Scribd
Upload
96 views1 page

PAM Capabilities Deck Ver 1

The document compares the features and Gartner rankings of several privileged access management (PAM) solutions: Arcon, CyberArk, BeyondTrust, Delinea, Sectona, and Saviynt. It shows that Arcon, CyberArk, Delinea, and Saviynt offer on-premises PAM solutions and have been previously recognized as Leaders in the Gartner Magic Quadrant for PAM, while BeyondTrust and Sectona only offer cloud-based PAM.

Uploaded by

sabyasachi mohanty
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
96 views1 page

PAM Capabilities Deck Ver 1

The document compares the features and Gartner rankings of several privileged access management (PAM) solutions: Arcon, CyberArk, BeyondTrust, Delinea, Sectona, and Saviynt. It shows that Arcon, CyberArk, Delinea, and Saviynt offer on-premises PAM solutions and have been previously recognized as Leaders in the Gartner Magic Quadrant for PAM, while BeyondTrust and Sectona only offer cloud-based PAM.

Uploaded by

sabyasachi mohanty
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Inspira Internal Use Only

Functional Area Features Description Description Arcon Beyond Description BT Description Delinea Description Sectona Saviynt CPAM Description CPAM
ARCON CyberArk
Trust Description CyberArk Delinea PAM Sectona PAM
PAM PAM

Y https://www.gartner.com/reviews/market/privileged-access-
https://www.gartner.com/reviews/market/privileged-access-management/vendor/arcon/reviews?marketSeoName=privileged-access-management&vendorSeoName=arcon Delinea a Leader in 2022 Gartner Magic Quadrant for PAM https://www.gartner.com/reviews/market/pr Leader in https://saviynt.com/press-releases/saviynt-named-as-the-only-
management https://www.cyberark.com/press/cyberark-named-a-leader-in-2022-gartner-magic- ivileged-access- Magic visionary-in-2022-gartner-magic-quadrant-for-privileged-access-
Y Leader in Magic Quadrant (2022) management/vendor/sectona/product/secto Quadrant management/
quadrant-for-privileged-access-management/
na-security-platform (2022)

https://www.beyondtrust.com/blog/entry/beyondtrust-named- N
Gartner Rankings a-gartner-peer-insights-customers-choice-for-privilege-access-
management
https://www.google.com/search?q=beyondtrust+pam+gartner+r Delinea Recognized - 2021 Gartner Peer Insights™ | PAM N
eport+2023&rlz=1C1CHBF_enIN1034IN1034&sxsrf=AJOqlzWuzH https://www.cyberark.com/press/cyberark-named-a-leader-in-2021-gartner-magic-
Leader in Magic Quadrant (2021)
goJd11DIDKC0w8m8daqnmtew:1678276860207&source=lnms quadrant-for-privileged-access-management/
&tbm=isch&sa=X&ved=2ahUKEwiamNnApMz9AhUhcGwGHa08C
On-Prem Product offered on-premises Y Y Y Y 0 Y N
Hardware Appliance https://docs.delinea.com/secrets/current/setup/installation/advanced-installation- N
N N N N
Y manual/index.md
Flexible Deployment Software Appliance https://docs.delinea.com/secrets/current/setup/installation/advanced-installation- N
N Y Y Y
manual/index.md
SaaS Product offered as SaaS https://docs.delinea.com/secrets/current/setup/installation/advanced-installation- https://docs.sectona.com/cpd/migrating- Y
Y Y Y On Process from-evaluation-to-production
Y manual/index.md
Automated Management Automated password management for range of devices viz.: Y
UNIX, Linux, AIX, Win2K, Win2k3, Oracle, MS SQL, Services, https://www.beyondtrust.com/docs/privileged-remote-access/how- https://docs.cyberark.com/Product-
dcom etc. Y Y Y Y https://docs.delinea.com/secrets/current/remote-password-changing/automatic-rpc/index.md Y
to/integrations/syslog/fields/vault-account-password-rotation.htm Doc/OnlineHelp/PAS/13.0/en/Content/PASIMP/Linked-PAS-Accounts.htm

