StrongDM Review
What do you like best about the product?
Centralized Access Management
StrongDM provides a unified gateway for managing access to infrastructure, simplifying the handling of permissions across multiple systems.
Auditability & Session Logging
Every session (SSH, RDP, Kubernetes, database, etc.) is logged and auditable, which helps with compliance (SOC 2, HIPAA, etc.) and troubleshooting.
Granular Role-Based Access Control (RBAC)
Fine-grained RBAC makes it easier to enforce least-privilege policies and control access based on user roles, time-based rules, or resource sensitivity.
No Credential Sharing
End users don’t need to know or store passwords, keys, or connection strings. StrongDM handles credentials securely, reducing the risk of leaks.
Seamless Integration with Existing Identity Providers
It integrates well with Okta, Azure AD, Google Workspace, and other IdPs, making onboarding and offboarding automated and secure.
StrongDM provides a unified gateway for managing access to infrastructure, simplifying the handling of permissions across multiple systems.
Auditability & Session Logging
Every session (SSH, RDP, Kubernetes, database, etc.) is logged and auditable, which helps with compliance (SOC 2, HIPAA, etc.) and troubleshooting.
Granular Role-Based Access Control (RBAC)
Fine-grained RBAC makes it easier to enforce least-privilege policies and control access based on user roles, time-based rules, or resource sensitivity.
No Credential Sharing
End users don’t need to know or store passwords, keys, or connection strings. StrongDM handles credentials securely, reducing the risk of leaks.
Seamless Integration with Existing Identity Providers
It integrates well with Okta, Azure AD, Google Workspace, and other IdPs, making onboarding and offboarding automated and secure.
What do you dislike about the product?
Vendor Lock-in Risk
Once integrated deeply into your access workflows, migrating away from StrongDM can be complex and costly due to proprietary tooling and workflows.
Limited Community and Open Source Tools
Compared to alternatives like HashiCorp Boundary or Teleport, StrongDM lacks a strong open-source ecosystem and community involvement.
Performance Overhead
Because StrongDM acts as a proxy/gateway for all traffic, some users report slight latency or bottlenecks under high loads or specific network configurations.
Once integrated deeply into your access workflows, migrating away from StrongDM can be complex and costly due to proprietary tooling and workflows.
Limited Community and Open Source Tools
Compared to alternatives like HashiCorp Boundary or Teleport, StrongDM lacks a strong open-source ecosystem and community involvement.
Performance Overhead
Because StrongDM acts as a proxy/gateway for all traffic, some users report slight latency or bottlenecks under high loads or specific network configurations.
What problems is the product solving and how is that benefiting you?
StrongDM helps us solve key challenges around secure infrastructure access, specifically:
Auditing: Every session and command is logged across SSH, RDP, Kubernetes, and databases, giving us detailed audit trails for compliance (e.g. SOC 2, HIPAA) and security reviews.
Just-In-Time Access: We can grant time-bound, least-privilege access to sensitive systems, reducing standing permissions and limiting insider risk.
Access Monitoring: Real-time visibility into who accessed what, when, and how — this improves operational oversight and incident response.
These features significantly reduce our operational burden and improve our security posture without slowing down engineering workflows.
Auditing: Every session and command is logged across SSH, RDP, Kubernetes, and databases, giving us detailed audit trails for compliance (e.g. SOC 2, HIPAA) and security reviews.
Just-In-Time Access: We can grant time-bound, least-privilege access to sensitive systems, reducing standing permissions and limiting insider risk.
Access Monitoring: Real-time visibility into who accessed what, when, and how — this improves operational oversight and incident response.
These features significantly reduce our operational burden and improve our security posture without slowing down engineering workflows.
There are no comments to display