We performed a comparison between BeyondTrust Endpoint Privilege Management and CyberArk Privileged Access Manager based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I find the solution’s features like section management, password management, and analytics valuable."
"The tool is easy to use and deploy. It has PAM capabilities like privilege access. The solution helps with the management of third parties and vendors. It is an effective solution compared to other alternatives."
"The privileged access management into sensitive systems is very valuable. That includes control from the endpoint all the way through to the managing of passwords and credentials that are used by the person to access the sensitive information. It's very useful, because nobody ever really maintains passwords for those endpoint systems. It's maintained in the Dropbox password file."
"One of the valuable features is the absence of any local user in a unique system. All users are defined in the AD; communication is only between Unix and AD."
"The privileged access and the application control are helpful in making sure we have good, robust challenge responses. Blacklisting with trusted application protection is also beneficial for us."
"It's relatively straightforward to set up, especially if you are deploying to the cloud."
"I find the comprehensive Privilege Access Management features valuable, including automation, and the ability to integrate with applications and the Windows operating system."
"The solution's least privilege enforcement has helped us ensure access is given to only the required people."
"It has helped us with our adoption with other teams, and it has also helped us to integrate it at the ground level."
"The most valuable feature of CyberArk Privileged Access Manager is the vault. I am satisfied with the interface and the documentation."
"You can write different types of policies for custom business needs or any developer needs. If they need certain functions allocated, they can be customized easily."
"The regulation of accounts is by far the most needed and valuable part of the application."
"If any intruder gets inside, they would not be able to move around nor do lateral movements. It minimize any attack problems within our network."
"For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks."
"The fact that I can put my vault here in a central location on one net for example, and I'll have a CPM in California, a CPM in Texas, a CPM in New York, a CPM in Florida, and actually be able to grow with my company and not necessarily have to continue to grow my vault until I get to a certain number accounts - yet I can still manage everything across the country, if not the world - I love that. I love the flexibility and the capability of being able to pull those components out."
"The most valuable feature is Special Monitoring."
"The deployment process should be clarified or made simpler. It would be helpful if the solution had in-app tutorials for users to look at as they progress through the system. Sometimes we get lost and need to go back to check what exactly the function was. There should be small hints around major key functions. It would go a long way in speeding up the deployment process."
"It keeps on breaking every now and then. It is not yet mature. Every time something new comes up or we run into some new issues, the culprit is BeyondTrust because the agents and the adapter are not mature. The new development process goes on, and they're not able to handle things. It should be mature. It shouldn't break every now and then."
"It only has limited support for Mac."
"Reporting analytics is one of the areas that can be improved. It is a new cloud-based solution. So, many more specific reports can come out natively. Currently, we get all the events, and we put them in plug-ins. From there, we generate our own design of reports. If there is a much more solid or robust reporting analytics framework within the product itself, it would be helpful."
"They need to come up with better integrative options which should be customer-centric."
"The weaknesses are related to the effort required to migrate from existing technologies or having no Privilege Access Management (PAM) at all to adopting technologies like BeyondTrust. It involves changes in processes and can take a significant amount of time, typically six to twelve months."
"How the accounts are presented in the solution's UI can be improved."
"The product should improve its price."
"Initial setup is complex. Lots of architecture, lots of planning, and lots of education and training are needed."
"I don't know if "failed authentication" is a glitch or if that was an update... However, since we are the CyberArk support within our organization, we need to know that the password is suspended and we won't know that unless we have the ITA log up. So when a user calls and says, "Hey, I'm locked out of CyberArk, I can't get into CyberArk," we have to go through all of these other troubleshooting steps because the first thing we don't think of right now is, "The account is suspended." It doesn't say that anymore."
"The solution needs better features for end users to manage their own whitelisting for API retrieval."
"If we could have some kind of out-of-the box feature that you can simply say "no" so they don't have to go into a development mode, that would a really helpful feature."
"The issue of technical support is crucial, as there are not many specialized partners available in Brazil to provide this service. While English language support is of good quality, there is a significant shortage of partners capable of meeting the demand locally."
"It should be easier to install. It is a comprehensive product, which makes it difficult to install. You need to have their consulting services in order to get it all installed and set up correctly because there is so much going on. It would be nice if there were an easier way to do the installation without professional services. I suspect they get a fair amount of their money from professional services. So, there is not a huge incentive."
"This is probably a common thing, but they do ask for a lot of log files, a lot of information. They ask you to provide a lot of information to them before they're willing to give you anything at all upfront. It would be better if they were a little more give-and-take upfront: "Why don't you try these couple of things while we take your log files and stuff and go research them?" A little bit of that might be more helpful."
"If there is an area that has room for improvement, it's probably working with their support and getting people on the phone. That is hard to do with most products in general, but that seems to be the difficult area. The product is fantastic, but sometimes we want somebody on the phone."
More BeyondTrust Endpoint Privilege Management Pricing and Cost Advice →
More CyberArk Privileged Access Manager Pricing and Cost Advice →
BeyondTrust Endpoint Privilege Management is ranked 5th in Privileged Access Management (PAM) with 28 reviews while CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews. BeyondTrust Endpoint Privilege Management is rated 8.0, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of BeyondTrust Endpoint Privilege Management writes "Admin rights can be granted and revoked within minutes and that is what everything comes down to, for us". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". BeyondTrust Endpoint Privilege Management is most compared with CyberArk Endpoint Privilege Manager, Cisco ISE (Identity Services Engine), Delinea Secret Server, ARCON Privileged Access Management and Microsoft Defender for Endpoint, whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard. See our BeyondTrust Endpoint Privilege Management vs. CyberArk Privileged Access Manager report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.