CyberArk is a privileged account and access security suite issued by the company of the same name in Massachusetts . The Core Privileged Access Security Solution unifies Enterprise Password Vault, Privileged Session Manager and Privileged Threat Analytics to protect an organization’s most critical assets.
N/A
Microsoft Defender for Endpoint
Score 8.9 out of 10
N/A
Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
$2.50
per user/per month
Pricing
CyberArk Privileged Access Management
Microsoft Defender for Endpoint
Editions & Modules
No answers on this topic
Academic
$2.50
per user/per month
Standalone
$5.20
per user/per month
Offerings
Pricing Offerings
CyberArk Privileged Access Management
Microsoft Defender for Endpoint
Free Trial
Yes
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
CyberArk offers a variety of Identity Security packages for different user types within an organization.
We have reviewed/used ESET and find Defender much better for Endpoints. We have also used McAfee on Servers and have since migrated to Defender on Servers.
The system is great for enterprise or larger IT departments or teams where temporary or full access may be given using privileged IDs. Requirements for needing local admin access is also eliminated which can help with specific Windows workstation related tasks. It can be very useful when working with remote teams or contractors who may need temporary access to a system when required.
Microsoft Defender for Endpoint is easy to deployed across the entire organization. Having a cloud based solution with a single pane of glass to manage all assets is a real no-brainer. Being able to receive immediate alerts when suspicious activity occurs is extremely helpful in keeping risks at a minimum. Microsoft Defender for Endpoint management is also smart enough to not send several alerts when an attack could be hitting multiple targets within a certain time frame or when it's the same attack multiple times. However, be prepared to click through multiple pages all over the site to figure out what happened when an attack occurs.
Automatically discover new servers on the network and take control of the local admin password by vaulting it and ensuring nobody knows the password. A different password on every server.
Automatically roll the password in a configurable manner - after each use, after a certain period of time, etc.
Track and govern sensitive account usage by ensuring only properly authorized users can access the vault and obtain the credentials and then monitor usage.
One, it's crazy lightweight, so compared to some of the competitors that we also have used with our security services, it's really lightweight and so I don't have a lot of overhead on the system that it's running on.
Cost add-ons for Security features is nickel and diming the process to keep pace with cybercrime. Limited Education budgets require us to be more pro-active in finding cost-effective measures to protect our devices, staff and students. Defender is a strong, well-featured product that is pricing itself out of the education market
It’s very usable once the complexity of deployment has completed. It is a useful tool that is easy to learn and the user interface is laid out well. It works with SSO for our organization which makes secure login very fast as well. It works well across our need of on premises systems and cloud very quickly.
It offers multiple security features and integrates well with Microsoft ecosystems. A workflow for threat detection, investigation, automated remediation, and a centralized dashboard is an added advantage. This application is mainly designed for experienced users; new users may feel challenged.
Microsoft Defender for Endpoint chugs along just fine no matter what we throw at it and what systems it's running on. It doesn't take up a lot of resources either, so that's welcomed.
I've been an engineer and architect in the Identity space for many years and CyberArk is the #1 tool I've found to help me secure accounts and credentials. I've architected CyberArk and built the implementation from the ground up twice in previous roles and found it here upon my arrival at my current job. I wouldn't want to have to live without it as it helps me sleep at night
The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
Deployment was handled by our team here and everything went pretty smoothly. We did have a few hiccups in our test group, but that only took a bit to get ironed out.
These other vendors have most of the safe features, but there were some things that I think CyberArk performed better while evaluating the other solutions. AWS secret manager was not available in one of the products and this was definitely needed in my environment. Also, bulk loading of accounts had a lot more flexibility in CyberArk than the other solutions. They offer both API and GUI options where the other vendors may not offer both.
Defender is far easier to deploy and manage than Sophos and tends to work without as many issues. The threat assessment portal provides an in-depth view of the organization's security posture, whereas Sophos only shows the patching status of the PCs. We did need Intune to get many of the control features (disabling USB drives) that Sophos offered out of the box.
