BeyondTrust Endpoint Privilege Management vs One Identity Safeguard comparison

BeyondTrust and One Identity are both solutions in the Privileged Access Management (PAM) category. BeyondTrust is ranked #5 with an average rating of 7.8, while One Identity is ranked #4 with an average rating of 7.2. BeyondTrust holds a 4.2% mindshare in PAM, compared to One Identity’s 4.2% mindshare. Additionally, 92% of BeyondTrust users are willing to recommend the solution, compared to 93% of One Identity users who would recommend it.

BeyondTrust Endpoint Privil...

Read 29 BeyondTrust Endpoint Privilege Management reviews

2,758 Views
1,318 Comparison Views

92% willing to recommend

One Identity Safeguard

Read 40 One Identity Safeguard reviews

2,991 Views
1,201 Comparison Views

93% willing to recommend

BeyondTrust Endpoint Privil...

One Identity Safeguard

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 6, 2024

BeyondTrust Endpoint Privilege Management and One Identity Safeguard are prominent solutions in the privilege management category. BeyondTrust holds an advantage in pricing and customer support satisfaction, while One Identity Safeguard is perceived as having superior features justifying its higher cost.

Features: BeyondTrust Endpoint Privilege Management integrates seamlessly with various operating systems, effectively delegates admin privileges, and offers strong integration guidance. One Identity Safeguard provides robust access control, advanced audit capabilities, and comprehensive security features.

Room for Improvement: BeyondTrust could enhance its reporting capabilities, reduce setup complexity, and improve ongoing support. One Identity Safeguard might streamline user workflows, enhance scalability options, and optimize its deployment support.

Ease of Deployment and Customer Service: BeyondTrust offers straightforward deployment and strong integration guidance but faces challenges in immediate problem resolution. One Identity Safeguard has thorough deployment support and a responsive customer service team, providing effective ongoing support.

Pricing and ROI: BeyondTrust offers a competitive pricing model with immediate ROI benefits and is perceived as more cost-effective initially. One Identity Safeguard involves higher setup costs, but users find the long-term ROI justifies the investment due to enhanced features and security.

To learn more, read our detailed BeyondTrust Endpoint Privilege Management vs. One Identity Safeguard Report (Updated: January 2025).

Buyer's Guide

BeyondTrust Endpoint Privilege Management vs. One Identity Safeguard

January 2025

Download the complete report

Helped 838,713 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

BeyondTrust Endpoint Privil...

Ranking in Privileged Access Management (PAM)

5th

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Anti-Malware Tools (9th)

One Identity Safeguard

Ranking in Privileged Access Management (PAM)

4th

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (6th)

Mindshare comparison

As of February 2025, in the Privileged Access Management (PAM) category, the mindshare of BeyondTrust Endpoint Privilege Management is 4.2%, down from 5.5% compared to the previous year. The mindshare of One Identity Safeguard is 4.2%, down from 5.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Privileged Access Management (PAM)

Featured Reviews

Prashant Uppuluri

Solution Architect at FVC

Provides critical application control and ensures security with a flexible setup process

Regarding the feedback scenario, it's a tough question as I have thoroughly gone through the entire partner portal and library of BeyondTrust, as well as BeyondTrust University. I have also interacted with support whenever a ticket is raised, ranging from P1 to P3 or P2. Most end users and partners seem happy and content with BeyondTrust. The deployment of the solution is generally easy, flexible, and scalable. However, it can be challenging in certain environments, especially regarding management. Improvements could focus on adding more AI features to automate processes that are currently manual or challenging for end users. In some cases of competition, I have noted specific use cases where the recording of sessions was an endpoint for BeyondTrust, providing an edge for higher management. The ability to view recorded live sessions of specific users is a crucial benefit.

Read full review

Tor Nordhagen

Executive Director at Semaphore

Transparent mode for privileged sessions will greatly simplify our client's administrative situation

We're introducing the solution's transparent mode for privileged sessions. This is part of what the client hasn't used before. It will simplify their administrative situation greatly. So far, the rollout of this feature has been a seamless process, but we're still in the midst of rolling it out. The benefits will be on the risk side. Right now, the way accounts are managed, you don't necessarily know who is using an account. There's a shared admin account, and that's not a good thing. And those accounts are shared in wallets by several people. One of the real benefits of safeguarding here is that the client will have an absolute audit of who is using an administrative interface, whether it's server or network.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I find the comprehensive Privilege Access Management features valuable, including automation, and the ability to integrate with applications and the Windows operating system."