Agent based and agent less The agent less connectors offer scalability and the agent based N
connectors connectors offer control on the password management activity
and better error trapping. Y Y Y Y https://docs.delinea.com/secrets/current/secret-launchers/session-connector/index.md Y
https://docs.sectona.com/epm/Defining-
Ensures that passwords on multiple systems can be common automatic-password- N
Password Management and changed at the same time. Also the passwords can be rotation.618365021.html
https://docs.delinea.com/secrets/current/getting-started-tutorial/9-remote-password-
Password dependencies sequentially changed for dependent systems and services. Y Y Y Y Y
changing/index.md

Logs Password change Logs are produced which automatically N


verifies whether the passwords are changed or not. https://docs.cyberark.com/Product-
https://www.beyondtrust.com/docs/beyondinsight-password-safe/bi/user-
Y Y Y Doc/OnlineHelp/PAS/13.0/en/Content/PASIMP/CPMLogging.htm?tocpath=Administrator Y https://docs.delinea.com/secrets/current/events-and-alerts/log-list/index.md Y
cloud/get-started/change-reset-password.htm
%7CComponents%7CCentral%20Policy%20Manager%7C_____2

Historic Password Password can be restored for any account. https://www.beyondtrust.com/docs/beyondinsight-password- https://docs.delinea.com/secrets/current/remote-password-changing/password-changer- https://docs.sectona.com/epm/Password- N
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/Restoring-Safes-or-the-Vault.htm
Y Y Y
Y Y safe/ps/cache/index.htm list/index.md Checkout.619675790.html
Password Vault Password Vault Secures all the passwords with its proprietary encryption Digital Vault | CyberArk Docs https://docs.sectona.com/pam-kb/checkout- Y https://saviynt.freshdesk.com/support/solutions/articles/43000
methodology. Further it provides dynamic password password-from-satellite-vault 646441-using-saviynt-vault-for-credentials-management
generation facility Y y Y Y https://docs.delinea.com/secrets/current/admin/dsv-syncing/index.md Y

User Activities Monitors User Activities on Server Configure Session Monitoring in Password Safe (beyondtrust.com) Monitor the Credential Provider | CyberArk Docs https://docs.sectona.com/cpd/reviewing- N
https://docs.delinea.com/secrets/current/session-recording/configuring-session- sessions
Y Y Y
recording/index.md
N y
Windows RDP, Connectors Monitors Servers for Windows RDP and Connectors service Configure Session Monitoring in Password Safe (beyondtrust.com) Active Session Monitoring | CyberArk Docs https://docs.delinea.com/secrets/current/session-recording/configuring-session- https://docs.sectona.com/cpd/reviewing- N
Y Y Y
type. N Y recording/index.md sessions
File activities Monitor activities such as creation, modification and deletion Configure Session Monitoring in Password Safe (beyondtrust.com) Active Session Monitoring | CyberArk Docs https://docs.delinea.com/secrets/current/session-recording/session-recording- https://docs.sectona.com/cpd/reviewing- N
Y Y Y
of files. N Y requirements/basic-session-recording/index.md sessions
Smart Session Monitoring
Keys and clicks Captures function keys and mouse clicks on Server. Configure Session Monitoring in Password Safe (beyondtrust.com) Recordings and Audits | CyberArk Docs https://docs.delinea.com/secrets/current/session-recording/session-recording- https://docs.sectona.com/cpd/monitoring-or- N
Y Y Y
N Y requirements/basic-session-recording/index.md terminating-live-sessions
Commands Logs provide complete meta-data of the windows sessions Configure Session Monitoring in Password Safe (beyondtrust.com) Recordings and Audits | CyberArk Docs https://docs.sectona.com/cpd/monitoring-or- Y https://saviynt.freshdesk.com/support/solutions/articles/43000
https://docs.delinea.com/secrets/current/session-recording/session-recording-
and command fired on CLI interfaces. Y Y Y Y Y terminating-live-sessions 580071-introduction-
requirements/basic-session-recording/index.md
Risk Score Score can be displayed for live sessions and recordings of Configure Session Monitoring in Password Safe (beyondtrust.com) Threat Analytics | CyberArk Docs https://docs.sectona.com/cpd/adjusting- N
finished sessions, enabling you to respond immediately and https://docs.delinea.com/secrets/current/session-recording/session-recording- session-risk-scoring-threat-analytics-pa
Y Y Y Y Y
mitigate potential security issues. requirements/basic-session-recording/index.md
https://docs.delinea.com/secrets/current/session-recording/session-recording-
Real Time Session Monitoring Live Feed Used to monitor live feed of a session. Y Y Configure Session Monitoring in Password Safe (beyondtrust.com) Y Y Y https://docs.sectona.com/cpd/viewing-live- Y https://saviynt.freshdesk.com/support/solutions/articles/43000
requirements/basic-session-recording/index.md
Minimize Damage Session can be quickly freezed, unfreezed or logout the sessions
https://docs.sectona.com/cpd/monitoring-or- Y 580071-introduction-
https://saviynt.freshdesk.com/support/solutions/articles/43000
https://docs.delinea.com/secrets/current/session-recording/session-recording-
session to minimize any potential damage. Y Y Y Y Y terminating-live-sessions 580071-introduction-

