As we announced our merger in March and began our integration, Thycotic and Centrify were in the process of being evaluated separately by KuppingerCole for its 2021 Leadership Compass for Privileged Access Management (PAM). Not surprisingly, both Thycotic and Centrify were named Overall Leaders again, as well as earning leadership positions in the major categories of Product Leadership, Innovation Leadership, and Market Leadership. Both companies are also recognized as leaders in all correlated view matrices including Market Champions, Technology Leaders, and “Big Ones” which encompasses an Innovation/Market Matrix.
The need for PAM solutions keeps growing as hackers increasingly target privileged accounts
The report noted, “most successful cyber-attacks involve the misuse of privileged accounts. And misuse is enabled by poor management of privileged access using old or inadequate PAM software, policies, or processes…The message is clear: hackers are actively targeting privileged accounts as the best way to get inside an organization.”
At the same time, the number and nature of PAM vendor offerings has increased to match the spending in this marketplace. The report notes there are PAM vendors now competing for annual revenues that will total $2.2 billion in 2021 and will more than double to $5.4 billion by 2025.
Flexible, usable PAM critical in managing dynamic IT environments
Analyst Paul Fisher, author of the Leadership Compass report, highlighted the evolution of PAM to a more dynamic operating model with SaaS and flexible purchasing options. He emphasized that, “Ease of Use is no longer a ‘nice to have’ but increasingly seen as essential to cope with the growing demands on PAM. We are seeing more use of consumer like Wizard tools to ease set up and deployment.”
The report noted several Thycotic strengths in the PAM market including its breadth of solutions with enhanced capabilities, strong endpoint management capabilities, and a user interface that leverages current UX trends for ease of use. Centrify’s listed strengths include deep Active Directory (AD) integration for complex configurations, strong multi-factor authentication (MFA) and identity federation support, and a mature PAM-as-a-Service offering.
One interesting graphic in the report focuses on the breadth of specific PAM solution capabilities in the form of a “spider graph” evaluating every vendor across eight key categories. The spider graph shown helps to illustrate how robust Thycotic solutions manage these categories ranging from endpoint privilege management to just-in-time access, analytics, and reporting.
The report also recognizes several of the more recent advances in Thycotic PAM solutions, including a new Session Connector that provides support for jump hosts and moves session recording away from client endpoint or the target server. There’s now integration between Secret Server and DevOps Secrets Vault that allows usage of the CI/CD pipeline integrations present in DevOps Secrets Vault while using credential management and password rotation in Secret Server. In addition, DevOps Secrets Vault can now be integrated with SIEM platforms.
Privilege Manager, Thycotic’s solution for endpoint privilege management that helps enforce least privilege, has several UI improvements for policy management and the introduction of a new Wizard tool. Report author Fisher noted that, “we would like to see more vendors introduce such ease-of-use enhancements.”
Centrify strengths highlighted
Focusing on Centrify, which was evaluated separately from Thycotic for the 2021 Leadership Compass, KuppingerCole noted several strengths of its suite of PAM solutions which includes credential and secrets vaulting, privileged access, authentication, privilege elevation, auditing, and analytics.
- Deep AD integration supporting complex multi-domain/forest configurations
- Strong MFA and identity federation support with risk adaptive capabilities
- Strong CPEDM support
- Mature PAM as a Service offering in addition to a managed, on-premises delivery
- Strong privileged analytics with advanced machine learning techniques
- DevOps are provided for, good suitability for hybrid and containerized IT environments
- Centrify Privilege Threat Analytics Service uses machine learning to identify anomalous behavior in real time
Why ThycoticCentrify needs to be on your PAM vendor shortlist
While the KuppingerCole Leadership Compass does not make recommendations among vendors, the 2021 report’s “strong positive” ratings for both Thycotic and Centrify bode well for organizations looking for a proven enterprise PAM security vendor. Trusted by a combined 14,000 organizations around the globe including over half of the Fortune 100, ThycoticCentrify customers include the world’s largest financial institutions, intelligence agencies, and critical infrastructure companies.
This is written by the individual author in his/her personal capacity, and the opinions, views and/or thoughts expressed herein are solely the author’s own. They are not intended to and may not necessarily reflect the official policy or position, or the opinions or views of ThycoticCentrify or its affiliates, employees, or any other group or individual.