"BeyondTrust has very good integrations with quite a lot of security vendors such as SailPoint, IBM, FortiGuard, Splunk, etc."

"The asset discovery feature is the solution's most valuable aspect. It's very easy to pull assets into the database of the solution manager."

"It has some features that other products don't have yet, differentiation that sets it apart in the marketplace... Those features are a centralized dashboard and the ability to issue and revoke entitlements within minutes. That makes a difference."

"It scales easily and the product is stable."

"The notable aspect is its ability to capture the application's behavior comprehensively and this thorough analysis is crucial for effective policy management."

"I'm a BeyondTrust partner and I have multiple deployments, four or five banks right now. The features that give us quite an edge compared to what our competitors are offering - like IBM or Thycotic - are the Session Management, that is quite a big one; also the recording of keystrokes. In addition, there is the password vaulting and state-of-the-art Password Management, which I haven't seen in other products."

"Scalability is good. I would rate the scalability a nine out of ten."

More BeyondTrust Endpoint Privilege Management pros

"It is easy to manage. There is a very logical, clear user interface. Also, the integration of scripts is thoughtfully implemented. Overall, it's a nice product to manage."

"We use the solution’s Approval Anywhere feature which enables us to add an extra layer of security for critical passwords without adding time-consuming approval processes. By using this platform, if someone goes on a vacation, out of office, or needs urgent/planned leave, then our setup will select the functions tied to that person and automatically delegate them to the next person. That person can start performing that duty based on their access. No sharing of passwords is required."

"The customer service and technical support are very good."

"The system is easy to manage, as it is not a system that you will change everything all of a sudden. It evolves most of the time with customer requests."

"The most valuable feature of One Identity Safeguard is the user-friendly interface."

"The transparent mode for privileged sessions is a very good solution."

"We don't need to use VPN for remote access."

"We are able to log and get reporting on all privileged activity that is being performed. We like the fact that we can leverage the session recording feature, which is especially valuable when we're dealing with third-party vendors that have to remote into our our boxes and servers to do any work on behalf of the bank. Now, we can record everything they are doing to ensure that they're only doing the changes that were needed. In addition, we use it to leverage knowledge transfer with our internal staff."

More One Identity Safeguard pros

Cons

"It keeps on breaking every now and then. It is not yet mature. Every time something new comes up or we run into some new issues, the culprit is BeyondTrust because the agents and the adapter are not mature. The new development process goes on, and they're not able to handle things. It should be mature. It shouldn't break every now and then."

"Their technical support could be more responsive and helpful."

"The other area to improve is that they rely on MS SQL servers only. You cannot have any other database behind them. They have to be on MS SQL. If they can do something about these issues, this would be a better alternative for some customers."

"What's bothering me, which is true of all of them, is that sometimes, the error codes that come up don't necessarily get reflected in the searches within their support sites or they're out of date. I would rather search by an error code than type in the text and search for it by text because the error code means that it is programmatic, and it is known. It might not be desired, but it at least is not unexpected. If you don't have an error code, you just get an anomalous error, and if it is lengthy, it can be difficult to search and find the specific instance you're looking for. This is something I would like all of them to improve. BeyondTrust, CyberArk, Centrify, and Thycotic could do some improvements in staying up to date and actually allowing you to search based on the product version. They are assuming that everybody is on their way to release. They put out a new release, but it is not reflected on the support site, which makes no sense to me, especially when they revamp all the error codes. They all have been guilty of this in some way."

"The product should improve its price."

"Its feature for establishing workflows needs improvement."

"The weaknesses are related to the effort required to migrate from existing technologies or having no Privilege Access Management (PAM) at all to adopting technologies like BeyondTrust. It involves changes in processes and can take a significant amount of time, typically six to twelve months."

"The deployment process should be clarified or made simpler. It would be helpful if the solution had in-app tutorials for users to look at as they progress through the system. Sometimes we get lost and need to go back to check what exactly the function was. There should be small hints around major key functions. It would go a long way in speeding up the deployment process."