Inspira Internal Use Only


requirements/basic-session-recording/index.md
Approval Workflows Service Access Raise request for accessing a particular service Configure Approvals for Password Safe (beyondtrust.com) https://docs.sectona.com/pam-kb/configure- Y
Y Y https://docs.delinea.com/secrets/current/workflow-templates/index.md Y a-multiple-level-workflow-for-access-req
Y Y
Service Password Raise request for a password of a service assigned to you Configure Approvals for Password Safe (beyondtrust.com) https://docs.sectona.com/pam-kb/configure- Y
https://docs.delinea.com/secrets/current/remote-password-changing/custom-password- a-multiple-level-workflow-for-password-r
Y Y Y
changers/rpc-for-service-accounts-and-ssh-keys/index.md
Y Y
Auto Discovery Auto Discovery Used to automatically discover all the users on all the target Discovery: Discover Accounts, Endpoints, and Services in a Domain (beyondtrust.com) https://docs.sectona.com/pam-kb/discovery- Y
servers (server level users only) such as Linux, Windows, and https://docs.delinea.com/secrets/current/discovery/general-information/discovery-sources- management
Y Y Y Y Y
Database. scanners-templates/index.md

Desktops and Devices Privileged User Onboarding, Desktop User Onboarding and Discovery: Discover Accounts, Endpoints, and Services in a Domain (beyondtrust.com) https://docs.sectona.com/pam-kb/onboard- Y
Device Onboarding. Y Y Y https://docs.delinea.com/ssm/current/onboarding/index.md Y assets-during-asset-discovery
Y
Auto Onboarding
Network Discovery Network Discovery through IP and Port Scanner, Active Discovery: Discover Accounts, Endpoints, and Services in a Domain (beyondtrust.com) https://docs.delinea.com/secrets/current/discovery/discovery-platform-specifics/unix- https://docs.sectona.com/pam- N
Directory Scan and SSH Key Scan. Y Y Y Y Y kb/performing-a-network-scan-for-assets
discovery/index.md
AWS Auto/Manual onboard users and services from AWS https://docs.sectona.com/pam- Y
https://docs.delinea.com/secrets/current/discovery/discovery-platform-specifics/aws- kb/discovering-assets-using-aws-resource-
https://www.beyondtrust.com/docs/beyondinsight-password- Y Y Y
discovery/index.md discovery
Y Y safe/ps/cloud/resource-broker/install-resource-broker.htm
Cloud Onboarding Azure Auto/Manual onboard users and services from Azure https://www.beyondtrust.com/docs/beyondinsight-password- https://docs.delinea.com/secrets/current/directory-services/azure-active-directory/create-azure- Y
Y Y Y
Y Y safe/ps/cloud/resource-broker/install-resource-broker.htm app-registration/index.md
GCP Auto/Manual onboard users and services from GCP https://www.beyondtrust.com/docs/beyondinsight-password- https://docs.delinea.com/secrets/current/discovery/discovery-platform-specifics/google-cloud- Y
Y Y Y
Y Y safe/ps/cloud/resource-broker/install-resource-broker.htm platform-discovery/index.md
Privilege Elevation and Delegation Privilege Elevation and Limits the scope of what administrators can do, or prevent https://docs.sectona.com/pam-kb/create-a- N
