Anomali Reviews

Our primary use case for this solution is as a threat intelligence platform. We stream various threat feeds into this platform. We also make correlations between the feeds to duplicate the data, aggregate it and then present it to our security solutions for advanced security.

The way that this solution has helped our organization is by utilizing the domain squatting and domain type monitoring feature.

The feature I have found most valuable is credential monitoring. This feature is easy and quick. The data set is limited when compared to other solutions but it's still the greatest value.

I think that this solution should improve its integrations. This part of the solution could be bigger and moved into the no-code direction. Less code in integration would be nice when building blocks.

I have been using this solution for about four months.

I have yet to encounter any issues with the stability of this solution.

Regarding the technical support, we have contacted them for the automation part that we are running through compatibility problems and they were slow to solve our problems.

Currently, we are not using any other solution for this use case, but previously we used MISP, which is an open-source project that requires a lot of effort to make work. That way, it required a lot of attention from our system administrator, and we had to sanitize the data very frequently because the peers we had. Sometimes they flooded our systems with chunk data and that needs to be handled and we decided to go with a paid solution instead.

I would describe the initial setup process of this solution as similar to the regular features of boarding. At first, the second part of onboarding was to integrate the systems that need to be treated by an anomaly and that require a bit of technical knowledge and architectural knowledge and that lasts long and is an ongoing process. There are 10 people involved in the deployment of this solution. The vendor is tasked with the maintenance of this solution.

When it comes to other people trying to use this solution, I'd say, first of all, if they are planning to go with Anomali, the very first step they need to go through is to standardize the threat inter-ingestion processes they have. Without that, they can't use anomaly. This is because it builds on the processes you have. If you don't have these processes, you can't use that solution at all.

Overall, I would rate this solution a seven, on a scale from one to 10, with one being the worst and 10 being the best.

Anomali Enterprise is a continuous threat detection solution.

I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use.

A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution.

I have been using Anomali Enterprise for approximately two years.

There have not been any stability issues with Anomali Enterprise.

Anomali Enterprise is scalable.

We have approximately 15 people using the solution in my company.

I have used many security solutions previously, such as ThreatConnect, Command, and Recorded Future. What I find is they all have different features, even though they work in a similar domain.

I did not find the installation difficult.

The implementation of the solution was done by our engineers.

When comparing the price of Anomali Enterprise to other solutions it is in the medium to high range. However, I am satisfied with the price.

Overall the solution is straightforward to use.

I rate Anomali Enterprise a seven out of ten.