<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">

We're blowing the whistle on Legacy PAM 🏀 Join us for an Access Madness Webinar on March 28

Search
Close icon
Search bar icon

BeyondTrust vs. Delinea (Thycotic): Which Solution Is Better?

Summary: This article compares two Privileged Access Management (PAM) solutions, BeyondTrust vs. Delinea (formerly Thycotic). It takes a closer look at how these PAM products work and how they fit in with your organization’s access management strategy. We’ll examine product summaries, use cases, and pros and cons. By the time you’re done reading this article, you’ll have a clear understanding of the similarities and differences between these PAM tools and be able to choose the tool that best fits your organization.

Cybercrime is big business. From stolen credit card numbers to intellectual property, cybercriminals have formed their own organizations and even offer cybercrime as a service, resulting in financial and reputational damage to companies. Privileged Access Management (PAM) is one way to protect infrastructure from brute force and SQL injection attacks, as well as mishandled information.

However, not all PAM solutions are created equal. Choosing the right PAM solution means examining BeyondTrust vs. Thycotic carefully to figure out which one will work best for your organization. Here’s how BeyondTrust PAM and Thycotic PAM stack up.

What Is BeyondTrust?

Formerly known as Bomgar, BeyondTrust is a suite of privileged identity management, remote access, vulnerability management, and access management products. BeyondTrust PAM works with Linux, Mac, Unix, and Windows environments.

BeyondTrust product summary

The BeyondTrust suite of products includes Endpoint Privilege Management, Privileged Password Management, Secure Remote Access, and Cloud Security Management.

Each of these products does something different: EndPoint Privilege Management allows organizations to set the least amount of privileges across endpoints, while Privileged Password Management provides a password safe and DevOps secrets safe, as well as the ability to find, manage and audit privileged accounts.

Remote Access lets organizations manage service desks, vendors, and operators and provide privileged access in one location. Cloud Security Management is for multicloud environments and lets organizations automate identities and assets.

BeyondTrust use cases

BeyondTrust has a variety of uses, including:

  • Setting least privileged access across Mac, Windows, Linux, and Unix environments
  • Monitoring and controlling remote access to systems
  • Auditing and securing account credentials for privileged users
  • Utilizing PAM for both cloud and network environments

BeyondTrust pros & cons

Some customers like BeyondTrust because they say:

  • Deployment and maintenance is simple
  • SSH access and RDP are supported
  • Permissions can be managed with AD, LDAP, RADIUS, and Kerberos
  • Less processing power is needed to protect endpoints because of its lightweight architecture

However, others caution that BeyondTrust has its issues, including:

  • Requirement to purchase add-ons
  • Single sign-in is poorly integrated
  • Licensing costs are high
  • User interface is clunky
  • Elevating admin privileges for the first time can be difficult

What Is Delinea?

Delinea (also known as ThycoticCentrify after its merger), which bills itself as “seamless privileged access.” The Delinea PAM product manages administrative rights and enforces least privileged access, which helps companies avert ransomware and minimize security threats.

Delinea (fka Thycotic) product summary

The Delinea PAM tool uses a centralized authentication process to manage privileged access to applications, servers, databases, and other infrastructure resources. It uses password rotation and an encrypted secret vault for storing keys and credentials.

Delinea use cases

Organizations often choose Thycotic PAM to:

  • Monitor sessions on servers
  • Rotate passwords
  • Keep secrets and credentials safe, including user names and passwords
  • Retain user activity logs
  • Administer privileged access to servers, applications, databases, and networks

Delinea pros & cons

Organizations often choose Delinea PAM because of its behavioral analytics and comprehensive audits. They also appreciate how it:

  • Manages secrets in a straightforward manner
  • Includes effective features to manage sessions
  • Offers clear documentation
  • Leverages a user-friendly interface

But organizations find that Delinea may not be up to the task in modern computing environments as it:

  • Inadequately supports modern databases
  • Must be installed on the organization’s server
  • Does not support Kubernetes
  • Only offers limited integration with third-party tools

What Is StrongDM and Why Is It Better Than BeyondTrust and Delinea?

Often, traditional PAM tools fall short in today’s modern environment. With remote work and distributed workforces now the norm, users from more than just the Dev or Ops teams need access to critical infrastructure from a variety of locations. In the BeyondTrust vs. Thycotic comparison, it is worth looking at a third solution: StrongDM.

