We performed a comparison between CyberArk Privileged Access Manager, Digital Guardian, and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."The ability to develop and deploy applications with no stored secrets is very valuable."
"On the EBB user side, we were able to secure all the server root passwords and admin for Windows. This was a big win for us."
"It supports lots of requirements in the privileged access management area."
"The risk of lost password and forbidden access to resources has been drastically reduced which increased the security level for the entire company,"
"This is a complete solution that can detect cyber attacks well."
"The product is an important security measure against credential theft. It ensures session isolation and password rotation including pushing passwords to the endpoints."
"The users have the ability to rotate passwords on a daily basis with a Reconcile Account. Or, if they want to do one-time password checkouts, we can manage those, check in, check out. I like the flexibility of the changing of the password, specifically."
"It gives us the capability to rotate passwords."
"Some of the features that are highly appreciated are its robust data loss prevention capabilities, flexible deployment options, and the ability to monitor data transfer across multiple vectors."
"In Digital Guardian, they have the cloud correlation servers that give you visibility work like EBR and the correlation server works very well for security analysis."
"The most valuable feature of Digital Guardian is its reputation. They have scored high on the Gartner Magic Quadrant."
"I like the solution's adaptive inspection and container inspection."
"It can scale from 100 to 10,000. There's no problem with the scalability."
"It has the added advantage of offering forensic analysis."
"We have been able to monitor access to files from each of our workstations."
"The feature we call desktop recording is the most valuable aspect of the solution. Not only can we collect data from the user's usage, but we also capture his screenshots when he is trying to steal the data."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"The product is very easy to configure."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"The most valuable feature is the network security module."
"The most valuable feature is the view into the application."
"Support is very helpful and responsive."
"The server appliance is good."
"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"I'd like to see a more expansive SSH tunneling situation through PSMP. Right now you have an account that exists in the vault and you say, "I want to create a tunnel using this account." I'd like to see something that is not account-based where I could say, "I want to create a tunnel to this machine over here," and then authenticate through the PSMP and then your tunnel is set up. You wouldn't need to then authenticate to a machine."
"Some aspects of the administration need improvement, though they have recently made improvements to the API. However, the management with the interface and configuration are not so user-friendly. It has not changed much during all the years that CyberArk has been on the market. The management part, like platform management as well as PSM connectors definition and management, could be improved, even if it has already been done with the API."
"I would like to see is the policy export and import. When we expend, we do not want to just hand do a policy."
"Report creation could be improved. The policies could be more customized."
"As they grow, the technical support is having growing pains. One of the things is just being able to get somebody on the phone sometimes."
"Sometimes the infrastructure team is hesitant to provide more resources."
"When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time."
"It needs better documentation with more examples for the configuration files and API/REST integration"
"I would like to see the workflow, to get all the rules and policies set up, be less complicated."
"The room for improvement with Digital Guardian is that it will be better with the Linux agent because it is the only DLP solution for Linux workstations. It still needs to upgrade the agents to the latest version for the Linux kernel."
"The solution has complexities around policy creation and deployment."
"Some features on Mac and Linux are not complete currently. For example, some device control features haven't been transferred over to the other systems. If they could have their Windows features also available on Mac and Linux, that would be perfect. Some of our customers have a Mac environment for their RD environment. Having the solution fully capable of handling everything in a Mac environment is crucial."
"Technical support could be better."
"Digital Guardian is an excellent solution but our experience with the partner has been the most horrible experience we have ever had with any partner."
"When considering potential areas for improvement, it may be beneficial for Digital Guardian to optimize its processes and reduce the computational demands on the system, particularly with regard to high CPU usage. Although Digital Guardian offers numerous benefits, it can consume a substantial amount of RAM and CPU power."
"The initial setup is a bit more complex than other solutions."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"We'd like the potential for better scaling."
"Management of the appliance could be greatly improved."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"The product's integration capabilities are an area of concern where improvements are required."
"It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto."
"As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web)."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
More Trellix Network Detection and Response Pricing and Cost Advice →