Secret Server (originally from Thycotic, now from Delinea since the 2021 Thycotic merger with Centrify) is an enterprise password management application, which is available with either a cloud-based or on-premise deployment which emphasizes fast deployment, scalability, and simplicity.
N/A
Spot by NetApp
Score 7.0 out of 10
N/A
Spot by NetApp, now including CloudCheckr, helps companies to run their cloud investments. The Spot product suite uses machine learning and analytics to automate and optimize cloud infrastructure, to ensure that workloads and applications always have the best possible infrastructure that is available, scalable and available at the lowest possible cost. Spot’s technology provides insights into cloud costs, recommendations for how to optimize utilization and costs, and automation to implement…
N/A
Pricing
Delinea Secret Server
Spot by NetApp
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Delinea Secret Server
Spot by NetApp
Free Trial
No
No
Free/Freemium Version
No
Yes
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Delinea Secret Server
Spot by NetApp
Features
Delinea Secret Server
Spot by NetApp
Cloud Management
Comparison of Cloud Management features of Product A and Product B
I would recommend Delinea to any organization or colleague, as I have used it to support our shared services model, as well as a dedicated model for people support to customers, for privileged access management. Delinea has provided us with effective methods for handling unnecessary login attempts to the customer infrastructure. Additionally, the connection thread is available in the audit trail for review, which is a valuable feature to have.
CloudCheckr is fantastic for those that are purely in the Cloud as it provides everything you need under one roof for a comprehensive configuration and usage monitoring tool. It has SysLog capabilities though so you can farm out the alerts into a SIEM or other log management system, so hybrid environments could also benefit from its use.
Password Management: Its entire purpose, really. Secret Server stores passwords in an incredibly easy to use way. They can be organized in groups, they contain all the information about the site or system the password is used for (including URLs for websites), and even a notes field. You can set up specific policies for expirations and complexity, and Secret Server can even generate strong passwords for you. Using a password is simple, too, since you can just click a button to add it to your clipboard; you don't even have to unmask the password.
Security: The passwords are stored encrypted in a SQL database, and the application requires an authenticated login. This could be local, but we tie it into Active Directory. Each folder of passwords has groups assigned (in our case, again, AD, but you can make them local groups) with different permission levels, so we can compartmentalize passwords. Desktop technicians don't have access to network switch passwords, etc.
Easy Setup: It took me about an hour to get the server running, from spinning up the VM to importing our old password list. It took a little longer to organize the passwords into proper folders, and then assigning groups, but it was easy to do.
Personal Passwords: Each user also gets a personal folder, where they can keep their own, unshared passwords. This is nice for sites or systems with individualized logins (e.g., a firewall, VPN, etc.)
Favorites: Secret Server lets you tag passwords as "favorites" so you can easily find ones you use constantly. The search feature is nice, but this is nicer.
Detailed Best Practices. It's important to align your cloud to industry best practices for security and cost—it just performs better if it's used the way it's meant to be used. AWS is very flexible, and that's great when you have special requirements, but you've got to at least know when you're using something in a non-standard way so you can think through the implications.
Cost Reduction. Some recommendations are almost impossible to make at least for our setup, but many, many others are easy. We only have to log into CloudCheckr every few months and make a few changes for it to more than pay for itself.
Right-Sizing. This is related to the other points, but for some reason is separate from their cost module. The metrics it's able to pull only tell half the story, so it's good to verify it's sizing recommendations before making changes. But it does show you what instances to focus on first, and even if you choose a slightly different size to move it to, it does clearly indicate it's current size isn't appropriate. And this works both ways, if the size is too big, you can save some cash by making it smaller, but if it's too small, you want to be sure to scale up before you run into performance problems.
CloudCheckr features have a tendency to break without warning. Functionality in place for months could suddenly stop working.
CloudCheckr support often delays work on support tickets for fixing broken application functionality.
The CloudCheckr platform and documentation website often crash or experience performance degradation.
CloudCheckr cost reporting is often impacted by faulty code or broken report functionality. This can contribute to a low level of confidence in CloudCheckr's ability to deliver accurate cost reporting.
My rating is purely based on the configurational activities, as feature-wise delineation has all the features that are very beneficial for customers, though the implementation is a bit more manual work, which can be reduced with a low-code platform. Along with that, we can have a better UI to have intuitiveness and can manage the platform for shared customers in a better way. Overall, it is a very good tool for PAM.
Overall, CloudCheckr covers all our AWS monitoring needs and great integration through SysLog into our SIEM to capture alerts for investigation. The reports are great and allow for an easy daily review. Small improvements could be made to the interface and better filtering in places would be good. Great product and the price is fair.
There were not very many solutions that provided the entire package of taking an account from creation and deactivating it when no longer needed, as well as providing the discovery of unknown service accounts. Other solutions like RoboForm and LastPass did not offer the ability to manage your service accounts and added layers of complication to ensure security.
There are a few products out there that'll do an aspect or two of what CloudCheckr does, but I honestly couldn't find anything nearly as comprehensive as CloudCheckr.