Management Delegation Management administrators from carrying out unsafe activities that could be https://docs.delinea.com/secrets/current/secret-launchers/automatic-sudo-privilege- server-access-policy-for-windows-servers
a vector for malware or that potentially could do great damage. Y Y Y Y Y
elevation/index.md

Password Reconciliation and Auto Heal Password Reconciliation and Process used to analyze failed scheduled passwords and https://docs.delinea.com/secrets/current/remote-password-changing/automatic- N
Y Y Y Y Y
Auto Heal auto heal them on both PAM and target server. rpc/autochange-expiration-schedules/index.md
Entity Comparison Compares the entries in PAM repository and the target https://docs.sectona.com/cpd/configuring- N
https://docs.delinea.com/secrets/current/remote-password-changing/automatic-
system repository, determining the difference between the Y N Y Y Y reconciliation-policy
rpc/autochange-expiration-schedules/index.md
two repositories.
Reconcile Status Report Status of success and failure are updated in Service Reconcile Y N Y Y https://docs.delinea.com/secrets/current/reports/built-in-reports/index.md Y N
Knight Analytics Training Dataset, Anamoly Uses data mining, statistics, modeling, machine learning, N
Detection and Predicting Existing predictive analytics, and AI for training the dataset, anomaly https://docs.delinea.com/secrets/current/getting-started-tutorial/11-audits-and-
and Future Threats detection, and to make predictions about the existing and Y Y Y Y N
reports/index.md
future threats.

Alerts Alerts are received based on the risky enetities, the one with https://docs.sectona.com/cpd/using- N
the greatest potential risk level /risk score. Y Y Y N Y notification-templates
Offline Storage Tamper Proof Logs Y N Y N N N
Offline Access Request End-user should be able to raise a request for offline access to https://docs.sectona.com/epm/Workflow- N
the required service which shall be approved by the Y N Y N Y Administration.619643076.html
Approver.
Only the local accounts will be authenticated and not domain N
Offline Application + Agent accounts during application access.The offline agent will sync Y N Y N N
all the logs captured on the end-user device to PAM and free
Offline Vault the local storage on the device after a successful sync.
The service access session login/logout time is punched and N
recorded in the local database (Offline Vault). Once a user takes
Offline Connector offline access to the service, the screen recording takes place Y Y Y N N
and the recording is stored in the local database.

SSH Key Management


Logs and Reports

SSH Key Management


All the session logs, user logs, service logs , command logs etc.
which are usually captured and maintained for normal PAM
service access will also be maintained for offline access.
SSH Key Management feature enables SSH Linux services to be
managed by SSH Key. The single sign on and key rotation for SSH
Y Y
Inspira Internal Use Only
Y N Y
https://docs.sectona.com/cpd/reporting-
analytics

https://docs.sectona.com/cpd/onboarding-
accounts-in-vault
N

Linux services will be managed by SSH Key. https://docs.cyberark.com/Product- https://docs.delinea.com/secrets/current/discovery/discovery-platform-specifics/unix-