More BeyondTrust Endpoint Privilege Management cons

"We currently have a problem with the Active Directory integrations on Windows. Some of our users need to be logged with Active Directory, but we are having communication issues between One Identity and Active Directory. It seems that Active Directory is not well-integrated."

"There is room for improvement in the launch module. They built in a launch button but they don't have effective instructions for configuring it to allow it to launch an RDP session. They're working on that, but the button is in the live product. If they were going to install something that wasn't useful, they should have just disabled it and not rolled it out with the product."

"Transparent mode was too cumbersome, so I don't foresee us being able to use it. On paper when we were initially talking about it, it was definitely going to be the preferred method until we realized the burden it would be on our network guys. Then, we had to step back and reevaluate what we wanted to do. That's when we changed our approach to use the RD Gateway feature."

"When we compare One Identity Safeguard with Cyberark, we know CyberArk has other tools or other features that are more complex and more useful for the customers. For example, I have one customer that wants to elevate the permission that is available in CyberArk."

"Our experience with technical support has been disappointing. We require more prompt and faster response times. We require answers to our questions right away but we haven't received that level of support."

"The automated change of the passwords, which is now integrated, could be improved to be more flexible regarding different systems."

"We have issues using Safeguard to connect to and record from the cloud. Currently, they don't have a mechanism to record this type of connection."

"We would like to be able to generate certificate signing requests (CSRs) from the interface for certificates."

More One Identity Safeguard cons

Pricing and Cost Advice

"PowerBroker for a Mac client is three times the price of the Windows version."

"Price-wise, it is very competitive. In our area, government entities and banks don't go for the monthly payment. It is a headache even for us in terms of finance and procurement to go for monthly payments. Quarterly might be more logical and reasonable, but the minimum that we go for is one year, and sometimes, we even try to compile and give one offering for three years."

"This solution is expensive compared to its competitors."

"What BeyondTrust was providing was user-based licensing which was a great benefit from the client point of view. Recently, I don't know why, the licensing model has been changed, and that is the reason that they have lost a bit of their edge when it comes to the PAM, against our competition. The asset-based licensing, from the user's point of view, is not beneficial. The licensing should be based on the users. The greater the number of users, the greater will be the load and the greater the scalability problems. I presume that is why the licensing model has changed."

"The product’s licensing is different for Windows, Linux, and Mac. The tool’s licensing is yearly."

"It was very expensive."

"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a seven out of ten."

"It is relatively more cost-effective compared to the competing product."

More BeyondTrust Endpoint Privilege Management pricing and cost advice

"We have a yearly license. The cost depends on how much a company wants to invest in technology. In our organization, we believe in modern digitization and automation processes so we found it affordable. One Identity was not that much less than other solutions and it is not a cheap solution. There were number of cheaper solutions. However, it's the most effective, according to our evaluation."

"They offer a fair price for a robust solution."

"It was definitely cheaper than the other two products that we evaluated."

"As compared to other products, it is reasonable, but the training sessions are too expensive."

"Safeguard is cheaper than CyberArk."

"It is a bit on the pricey side, but you get what you pay for. You don't want to get anything too cheap because then you get cheap stuff and cheap support. That really never helps anybody."

"The license is very expensive for us, partly due to inflation and partly because of the exchange rate between the Dollar and the Iranian Rial. We purchased a perpetual license that we've been using up until now, but I believe that we are not going to update it in the future. Instead, we plan to find another third-party to support us with the license, in the sense that we would have access to their license as a shared agreement."

"The license is around $3,000 per month."

More One Identity Safeguard pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.

See recommendations

838,713 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

17%

Computer Software Company

14%

Manufacturing Company

10%

Government

Computer Software Company

23%

Financial Services Firm

12%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Looking for recommendations and a pros/cons template for software to detect insider threats

This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpo...

See all answers

What do you like most about BeyondTrust Endpoint Privilege Management?

The solution's least privilege enforcement has helped us ensure access is given to only the required people.

See all answers

What is your experience regarding pricing and costs for BeyondTrust Endpoint Privilege Management?

Setup costs vary depending on the scenario. Sometimes we win orders, and other times we lose due to partner preferences or deal scenarios. Customers may negotiate on price, understanding that quali...

See all answers

What do you like most about One Identity Safeguard?

