Project Manager at a consultancy with 501-1,000 employees
Real User
2021-02-18T04:44:58Z
Feb 18, 2021
Hi Simone,
Following are the products which you can look for your requirement. I recommend to select any solutions depend on the your organization need. Is it needed on premise or on cloud. Do you need SAAS service or have in house deployment. On these conditions cost will differ. My personal opinion is
CyberArk,
Thycotic,
Wallix
Beyondtrust
Microsoft Azure AD Premium
Thanks,
Kishan
Search for a product comparison in Privileged Access Management (PAM)
I would first state that you are asking an unqualified question. The PAM tool that matches your organizations requirements, use cases, volume, and many other considerations, will need to be considered in this equation. I like the previous answer by Kishan as I like those products and see them employed successfully. The converse is also true if not carefully scoped and evaluated.
PAM tools can be costly and contain confounding arrays of security features and terminology synchronization will be key in ensuring you are getting what you actually are asking for. On top of the software cost implications you will have the Architectural, Implementation, and Administration costs nipping at your heels. Consider also that this is not a "PAM Project", but a long term Program and buy-off must start from the very top of your organization.
I have witnessed, and participated, in projects that started out with your question, and many went off the rails, unless important considerations are taken into account:
1. Define your requirements with granularity, including integration with your existing infrastructure such as: Authentication / Authorization / MFA, syslog, analytics, Disaster Recovery and High Availability just to name a few.
2.Determine your overall goals relating to Least Privilege, Standing Privilege, Just in time Privilege, and No standing privilege. Do you require Session Recording and Keystroke Logging, as they are not always bundled into the initial price and sometimes not together, and may be individual features in your initial quotations and can unpleasantly surprise you.
3. Provision a comprehensive test environment to confirm the viability of the product choices within your infrastructure.
4. Select a vendor or integration partner to back-fill the expertise gaps in your organization as these skill-sets are very expensive and marketable.
I apologize for not answering your question directly, but I would consider looking into the Gartner resources, KuppingerCole and so on.
In a short direct answer I favor CyberArk, BeyondTrust, Thycotic, Centrify, and StealthBits, and these are definitely not in any preferential order.
VP & Head of Cybersecurity Manager at a financial services firm with 1,001-5,000 employees
Real User
2021-02-18T13:34:36Z
Feb 18, 2021
Hi Simone,
When we started the PAM journey we POC'ed three vendors based on the use cases and the roadmap for your requirements. Since the world is shifting to cloud infrastructure, i would recommend looking at these vendors.
One Identity (Safe Guard), CyberArk, and Beyondtrust. We decided to go with One Identity because it was the right fit for our use cases and requirements. We have been using safe guard for several years and it did not disappoint so far! Rock Solid tool.
Director at a tech services company with 1-10 employees
Real User
2021-02-19T05:11:27Z
Feb 19, 2021
When It comes to PAM, I would say Thycotic, CyberArk, BeyondTrust are the ones I normally include in RFPs. However, where your environment is exclusively Azure cloud-based, I say that Microsoft's Azure AD Premium provides a pretty good PIM solution. These are different solutions to achieve the same goal of managing privileged access.
What is Privileged Access Management? Privileged access management (PAM) oversees requirements of critical, private accounts living in an enterprise’s IT infrastructure.
Hi Simone,
Following are the products which you can look for your requirement. I recommend to select any solutions depend on the your organization need. Is it needed on premise or on cloud. Do you need SAAS service or have in house deployment. On these conditions cost will differ. My personal opinion is
CyberArk,
Thycotic,
Wallix
Beyondtrust
Microsoft Azure AD Premium
Thanks,
Kishan
I would first state that you are asking an unqualified question. The PAM tool that matches your organizations requirements, use cases, volume, and many other considerations, will need to be considered in this equation. I like the previous answer by Kishan as I like those products and see them employed successfully. The converse is also true if not carefully scoped and evaluated.
PAM tools can be costly and contain confounding arrays of security features and terminology synchronization will be key in ensuring you are getting what you actually are asking for. On top of the software cost implications you will have the Architectural, Implementation, and Administration costs nipping at your heels. Consider also that this is not a "PAM Project", but a long term Program and buy-off must start from the very top of your organization.
I have witnessed, and participated, in projects that started out with your question, and many went off the rails, unless important considerations are taken into account:
1. Define your requirements with granularity, including integration with your existing infrastructure such as: Authentication / Authorization / MFA, syslog, analytics, Disaster Recovery and High Availability just to name a few.
2.Determine your overall goals relating to Least Privilege, Standing Privilege, Just in time Privilege, and No standing privilege. Do you require Session Recording and Keystroke Logging, as they are not always bundled into the initial price and sometimes not together, and may be individual features in your initial quotations and can unpleasantly surprise you.
3. Provision a comprehensive test environment to confirm the viability of the product choices within your infrastructure.
4. Select a vendor or integration partner to back-fill the expertise gaps in your organization as these skill-sets are very expensive and marketable.
I apologize for not answering your question directly, but I would consider looking into the Gartner resources, KuppingerCole and so on.
In a short direct answer I favor CyberArk, BeyondTrust, Thycotic, Centrify, and StealthBits, and these are definitely not in any preferential order.
Hi Simone,
When we started the PAM journey we POC'ed three vendors based on the use cases and the roadmap for your requirements. Since the world is shifting to cloud infrastructure, i would recommend looking at these vendors.
One Identity (Safe Guard), CyberArk, and Beyondtrust. We decided to go with One Identity because it was the right fit for our use cases and requirements. We have been using safe guard for several years and it did not disappoint so far! Rock Solid tool.
When It comes to PAM, I would say Thycotic, CyberArk, BeyondTrust are the ones I normally include in RFPs. However, where your environment is exclusively Azure cloud-based, I say that Microsoft's Azure AD Premium provides a pretty good PIM solution. These are different solutions to achieve the same goal of managing privileged access.