Y Y Y Y Y
Doc/OnlineHelp/PAS/Latest/en/Content/SSHKM/Managing%20SSH%20Keys.htm discovery/discovering-ssh-public-keys/index.md

Access Control Role Based Access Control Access is given to a particular user depending on the user role https://docs.cyberark.com/Product- https://docs.sectona.com/cpd/managing- Y
Y Doc/OnlineHelp/Idaptive/Latest/en/Content/CoreServices/GetStarted/Create- Y https://docs.delinea.com/secrets/current/roles/editing-role-permissions/index.md Y user-roles
Y Y Roles.htm?tocpath=Administrator%7CAuthorize%20Users%20with%20Role-
https://docs.cyberark.com/Product-
Mobile OTP The users will have to download and install Authenticator App https://docs.delinea.com/secrets/current/authentication/two-factor-authentication/apps-for- N
Y N Y Doc/OnlineHelp/Idaptive/Latest/en/Content/CoreServices/Authenticate/OATHOTPConfig.h Y Y
from Google Play Store to the mobile device to configure soft-token-2fa
tm
SMS OTP mobile
SMSOTP
OTPdual factor
is one authentication.
of the methods, wherein PAM users receives https://docs.delinea.com/secrets/current/authentication/two-factor-authentication/apps-for- Y
Y N Y Y Y
OTP on registered mobile number. soft-token-2fa
Email OTP Email OTP is one of the methofs, wherein PAM users https://docs.delinea.com/secrets/current/authentication/two-factor-authentication/apps-for- Y
Y N Y Y Y
receives OTP on registered email id. soft-token-2fa
Biometric Device Performed by using biometric data (fingerprint) of the user. https://docs.delinea.com/secrets/current/authentication/two-factor-authentication/apps-for- https://docs.sectona.com/cpd/configuring- N
Multi-Factor Authentication Y Nhttps://docs.cyberark.com/Product-Doc/OnlineHelp/Alero/Latest/en/Content/Users/Users.htm#:~:text=The%20CyberArk%20Mobileapp%20now%20prompts%20you%20for%20biometric,this%20authentication%20each%20time%20you%20open%20the%20app.
Y Y N
Integration with leading Biometric devices 3M Cogent, soft-token-2fa multi-factor-authentication
TOTP Login tokens are formed by mixing a secret key with the current https://docs.delinea.com/secrets/current/authentication/two-factor-authentication/apps-for- N
Y Y https://docs.cyberark.com/Product-Doc/OnlineHelp/Idaptive/Latest/en/Content/CoreServices/Authenticate/OATHOTPConfig.htm
Y Y N
time interval to generate the OTP. Examples are Google soft-token-2fa
Hardware Token Authenticator, Microsoft
A small hardware deviceAuthenticator,
that the owneretc.
carries to authorize Y https://docs.cyberark.com/Product-Doc/OnlineHelp/Idaptive/Latest/en/Content/CoreServices/Authenticate/U2FAuth.htm
Y Y https://docs.delinea.com/secrets/current/authentication/two-factor-authentication/apps-for- Y N
Radius https://docs.cyberark.com/Product- N
Doc/OnlineHelp/PrivCloud/Latest/en/Content/Privilege%20Cloud/privCloud-configure- https://docs.delinea.com/secrets/current/authentication/two-factor-authentication/radius-
Y Y
radius.htm#:~:text=To%20configure%20RADIUS%20authentication%20you%20will%20ne user-authentication
Y ed%20the,server%2C%20define%20Privilege%20Cloud%20as%20a%20RADIUS%20client%
App to App Password Change App to App Password Change Helps in managing the passwords for an application, https://docs.delinea.com/secrets/current/getting-started-tutorial/9-remote-password- https://docs.sectona.com/cpd/setting-up- Y
Y Y Y Y Y
through a single terminal throughout the organization. changing/index.md password-management
Command Logs Commands fired on the SSH/telnet clients as well as actions https://www.beyondtrust.com/docs/beyondinsight-password- https://docs.delinea.com/secrets/current/api-scripting/ssh-command-restrictions/ssh-blocked- N
performed on the MS SQL Enterprise Manager and Windows. Y Y Y Y Y
safe/bi/integrations/third-party/local-event-log.htm command-lists https://docs.sectona.com/cpd/view-session-
Database logs Actions performed by any application support engineer on https://www.beyondtrust.com/docs/beyondinsight-password- recordings Y
the databases including queries etc. is also logged Y N Y N Y
Audit Trails and Log Management safe/bi/integrations/third-party/local-event-log.htm
PIM sessions Captures comprehensive audit trails of any PIM initiated https://www.beyondtrust.com/docs/beyondinsight-password- N
Y N N
session of the target devices. Y N safe/bi/integrations/third-party/local-event-log.htm
Schedule and Custom Reports Reports are scheduled according to the time inputed. https://www.beyondtrust.com/docs/beyondinsight-password- https://docs.sectona.com/cpd/scheduling-a- N
Reports can be exported in customizable manner. Y Y Y Y https://docs.delinea.com/secrets/current/reports/creating-and-editing-reports/index.md Y
safe/bi/install/analytics-and-reporting.htm report
Robotic Process Automation Robotic Process Automation Process of automating mundane tasks with ease, efficiency and https://www.beyondtrust.com/docs/beyondinsight-password- N
accuracy. Y Y Y Y https://docs.delinea.com/secrets/current/api-scripting/configuring-winrm-powershell N
safe/ps/api/beyond-insight/smart-rules.htm
Multitab Multitab Enable users to access multiple PAM services in a single N
window. Y N Y
Y Y
Disaster Recovery Break Glass Beyond trust requires a cloud setup in order to retrieve Disaster Recovery | CyberArk Docs https://docs.sectona.com/cpd/configuring- Y
credentials during break glass whereas credentials can be Y Y Y Y https://docs.delinea.com/secrets/current/backup-and-disaster-recovery/disaster-recovery Y satellite-vault-for-break-glass
retrieved using APEM tool

