Try our new research platform with insights from 80,000+ expert users

BeyondTrust Endpoint Privilege Management vs One Identity Safeguard comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 6, 2024
 

Categories and Ranking

BeyondTrust Endpoint Privil...
Ranking in Privileged Access Management (PAM)
4th
Average Rating
8.0
Number of Reviews
28
Ranking in other categories
Anti-Malware Tools (9th)
One Identity Safeguard
Ranking in Privileged Access Management (PAM)
3rd
Average Rating
8.0
Number of Reviews
40
Ranking in other categories
User Entity Behavior Analytics (UEBA) (6th)
 

Mindshare comparison

As of November 2024, in the Privileged Access Management (PAM) category, the mindshare of BeyondTrust Endpoint Privilege Management is 4.6%, down from 6.0% compared to the previous year. The mindshare of One Identity Safeguard is 4.5%, down from 5.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Privileged Access Management (PAM)
 

Featured Reviews

Marlin B Pohlman - PeerSpot reviewer
Oct 24, 2022
Admin rights can be granted and revoked within minutes and that is what everything comes down to, for us
The most important factor is the ability to invoke least privilege, which is required under 27701 and GDPR. We have used the solution to remove users' administrative rights and instead provide on-demand, token-based administrative rights. The latter is an option for a single, temporary increase in privileges for a trusted user for a specific time. We use it in a medical environment for HIPAA compliance or medical compliance in a GDPR case. For example, if you have a clinician who needs access to a specific piece of medical information, or if there is an administrator who needs to have administrator rights to a particular database for a limited period of time, we can give it and then revoke it. That's another reason the tool is useful. Also, the fact that we are able to add events straight from event logs and/or the database is important for crisis management and rapid reaction. This ability helps us meet our SLA requirements. In addition, we can elevate approved applications and actions without broad administrative rights. We can temporarily increase privilege based on tasks. If someone puts in a ticket, we increase their privilege for that ticket. We then watch to see if that ticket has been resolved and then we decrease it. Another feature of the platform is instant risk reduction solutions. We can do a risk metric with it, and we do that as part of our risk evaluation. We can increase and decrease privilege and we can actually show that in the ISO 13485 risk metric. And it provides a single solution for managing endpoint security preferences. It does a good job of that.
Tor Nordhagen - PeerSpot reviewer
Nov 22, 2023
Transparent mode for privileged sessions will greatly simplify our client's administrative situation
We're introducing the solution's transparent mode for privileged sessions. This is part of what the client hasn't used before. It will simplify their administrative situation greatly. So far, the rollout of this feature has been a seamless process, but we're still in the midst of rolling it out. The benefits will be on the risk side. Right now, the way accounts are managed, you don't necessarily know who is using an account. There's a shared admin account, and that's not a good thing. And those accounts are shared in wallets by several people. One of the real benefits of safeguarding here is that the client will have an absolute audit of who is using an administrative interface, whether it's server or network.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The privileged access and the application control are helpful in making sure we have good, robust challenge responses. Blacklisting with trusted application protection is also beneficial for us."
"I find the solution’s features like section management, password management, and analytics valuable."
"I find the comprehensive Privilege Access Management features valuable, including automation, and the ability to integrate with applications and the Windows operating system."
"The features related to application elevate is amazing. It helped the company to remove almost all admin local users."
"I would say session management on the go is the most valuable feature. When the session is going on, you can stop the session without terminating it for justification. You can cancel it. The recording takes very little space. Those are some things which the customers are worried about when they talk about session recording."
"Logs that get collected on the Privilege Management console from the agents are very good. They help us to identify the aspects from which we have to whitelist an application."
"It scales easily and the product is stable."
"The asset discovery feature is the solution's most valuable aspect. It's very easy to pull assets into the database of the solution manager."
"There are numerous valuable data protection features, including the content and information that offer us more scalable protection as needed."
"It has greatly helped improve our security posture. Safeguard has an option where it will reset passwords on service accounts, then go out to those servers where that service account is running as a service and update the password on it. That makes password changes very easy. We can regularly change passwords now and are planning on making it an annual activity, where all the people who own service accounts will go in and make sure all their passwords get changed, updated, and reset."
"All sessions are audited and they are indexed/searchable through the GUI."
"Safeguard can define and update processes and procedures into the security framework of a company, including mobile. It allows us to change the policies and configurations on a mass scale in regards to security."
"The monitoring system is very good."
"The extensible framework for authentication is one of the most valuable features. We use an MFA plug-in and a lot of different factors, depending on what the business use-cases are. And of course, the auditing functionality is also valuable."
"It offers high availability and enables end users to deploy the solution with 99.999 percent uptime, which is crucial in an enterprise environment with a large number of endpoints."
"The solution's most valuable features are the efficiency and the quality of the recording."
 

