• Home
  • Anomali Match vs. Fortinet FortiSandbox

Anomali Match vs Fortinet FortiSandbox comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Defender XDR
Read 79 Microsoft Defender XDR reviews
6,000 views|4,488 comparisons
97% willing to recommend
Anomali Logo
Anomali Match
Read 1 Anomali Match review
170 views|72 comparisons
50% willing to recommend
Fortinet Logo
Fortinet FortiSandbox
Read 36 Fortinet FortiSandbox reviews
3,107 views|1,892 comparisons
96% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Extended Detection and Response (XDR)
April 2024
Executive Summary

We performed a comparison between Anomali Match and Fortinet FortiSandbox based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR).
To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: April 2024).
Download the complete report
769,976 professionals have used our research since 2012.
Featured Review
Benjamin Van Der Westhuyzen
Provides us with better insight into what's going on across our platform
It provides us with better insight into what's going on across our platform. It has also given us a very easy way to respond when threats or alerts... Read more →
Anonymous User
Scalable, easy to use, but more features needed
Reviewer7009881
An easy-to-install tool that helps its users detect and prevent unknown threats
The main benefit of Fortinet FortiSandbox is that it allows organizations to detect and prevent unknown threats from entering an infrastructure.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Microsoft 365 Defender is a stable solution.""The incident threat response and its ability to facilitate effective remediation against threats are the standout features.""Its most significant advantage lies in its affordability.""I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there.""Email protection is the most valuable feature of Microsoft Defender XDR.""The common and advanced security policies for threat hunting and blocking attacks are valuable.""We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing.""It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."

More Microsoft Defender XDR Pros →

"I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use."

More Anomali Match Pros →

"The dynamic behavior analysis is excellent. We have many attacks caught by the FortiSandbox as zero-day attacks. Additionally, the administration is simple and can be customized to fit your companies needs.""The solution extracts an attached file before reaching the user and notifies the user if there's something malicious in the attachment received along with an email.""Overall, it works fine. Its interface is also fine.""Fortinet FortiSandbox is scalable.""It is a stable solution.""The real-time analysis capability of FortiSandbox is beneficial for email analysis.""The initial setup is straightforward.""Compared to other solutions, it's easy to configure and implement because of the templates. The timing of scanning files is faster."

More Fortinet FortiSandbox Pros →

Cons
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform.""At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times.""When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc.""The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there.""The patching capability should be there. Patching is something that you cannot do even though you see the vulnerabilities present in your environment. For patching, you have to depend on another solution.""Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed.""This solution could be improved if it included features such as those offered by Malwarebytes.""In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."

More Microsoft Defender XDR Cons →

"A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution."

More Anomali Match Cons →

"When you reach the maximum capacity, you cannot upgrade the solution because its hardware is very expensive.""In the next release, I would like to see machine learning and anti-exploitation included.""Not practical for real-time web traffic analysis because users won't wait for the FortiSandbox to complete its analysis before accessing content""The delivery feature in my country is extremely bad.""It should be easier to import custom virtual machines. Some of the VMs that are in FortiSandbox don't have the applications that we have in our environment. We need to import a VM with specific applications that we use in our environment. Have all the licenses because this is a real environment. You need a license for the Windows client you run on it. It's possible to import custom VMs, but it's a pain to do it. I would like a tool that simplifies the process.""In future releases, I would like to see more automation capabilities.""If we can have more dashboards, it would be good.""If you were to compare prices between vendors and manufacturers, you would see that the lowest equipment in the Sandbox line is quite expensive for a new customer."

More Fortinet FortiSandbox Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "When comparing the price of Anomali Enterprise to other solutions it is in the medium to high range. However, I am satisfied with the price."

    • More Anomali Match Pricing and Cost Advice →

  • "There are no costs in addition to the standard licensing fees."
  • "There are additional costs, which isn't included in the licensing fee."
  • "The solution is not expensive at all."
  • "Altogether, it is about €10,000 for the Sandbox and Email Gateway."
  • "We are on an annual license to use the solution. We have an additional feature that is integrated with S5, which is working well."
  • "There is a license to use this solution."
  • "Fortinet is more reasonable than Palo Alto."
  • "The price is competitive."

    • More Fortinet FortiSandbox Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    See Recommendations
    769,976 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:The integration, visibility, vulnerability management, and device identification are valuable.
    Read all 39 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:There is the cost of the license, and there is the cost of implementation services. Only by enabling a license for your… more »
    Read all 30 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:The web filtering solution needs to be improved because currently, it is very simple. It is very important. Integrations… more »
    Read all 38 answers   →
    Ask a question

    Earn 20 points

    What do you like most about Fortinet FortiSandbox?
    Top Answer:The real-time analysis capability of FortiSandbox is beneficial for email analysis.
    Read all 29 answers   →
    What is your experience regarding pricing and costs for Fortinet FortiSan...
    Top Answer:Fortinet FortiSandbox is a nominally priced product, so I would not say that it is a very cheap tool. It is one of the… more »
    Read all 22 answers   →
    What needs improvement with Fortinet FortiSandbox?
    Top Answer:For the MSSPs, it would be great if the product could display all the threat chains on a dashboard since it is an area… more »
    Read all 27 answers   →
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    FortiSandbox
    Learn More
    Microsoft
    Anomali
    Fortinet
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Anomali Match is an intelligence-driven extended detection and response solution that helps organizations quickly identify and respond to threats in real time. Anomali Match boosts organizational efficiency and productivity by automating detection actions that quickly profile a danger and its impact on the organization, allowing for an effective response.

