We performed a comparison between Anomali Match and RiskIQ Illuminate based on real PeerSpot user reviews.
Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR)."Microsoft Defender XDR is scalable."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use."
"The solution is stable with 12 years of established historical data."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution."
"A low-cost service to evaluate the risk score of a supply chain would be very helpful."
Earn 20 points
Earn 20 points
Anomali Match is ranked 36th in Extended Detection and Response (XDR) while RiskIQ Illuminate is ranked 13th in Attack Surface Management (ASM). Anomali Match is rated 7.0, while RiskIQ Illuminate is rated 0.0. The top reviewer of Anomali Match writes "Scalable, easy to use, but more features needed". On the other hand, the top reviewer of RiskIQ Illuminate writes "Able to discover unpatched servers, offers good stability, and scales very well". Anomali Match is most compared with ThreatConnect Threat Intelligence Platform (TIP), EclecticIQ, Microsoft Defender for Office 365 and STAXX, whereas RiskIQ Illuminate is most compared with Microsoft Defender External Attack Surface Management, Palo Alto Networks WildFire, ZeroFOX and Recorded Future.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.