a bit complex and has room for improvement."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"We have encountered issues with unresolved crashes."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