Cons

"Their technical support could be more responsive and helpful."
"They are doing good for now, but they should start to consider tight integration with Mac solutions. There should be more integration with Mac. There should be Active Directory (AD) Bridging. Thycotic and Centrify have it currently because they merged and joined forces, and it was a feature available in Centrify. So, basically, they joined forces to create a kind of perfect product. If you have a hybrid or mixed environment with Windows and Mac, your Active Directory can only manage or enforce policies on Windows, but what about your Mac devices? How do you control them? So, AD Bridging will act as a bridge to bring all your Mac devices into your Active Directory. This way you have full control over your entire environment."
"How the accounts are presented in the solution's UI can be improved."
"It should support XWindows Remote Desktop Access protocol for Linux/Unix."
"The product should improve its price."
"The deployment process should be clarified or made simpler. It would be helpful if the solution had in-app tutorials for users to look at as they progress through the system. Sometimes we get lost and need to go back to check what exactly the function was. There should be small hints around major key functions. It would go a long way in speeding up the deployment process."
"The weaknesses are related to the effort required to migrate from existing technologies or having no Privilege Access Management (PAM) at all to adopting technologies like BeyondTrust. It involves changes in processes and can take a significant amount of time, typically six to twelve months."
"We use a program to automate all of this, but it's not a default feature of BeyondTrust Endpoint Privilege Management."
"The GUI has room for improvement because it is confusing and cumbersome."
"It needs more marketing."
"When we compare One Identity Safeguard with Cyberark, we know CyberArk has other tools or other features that are more complex and more useful for the customers. For example, I have one customer that wants to elevate the permission that is available in CyberArk."
"We currently have a problem with the Active Directory integrations on Windows. Some of our users need to be logged with Active Directory, but we are having communication issues between One Identity and Active Directory. It seems that Active Directory is not well-integrated."
"We've had issues managing accounts and access to some data saved on the servers. Accounts are granted a new working certificate daily. We have an account to do it on APIs online and sync it with that. If the path changes at some point or someone changes the password, I don't know if it's from the Active Directory or what."
"The high availability function of the box requires a long time to switch over from one appliance to another."
"We have feature requests and would like to see the turnaround times on those features to be faster."
"We sometimes face issues with configuration and things like that, but we manage to solve them."
 

Pricing and Cost Advice

"What BeyondTrust was providing was user-based licensing which was a great benefit from the client point of view. Recently, I don't know why, the licensing model has been changed, and that is the reason that they have lost a bit of their edge when it comes to the PAM, against our competition. The asset-based licensing, from the user's point of view, is not beneficial. The licensing should be based on the users. The greater the number of users, the greater will be the load and the greater the scalability problems. I presume that is why the licensing model has changed."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a seven out of ten."
"It is relatively more cost-effective compared to the competing product."
"PowerBroker for a Mac client is three times the price of the Windows version."
"Price-wise, it is very competitive. In our area, government entities and banks don't go for the monthly payment. It is a headache even for us in terms of finance and procurement to go for monthly payments. Quarterly might be more logical and reasonable, but the minimum that we go for is one year, and sometimes, we even try to compile and give one offering for three years."
"I'm sure everyone should have the cluster environment, which means more expensive, anyway, cheaper than the other solutions."
"This solution is expensive compared to its competitors."
"It was very expensive."
"The full license is expensive but if you plan to use it in a big organization then it is the best option because it is more flexible."
"As compared to other products, it is reasonable, but the training sessions are too expensive."
"Safeguard is cheaper than CyberArk."
"We have a yearly license. The cost depends on how much a company wants to invest in technology. In our organization, we believe in modern digitization and automation processes so we found it affordable. One Identity was not that much less than other solutions and it is not a cheap solution. There were number of cheaper solutions. However, it's the most effective, according to our evaluation."
"Setup cost, pricing and licensing are all very expensive."
"The pricing is about $80,000 per 100 servers. There are few elective costs."
"The license is very expensive for us, partly due to inflation and partly because of the exchange rate between the Dollar and the Iranian Rial. We purchased a perpetual license that we've been using up until now, but I believe that we are not going to update it in the future. Instead, we plan to find another third-party to support us with the license, in the sense that we would have access to their license as a shared agreement."
"The license is around $3,000 per month."
report
Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Computer Software Company
13%
Manufacturing Company
11%
Government
8%
Computer Software Company
23%
Financial Services Firm
12%
Manufacturing Company
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Looking for recommendations and a pros/cons template for software to detect insider threats
This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpo...
What do you like most about BeyondTrust Endpoint Privilege Management?
The solution's least privilege enforcement has helped us ensure access is given to only the required people.
What do you like most about One Identity Safeguard?
The identity discovery is good, and the performance is pretty good value.
What is your experience regarding pricing and costs for One Identity Safeguard?
One Identity Safeguard is expensive. The license is around $3,000 per month.
What needs improvement with One Identity Safeguard?
One Identity's support is not appropriately structured, and it has a lot of room to improve.
 

Also Known As

BeyondTrust PowerBroker, BeyondTrust Endpoint Privilege Management for Windows, BeyondTrust Endpoint Privilege Management for Mac, BeyondTrust Endpoint Privilege Management for Linux, BeyondTrust Endpoint Privilege Management for Unix, Avecto Defendpoint
No data available
 

Overview

 

Sample Customers

Aera Energy LLC, Care New England, James Madison University
Cavium
Find out what your peers are saying about BeyondTrust Endpoint Privilege Management vs. One Identity Safeguard and other solutions. Updated: October 2024.
814,763 professionals have used our research since 2012.