We performed a comparison between Mandiant Advantage and ThreatConnect Threat Intelligence Platform (TIP) based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"The summarization of emails is a valuable feature."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"It is so valuable to have someone performing these functions outside of our business hours when we don't have staff in the building. We've seen a lot of solid metrics on the amount of malware that it's detecting and resolving. We're pleased with it so far."
"The advantage of the solution is being able to go look up threat actors and get a lot of detailed information about different attacks and different tactics and general information about threats."
"The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to ensure a complex and massive attack against our customer's infrastructure on the forum. That is, they were animating people on a formum. The solution alerted us to this two days ahead of the attack, which gave us plenty of time to prepare for it."
"The product automatically generated a threat score based on the maliciousness of an IP."
"The most valuable features are ease of use and the ability to customize it."
"ThreatConnect has a highly user-friendly interface."
"It's a solid platform and is stable enough. It is not complicated and is easy to use."
More ThreatConnect Threat Intelligence Platform (TIP) Pros →
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"Sometimes, configurations take much longer than expected."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful."
"I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform."
"Mandiant's on-prem client is too processor-intensive, so it's putting a strain on the local device's CPU. When a scan is running on the device, the other processing tasks slow to a crawl. We're still trying to figure out the correct settings for the client."
"Integration is an area that could use some improvement."
"It would be good to have more feeds and more integrated sources for enrichment."
"I couldn’t get any training videos online when I was working with the tool."
"They should make it a little bit easier to generate events and share them with the community"
More ThreatConnect Threat Intelligence Platform (TIP) Cons →
More ThreatConnect Threat Intelligence Platform (TIP) Pricing and Cost Advice →
Mandiant Advantage is ranked 21st in Extended Detection and Response (XDR) with 3 reviews while ThreatConnect Threat Intelligence Platform (TIP) is ranked 4th in Threat Intelligence Platforms with 4 reviews. Mandiant Advantage is rated 8.6, while ThreatConnect Threat Intelligence Platform (TIP) is rated 8.0. The top reviewer of Mandiant Advantage writes "It gives us peace of mind that issues can be addressed when our core IT team isn't working". On the other hand, the top reviewer of ThreatConnect Threat Intelligence Platform (TIP) writes "The tool could be integrated into any environment, but it was expensive, and the deployment process was complex". Mandiant Advantage is most compared with CrowdStrike Falcon, Cortex Xpanse, Cymulate, Microsoft Defender External Attack Surface Management and Recorded Future, whereas ThreatConnect Threat Intelligence Platform (TIP) is most compared with Anomali ThreatStream, Recorded Future, ThreatQ, Palo Alto Networks Cortex XSOAR and EclecticIQ.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.