The identity discovery is good, and the performance is pretty good value.

See all answers

What is your experience regarding pricing and costs for One Identity Safeguard?

One Identity Safeguard is expensive. The license is around $3,000 per month.

See all answers

What needs improvement with One Identity Safeguard?

One Identity's support is not appropriately structured, and it has a lot of room to improve.

See all answers

Comparisons

CyberArk Endpoint Privilege Manager vs BeyondTrust Endpoint Privilege Management

Compared 23% of the time

Cisco Identity Services Engine (ISE) vs BeyondTrust Endpoint Privilege Management

Compared 9% of the time

Tanium vs BeyondTrust Endpoint Privilege Management

Compared 7% of the time

Fortinet FortiAuthenticator vs BeyondTrust Endpoint Privilege Management

Compared 6% of the time

Microsoft Defender for Endpoint vs BeyondTrust Endpoint Privilege Management

Compared 6% of the time

More BeyondTrust Endpoint Privilege Management Competitors

CyberArk Privileged Access Manager vs One Identity Safeguard

Compared 37% of the time

WALLIX Bastion vs One Identity Safeguard

Compared 14% of the time

Delinea Secret Server vs One Identity Safeguard

Compared 10% of the time

SailPoint Identity Security Cloud vs One Identity Safeguard

Compared 8% of the time

BeyondTrust Privileged Remote Access vs One Identity Safeguard

Compared 8% of the time

More One Identity Safeguard Competitors

Product Reports

Buyer's Guide

BeyondTrust Endpoint Privilege Management

February 2025

BeyondTrust Endpoint Privilege Management report

Download BeyondTrust Endpoint Privilege Management product report

Buyer's Guide

One Identity Safeguard

February 2025

Download One Identity Safeguard product report

Also Known As

BeyondTrust PowerBroker, BeyondTrust Endpoint Privilege Management for Windows, BeyondTrust Endpoint Privilege Management for Mac, BeyondTrust Endpoint Privilege Management for Linux, BeyondTrust Endpoint Privilege Management for Unix, Avecto Defendpoint

No data available

Overview

BeyondTrust Endpoint Privilege Management enables organizations to mitigate attacks by removing excess privileges on Windows, Mac, Unix/Linux and networked devices. Remove excessive end user privileges and control applications on Windows, Mac, Unix, Linux, and networked devices without hindering end-user productivity.

Key Solutions Include:

-ENTERPRISE PASSWORD SECURITY

Discover, manage and monitor all privileged accounts and SSH keys, secure privileged assets, and report on all privileged account activity in a single solution.

-ENDPOINT LEAST PRIVILEGE

Enforce least privilege across all Windows and Mac endpoints, gain visibility into target system vulnerabilities, and control access to privileged applications without disrupting user productivity or compromising security.

-SERVER PRIVILEGE MANAGEMENT

Gain control and visibility over Unix, Linux and Windows server user activity without sharing the root or administrator account.

-A SINGLE PLATFORM FOR MANAGEMENT, POLICY, REPORTING AND THREAT ANALYTICS

Utilize a single solution to manage PAM policies and deployment, understand vulnerability and threat analytics, and provide reporting to multiple stakeholders and complementary security systems.

Learn more at https://www.beyondtrust.com/privilege-management

BeyondTrust

One Identity Safeguard manages and monitors privileged access, enhancing security with features like automatic session recording, real-time monitoring, and credential rotation. It integrates seamlessly, supports compliance with audit trails, and improves operational efficiency across organizations. This robust platform significantly bolsters security protocols while controlling sensitive operations.

One Identity

Sample Customers

Aera Energy LLC, Care New England, James Madison University

Cavium

Buyer's Guide

BeyondTrust Endpoint Privilege Management vs. One Identity Safeguard

January 2025

Free Report: BeyondTrust Endpoint Privilege Management vs. One Identity Safeguard

Find out what your peers are saying about BeyondTrust Endpoint Privilege Management vs. One Identity Safeguard and other solutions. Updated: January 2025.

DOWNLOAD NOW

838,713 professionals have used our research since 2012.

See our BeyondTrust Endpoint Privilege Management vs. One Identity Safeguard report.

See our list of best Privileged Access Management (PAM) vendors.

We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.