We performed a comparison between CyberArk Endpoint Privilege Manager and Microsoft Defender for Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The feature called PTA, which stands for Privileged Threat Analytics keeps track of what admins are doing and works with Centimeters. If something fishy is going on with a user's credentials, it alerts the security team so they can act fast. Plus, it automates stuff like resetting credentials or blocking users. So, if there's a potential hack, CyberArk can change passwords and lock out users in a snap. It also gives you a heads-up if anything unusual is going on with server activities, like someone creating new users with uncontrolled credentials."
"The department management aspect of the solution is the most valuable aspect."
"I like that you can remove the admin rights from the user's computer and have control over the environment. That means you can delete the local admins and grant them proper privileges with the console. So, they will get proper permissions for applications they need, but we don't have to do it. In the domain where we don't have control, the user can only do specified actions, but not all of them."
"The solution's technical support is good."
"I have always found that CyberArk is a very tight, foolproof product compared to most other products available."
"We were able to reduce the number of privileged accounts by 50%, which helped to simplify our privileged access management environment."
"The most valuable feature is that it does lifecycle management and that it will change to whatever the end target is."
"The password rotation and the session recording are the most valuable features."
"It captures data through machine learning, which is built-in on the back-end. It also provides built-in analytics and a threat intelligence feature. It is a one-stop solution that doesn't require an antivirus because it comes prebuilt into Windows 10."
"Defender provides useful alerts and groups them. It sends an alert to your portal if it detects any malicious activity, and you can group multiple alerts to form an incident."
"It is already integrated with Windows 10, so you don't need to worry about that."
"It comes included with the Windows license."
"What I found most valuable in Microsoft Defender for Endpoint is that it's out-of-the-box, which brings more value to the customer. The technical support for the product is also one of the best parts, because it's good, in terms of the product knowledge of the technical engineers."
"The solution has good performance, I have not seen a problem."
"The patch updates and version updates are very good. Those happen on an automated basis whenever I'm connecting to the organization network, either through LAN or through the VPN."
"We can run the virus scan across our entire environment."
"Compared to other tools like Linux, this solution isn't as user-friendly."
"The turnaround time of the support team is an area of concern where improvements are required."
"The product needs a streamlined user interface; improvements to the user interface can enhance user experience and make the solution more intuitive to navigate."
"The installation process is pretty difficult."
"Performance could be better. We have a couple of problems with CyberArk right now. One of the problems is performance in our environment. Support also takes a long time to respond. If the user already has local admin rights, then I can't collect any events in the console from this device. There are also some options in CyberArk that are not working properly, and are not helpful in this case. I can't collect any information to create a proper policy for the device. I have to investigate everything manually, or even disable the local admin from the device. I can collect the events only after this, and it's very time consuming. In my case, it's a waste of resources."
"CyberArk has some performance issues. For example, servers could not handle the solution when we first took CyberArk Endpoint Privilege Manager."
"One area that has room for improvement is in managing the credentials for network devices."
"CyberArk Endpoint Privilege Manager is a perfect solution, but CyberArk Endpoint Privilege Manager for Linux has many issues. Another area for improvement in CyberArk Endpoint Privilege Manager, specifically for Windows, is that there's no way for you to check credential theft from a text file, such as a notepad file."
"We'd like the stability to be better."
"There is a lot of information to take in, and the portals tend to change quickly due to the fast-paced nature of the industry."
"The automation could be simpler on the mitigation side. It has a learning curve. Otherwise, it's pretty easy."
"My main issue with the tool is that there are too many menus. This causes a steep learning curve for those without training or unfamiliar with Defender for Endpoint. From an end-user perspective, the solution is there on the machine and does its job; it works seamlessly. However, as a security professional dealing with it behind the scenes, the learning curve can be steep, but not too steep. Still, it has taken some of my analysts up to a month to get familiar with the product."
"Microsoft Defender for Endpoint could improve by providing more user-friendly dashboards. They may be complicated for some."
"Its user interface (UI) can be improved. Currently, in the console, you have to dig down for certain things. They've got many different layers to get to things instead of having it all on the surface. You have to go three folds lower to get to specific functionality or click a particular option. It would be good if we can manage the console through menus and instead of three clicks, we can do things in one click. They need to change the UI and work on it in terms of a better user experience."
"Defender is free for one year. Once that year is over, we will switch to Kaspersky."
"The application control feature requires improvement."
More CyberArk Endpoint Privilege Manager Pricing and Cost Advice →
More Microsoft Defender for Endpoint Pricing and Cost Advice →
CyberArk Endpoint Privilege Manager is ranked 6th in Privileged Access Management (PAM) with 28 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. CyberArk Endpoint Privilege Manager is rated 8.2, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of CyberArk Endpoint Privilege Manager writes "Offers integrated solutions and expands its capabilities through strategic acquisitions". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". CyberArk Endpoint Privilege Manager is most compared with BeyondTrust Endpoint Privilege Management, CrowdStrike Falcon, CyberArk Privileged Access Manager, Tanium and Cortex XDR by Palo Alto Networks, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, Cortex XDR by Palo Alto Networks, Trellix Endpoint Security and SentinelOne Singularity Complete. See our CyberArk Endpoint Privilege Manager vs. Microsoft Defender for Endpoint report.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
