CyberArk is a privileged account and access security suite issued by the company of the same name in Massachusetts . The Core Privileged Access Security Solution unifies Enterprise Password Vault, Privileged Session Manager and Privileged Threat Analytics to protect an organization’s most critical assets.
N/A
Delinea Secret Server
Score 8.2 out of 10
N/A
Secret Server (originally from Thycotic, now from Delinea since the 2021 Thycotic merger with Centrify) is an enterprise password management application, which is available with either a cloud-based or on-premise deployment which emphasizes fast deployment, scalability, and simplicity.
N/A
Pricing
CyberArk Privileged Access Management
Delinea Secret Server
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
CyberArk Privileged Access Management
Delinea Secret Server
Free Trial
Yes
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
CyberArk offers a variety of Identity Security packages for different user types within an organization.
—
More Pricing Information
Community Pulse
CyberArk Privileged Access Management
Delinea Secret Server
Considered Both Products
CyberArk Privileged Access Management
No answer on this topic
Delinea Secret Server
Verified User
Team Lead
Chose Delinea Secret Server
Thychotic Secret Server was heads and shoulders above the next consideration on our list.
The system is great for enterprise or larger IT departments or teams where temporary or full access may be given using privileged IDs. Requirements for needing local admin access is also eliminated which can help with specific Windows workstation related tasks. It can be very useful when working with remote teams or contractors who may need temporary access to a system when required.
I would recommend Delinea to any organization or colleague, as I have used it to support our shared services model, as well as a dedicated model for people support to customers, for privileged access management. Delinea has provided us with effective methods for handling unnecessary login attempts to the customer infrastructure. Additionally, the connection thread is available in the audit trail for review, which is a valuable feature to have.
Automatically discover new servers on the network and take control of the local admin password by vaulting it and ensuring nobody knows the password. A different password on every server.
Automatically roll the password in a configurable manner - after each use, after a certain period of time, etc.
Track and govern sensitive account usage by ensuring only properly authorized users can access the vault and obtain the credentials and then monitor usage.
Password Management: Its entire purpose, really. Secret Server stores passwords in an incredibly easy to use way. They can be organized in groups, they contain all the information about the site or system the password is used for (including URLs for websites), and even a notes field. You can set up specific policies for expirations and complexity, and Secret Server can even generate strong passwords for you. Using a password is simple, too, since you can just click a button to add it to your clipboard; you don't even have to unmask the password.
Security: The passwords are stored encrypted in a SQL database, and the application requires an authenticated login. This could be local, but we tie it into Active Directory. Each folder of passwords has groups assigned (in our case, again, AD, but you can make them local groups) with different permission levels, so we can compartmentalize passwords. Desktop technicians don't have access to network switch passwords, etc.
Easy Setup: It took me about an hour to get the server running, from spinning up the VM to importing our old password list. It took a little longer to organize the passwords into proper folders, and then assigning groups, but it was easy to do.
Personal Passwords: Each user also gets a personal folder, where they can keep their own, unshared passwords. This is nice for sites or systems with individualized logins (e.g., a firewall, VPN, etc.)
Favorites: Secret Server lets you tag passwords as "favorites" so you can easily find ones you use constantly. The search feature is nice, but this is nicer.
It’s very usable once the complexity of deployment has completed. It is a useful tool that is easy to learn and the user interface is laid out well. It works with SSO for our organization which makes secure login very fast as well. It works well across our need of on premises systems and cloud very quickly.
My rating is purely based on the configurational activities, as feature-wise delineation has all the features that are very beneficial for customers, though the implementation is a bit more manual work, which can be reduced with a low-code platform. Along with that, we can have a better UI to have intuitiveness and can manage the platform for shared customers in a better way. Overall, it is a very good tool for PAM.
I've been an engineer and architect in the Identity space for many years and CyberArk is the #1 tool I've found to help me secure accounts and credentials. I've architected CyberArk and built the implementation from the ground up twice in previous roles and found it here upon my arrival at my current job. I wouldn't want to have to live without it as it helps me sleep at night
These other vendors have most of the safe features, but there were some things that I think CyberArk performed better while evaluating the other solutions. AWS secret manager was not available in one of the products and this was definitely needed in my environment. Also, bulk loading of accounts had a lot more flexibility in CyberArk than the other solutions. They offer both API and GUI options where the other vendors may not offer both.
There were not very many solutions that provided the entire package of taking an account from creation and deactivating it when no longer needed, as well as providing the discovery of unknown service accounts. Other solutions like RoboForm and LastPass did not offer the ability to manage your service accounts and added layers of complication to ensure security.