High Availability In order to achieve high availability supports various forms of CyberArk High-Availability Vault Cluster | CyberArk Docs https://docs.delinea.com/secrets/current/backup-and-disaster-recovery/backing-up-to-network- https://docs.sectona.com/cpd/building-high- Y
deployment such as HA, HADR etc. Y Y Y Y Y availability-setup
share
Dynamic Graphs Dynamic graphs help in visualizing large volumes of data in a https://docs.sectona.com/cpd/scheduling-a- N
coherent way for all the reports in Spection. Y N N N Y report

Spection Video Logs Video logs are captured for session, processes, and command Recordings and Audits | CyberArk Docs https://docs.sectona.com/cpd/managing- Y
fired by the Users. Y N Y reviewing-session-logs
Y Y
Report Scheduler All the reports present in the Spection can be scheduled. https://docs.sectona.com/cpd/scheduling-a- N
N N Y report
Y Y
SIEM Integration Flexible to integrate with any Tool for SIEM Integration https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/13.0/en/Content/PASIMP/DV- https://docs.delinea.com/secrets/current/getting-started-tutorial/16-additional-resources-for- https://docs.sectona.com/cpd/integrating- Y
Y Y Y
Y Y Integrating-with-SIEM-Applications.htm secret-server/index.md ticketing-systems
SAML Integration Flexible to integrate with any Tool for SAML Integration https://docs.cyberark.com/Product- https://docs.sectona.com/cpd/saml- Y
Y Y https://docs.delinea.com/secrets/current/authentication/saml/index.md Y
Y Y Doc/OnlineHelp/PAS/13.0/en/Content/PAS%20INST/SAML-Authentication.htm authentication
Integrations
Third Party Ticketing Tool Flexible to integrate with any Third Party Ticketing Tool Y
https://docs.cyberark.com/Product- https://docs.delinea.com/secrets/current/getting-started-tutorial/16-additional-resources-for- https://docs.sectona.com/cpd/integrating-
Y Y Y
Doc/OnlineHelp/PAS/13.0/en/Content/PASIMP/Integration-with-Ticketing-Systems.htm secret-server/index.md ticketing-systems
Y Y
SAP Integration Flexible to integrate Y Y Y https://docs.delinea.com/secrets/current/secret-templates/sap-snc-template/index.md Y Y
Provides Kubernetes Support N
https://docs.cyberark.com/Product-Doc/OnlineHelp/AAM-
DAP/Latest/en/Content/Integrations/k8s-ocp/cjr-k8s-secrets-provider-
Kubernetes Support Y N N
ac.htm#:~:text=cyberark%2Dsecrets%2Dprovider%2Dfor%2Dk8s%20reads%20all%20Kube
rnetes,with%20the%20Conjur%20secret%20value
N
Modern Database Support Modern Database include MySQL, Amazon Redshift, Databases | CyberArk Docs https://docs.sectona.com/cpd/configuring- Y
Microsoft SQL Server, PostgreSQL,etc. Y Y Y Y https://docs.delinea.com/secrets/current/setup/installation/moving-sql-server/index.md Y credentials

Secret Server’s doublelock is a configurable feature that Y N


provides an additional
security layer by protecting highly sensitive secret data using
asymmetric encryption
(a public/private key pair) where the private key is a human- https://docs.delinea.com/secrets/current/doublelocks/creating-a-doublelock-and-a-doublelock-
DoubleLock N Y N
generated password. password/index.md
Net result is that an extra password for using a secret is held by a
set group of users.
In addition, both the password and the group of users are