StrongDM goes beyond traditional PAM and offers a control plane to monitor and manage access to databases, servers, applications, and even Kubernetes clusters. The Zero Trust model used by StrongDM pulls together user management in your existing SSO, whether that’s Google, Duo, Okta, or OneLogin. It hides credentials so that end users cannot access them.

Organizations no longer need to distribute access across VPNs or use individual database credentials and SSH keys, reducing the complexity of access management and speeding up the time to onboard new users.

Additionally, StrongDM is easy to implement, simplifies workflows, and improves productivity. It offers comprehensive logging of user activity so that every query is monitored, making audit time much easier. And its straightforward pricing model, custom tool integrations, and exemplary customer support make StrongDM ideal for organizations from small businesses to large enterprises.

So Which One Is Better for You? 

Here is a quick review of the features for you to decide.

  BeyondTrust Thycotic StrongDM
Best for Enterprises Small to medium-sized businesses Enterprises and start-ups looking to scale
Setup Complex Simple implementation Simple, fast implementation
Navigation Clumsy UI Simple, user-friendly interface Intuitive, user-friendly design
Modern database support Supports most datasources Limited Broad support for legacy, modern, and cloud-based data sources
Kubernetes support Yes No Yes
Installation Does not require installation on your server Must be installed on your server No installation required on your server
Documentation Comprehensive documentation Good documentation Excellent documentation
Customer support Offers chat, email, knowledge base options Offers year-round support on premium packages only Offers 24/7/365 support to all users
Pricing BeyondTrust pricing is available upon request. Thycotic offers a 30-day free trial.

Requires a custom pricing plan from the sales team.
StrongDM gives a 14-day free trial.

It has a single, straightforward pricing plan — $70 per user per month.

Are you looking for a streamlined way to manage privileged access? Book your demo of StrongDM today.

About the Author

, Customer Engineering Expert, has worked in the information security industry for 20 years on tasks ranging from firewall administration to network security monitoring. His obsession with getting people access to answers led him to publish Practical Vulnerability Management with No Starch Press in 2020. He holds a B.A. in Philosophy from Clark University, an M.A. in Philosophy from the University of Connecticut, and an M.S. in Information Management from the University of Washington. To contact Andy, visit him on LinkedIn.

StrongDM logo
💙 this post?
Then get all that StrongDM goodness, right in your inbox.

You May Also Like

StrongDM vs. CyberArk: Side-by-Side Comparison
StrongDM vs. CyberArk: Side-by-Side Comparison
Both StrongDM and CyberArk are privileged access management solutions to provide secure access to backend infrastructure. While there are many similarities between the two solutions, there are also some key differences.
StrongDM vs. Teleport: Which One Is Better
StrongDM vs. Teleport: Side-by-Side Comparison
Both StrongDM and Teleport are access control solutions designed to provide secure access to databases, servers, clusters, and web apps. While there are some similarities between the two solutions, there are also some key differences.
AWS Secrets Manager Alternatives & Competitors
Alternatives to AWS Secrets Manager
AWS Secrets Manager is a popular and highly intuitive secrets management tool that lets organizations automate secrets rotation processes and securely store, manage, and audit IT credentials. However, certain AWS Secrets Manager alternatives are available if you are looking to avoid getting tied down exclusively to AWS products or prioritize efficient user onboarding. In this product comparison guide, we evaluate AWS Secrets Manager competitors that can fill in some of its product gaps.
Azure Key Vault Alternatives & Competitors
Alternatives to Azure Key Vault
Microsoft Azure Key Vault is a cryptographic and secrets management solution for storing encryption keys, certificates, and passwords. While known for its interface simplicity and robust security, users should look to Azure Key Vault alternatives if they prioritize employee onboarding automation or need quick and easy implementation. This article evaluates Azure Key Vault competitors regarding security features, pricing, and usability to identify the best alternative options.
Google Cloud Secret Manager Alternatives & Competitors
Alternatives to Google Cloud Secret Manager
Google Cloud Secret Manager is an intuitive platform for managing API keys, user passwords, digital certificates, and other sensitive data and administering access control policies for business resources. While cost-friendly and reliable for securing Google Cloud applications, you should look to other Google Cloud Secret Manager competitors if you manage complex infrastructure and need multiple integrations.