    Anomali Match gathers security telemetry from your entire organization, including SIEM, EDR, Messaging, and Network, and integrates layered threat detection to identify pertinent threats and give analysts the actionable intelligence they need to look into the root causes or to clearly confirm an attack so that they can respond immediately.

    Anomali Match assists organizations in achieving cyber resilience by providing essential characteristics, such as:

    • Relevant intelligence at scale
    • Precision attack detection
    • Optimized response across security ecosystems

    Anomali Match Features

    Anomali Match has many valuable key features. Some of the most useful ones include:

    • Match is offered as a cloud-native or on-premises solution.

      • High performance indicator correlation at a rate of 190 trillion EPS is one of the additional cloud match capabilities.

      • Appliance and cloud-based ingestion of any telemetry related to security control.
    • Automated collection of current and historical event logs, asset data, and active threat data
    • Comprehensive visibility into historic security telemetry logs, millions of IOCs, and asset and vulnerability scan data
    • Continuous, real-time comparison of millions of indicators of compromise (IOCs) with all relevant security telemetry and log data
    • Automated retrospective inquiry and correlation of historical event logs with newly identified threat intelligence
    • Predictive protection against malicious C2 domains created by attacker domain generation algorithms
    • TTP-based hunting by actor, threat bulletin, or vulnerability employing advanced search analytics

    • Contextual threat intelligence in the form of actors, TTPs, campaigns, threat bulletins, and vulnerabilities, including MITRE ATT&CK details on the TTPs for a specific actor
    • Predictive DGA analysis to find bots connecting to C&C servers in your network

    Anomali Match Benefits

    There are many benefits to implementing Anomali Match. Some of the biggest advantages the solution offers include:

    • Quickly identify the impact in order to assess the criticality and prioritize the response.
    • Shorten the time it takes for active threats to be detected and for a response to be made.
    • Use automation, machine learning, and accessible intelligence to automatically detect and respond to potential threats.
    • Gain access to more than 5 years of security telemetry, millions of IOCs, and asset and vulnerability scan data.
    • Respond to difficult questions promptly and confidently to increase C-Level visibility.
    • Lower incident costs related to security, allowing for more effective security operations.

    Reviews from Real Users

    Anomali Match stands out among its competitors for a number of reasons. Two major ones are its concise CTI and its scalability.

    One PeerSpot reviewer, an IT Cyber Security Senior Analyst, notes of the solution, “I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use.” He adds, “Anomali Enterprise is scalable. We have approximately 15 people using the solution in my company.”

    Fortinet FortiSandbox is a behavior-based threat detection solution that prevents and detects malicious code in files transferred within the organization. It is integrated with FortiGate firewalls and FortiMail for threat protection and can be used for monitoring and reporting. The solution inspects files in a virtual environment with different types of virtual machines and can block or quarantine files based on their score. 

    The most valuable features include dynamic behavior analysis, manual scan features, easy management and configuration, fast scanning, scalability, customization, and ICAP protocol. The solution is cost-effective and faster than other sandbox solutions, with a good user interface.

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    Bank of England, First Energy, UBISOFT, Bank of Hope, Blackhawk Network
    Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
    Top Industries
    REVIEWERS
    Manufacturing Company19%
    Computer Software Company14%
    Government11%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company15%
    Government8%
    Manufacturing Company7%
    REVIEWERS
    Computer Software Company21%
    Comms Service Provider17%
    Energy/Utilities Company13%
    Real Estate/Law Firm8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Government11%
    Financial Services Firm10%
    Comms Service Provider7%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise23%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise15%
    Large Enterprise63%
    REVIEWERS
    Small Business38%
    Midsize Enterprise38%
    Large Enterprise24%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise19%
    Large Enterprise57%
    Buyer's Guide
    Extended Detection and Response (XDR)
    April 2024
    Download Free Report
    Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR). Updated: April 2024.
    DOWNLOAD NOW
    769,976 professionals have used our research since 2012.

    Anomali Match is ranked 36th in Extended Detection and Response (XDR) while Fortinet FortiSandbox is ranked 4th in Advanced Threat Protection (ATP) with 36 reviews. Anomali Match is rated 7.0, while Fortinet FortiSandbox is rated 8.2. The top reviewer of Anomali Match writes "Scalable, easy to use, but more features needed". On the other hand, the top reviewer of Fortinet FortiSandbox writes "Light and powerful solution design; useful to have". Anomali Match is most compared with ThreatConnect Threat Intelligence Platform (TIP) and EclecticIQ, whereas Fortinet FortiSandbox is most compared with Palo Alto Networks WildFire, Trellix Network Detection and Response, Check Point SandBlast Network, Microsoft Defender for Office 365 and Fortinet FortiEDR.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.