reusable for other secrets.
The ability to create follow-on actions based on the change of Y N Account check-out and check-in | CyberArk Docs https://docs.delinea.com/secrets/current/secret-checkout/checkout-hooks/index.md N
“check out” status for
a particular secret, using PowerShell scripts. For example,
setting up a hook where https://docs.sectona.com/cpd/configuring-
Check in-Check out HOOKS Y Y Y

Inspira Internal Use Only


someone checks out a secret, the hook could temporarily password-checkout-policy
promote the account to
“Domain Admin” while in use, then demote it back to a normal
account after check-in
For more visibility on Windows Servers(eg view what program N N N
is running on target
Windows Server in the session), Customer can optionally install
free Advanced
Managing PAM bypass scenarios Y Y https://docs.delinea.com/ssm/current/using/login-logout/index.md N
Session Recording agent.
In addition, agent can record even local login session that does
not go through
PAM solution.
RDP, Putty, few Thick Client Apps like DB Studios and Web Y N PSM Connectors | CyberArk Docs N
Password Filler (WPF) are
inbuilt.
WPF enables to launch web apps in user's preferred browsers
like Chrome, Firefox,
Safari or Edge. https://docs.delinea.com/secrets/current/getting-started-tutorial/13-secret- https://docs.sectona.com/cpd/securing-
Launchers Y Y Y
Also supports launching of Web Apps which require 2FA and launchers/index.md monitoring-sessions
2FA can be provided to
the user by Secret Server.
The RDP and putty launchers called Protocal Handler are
autodownloaded the first
use. Protocol Handler is very small in size approx 20MB
Mobile Application can perform many functions
Y N N
1. Workflow - Notifications and Approvals
2. Secret Activity & Mgmt - Can create or edit secrets and view
https://docs.cyberark.com/Product-
Mobile Application all secret info Y Y https://docs.delinea.com/ssm/current/onboarding/onboard.md N
Doc/OnlineHelp/Alero/Latest/en/Content/Intro/Architecture.htm
3. Breakglass Scenario - Can enable specific individuals to be
able to checkout
passwords.
SS offers a proven distributed engines capability that allows NA Y Automatic Account Management | CyberArk Docs N
unlimited networks and
endpoints to be managed across different geographical regions.
Using secure
network communication, queueing and parallel processing,
Distributed Engine Y Y https://docs.delinea.com/secrets/current/networking/distributed-engines/index.md N
Secret Server can discover
network credentials, verify whether the password you have on
file is correct, and
automatically change passwords on thousands of accounts in
mere minutes.
Privilege Elevation and Delegation Y Y https://docs.sectona.com/epm/ N
Remove local admin rights and enforce role-specific least
End Point Privilege Management for Foundational Endpoint Security privilege, Protect from the most impactful threats including https://docs.cyberark.com/Product-
Step-up authentication Y Y https://docs.delinea.com/secrets/current/api-scripting/webservice-iwa-powershell/index.md Y
Windows ransomware and credential theft, Challenge privileged users to Doc/OnlineHelp/EPM/Latest/en/Content/Intro/Introduction.htm
MFA for high-risk actions

Easily onboard and off-board vendors to access what they need, Y Y Y


when they need it; includes support for vendors to self-manage https://docs.cyberark.com/Product- https://docs.sectona.com/cpd/enabling-just-
Just-in-Time Provisioning Y Y https://docs.delinea.com/ssm/current/onboarding/index.md Y
invitations. Doc/OnlineHelp/PAS/13.0/en/Content/PASIMP/AdHoc-End-user.htm in-time-access

Session Isolation Separate endpoints from critical target systems to prevent NA Y https://docs.cyberark.com/Product- https://docs.sectona.com/cpd/installing- N
lateral movement Y Doc/OnlineHelp/PAS/13.0/en/Content/PASIMP/Privileged-Session%20Manager- N Y sectona-jump-host-component
Introduction.htm
Custom Universal Connectors separate development machine to CyberArk strongly recommends using a separate development Y https://docs.cyberark.com/Product- N
develop your AutoIt scripts. machine to develop your AutoIt scripts. Doc/OnlineHelp/PAS/Latest/en/Content/PASIMP/psm_Develop_universal_connector.htm?
Download and install AutoIt3 on the development machine to Y Highlight=autoit N N
develop PSM universal connector components.
Dedicated Command Line Interface Command-line interface for Command Line Interface (PACLI) to perform quick Vault-level N https://docs.cyberark.com/Product- N
performing task. functions. Y N N
Doc/OnlineHelp/PAS/12.2/en/Content/PACLI/Introduction.htm
OT/IOT Capabilities N Y Y https://www.cyberark.com/resources/blog/security-for-the-modern-ot-environment Y https://delinea.com/events/podcasts/ot-security-scientific-sensors N N
Remote Access Capabilities Y Y Vendor Access - Third-Party Privileged Access Management | CyberArk Y https://delinea.com/solutions/secure-remote-access N N
Geography Mostly functioning in USA & UK region. Y Y Delinea Reviews, Ratings & Features 2023 | Gartner Peer Insights US Region

Y North and South America, EU, MEA and Asia Pacific, Africa Asia Pacific,MEA,Africa

Strategies by OEM Y IT Security Resources for Privileged Access Management (delinea.com) Y https://saviynt.com/white-papers/securing-the-energy-sector-in-australia/
Y https://www.cyberark.com/resources/blog/2023-cybersecurity-trends-we-re-tracking
Y Banking Identity Security and Access Management Solutions | CyberArk Education, Healthcare, Government, Financial Services, Energy and utilities https://delinea.com/solutions/secure-remote-access Financial Services, https://saviynt.com/white-papers/securing-the-energy-sector-in-australia/
Insurance Identity Security and Access Management Solutions | CyberArk Healthcare,
Sectors/Industries Y
https://www.cyberark.com/solutions/healthcare/ Y
https://www.cyberark.com/solutions/federal/

You might also like