We performed a comparison between Anomali Match and ThreatConnect Threat Intelligence Platform (TIP) based on real PeerSpot user reviews.Find out what your peers are saying about Palo Alto Networks, Microsoft, Trellix and others in Extended Detection and Response (XDR).
"The most valuable features of the solution are the insights, meaning the remediation suggestions, as well as the incident alerts."
"Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription."
"Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful."
"When you have commissioned Defender, you have these things visible already on your dashboard. This gives the efficiency to the people to do their actual work rather than bothering about the email, sorting out the email, or looking at it through an ITSM solution, whey they have to look at the description and use cases. Efficiency increases with this optimized, ready-made solution since you don't need to invest in something externally. You can start using the dashboard and auditing capability provided from day one. Thus, you have fewer costs with a more optimized, easier-to-use solution, providing operational efficiency for your team."
"It works seamlessly on the Azure platform because it's a Microsoft app. Its setup is similar, so if you already have a Microsoft account, it just flows into it."
"We saw improvement from a regulatory compliance perspective due to having a single dashboard."
"When we started out, our secure score was pretty low. We adopted some of the recommendations that Security Center set out and we were able to make good progress on improving it. It had been in the low thirties and is now in the upper eighties."
"One of the features that I like about the solution is it is both a hybrid cloud and also multi-cloud. We never know what company we're going to buy, and therefore we are ready to go. If they have GCP or AWS, we have support for that as well. It offers a single-panel blast across multiple clouds."
"I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use."
"The most valuable features are ease of use and the ability to customize it."
"It's a solid platform and is stable enough. It is not complicated and is easy to use."
"ThreatConnect has a highly user-friendly interface."
"After getting a recommendation, it takes time for the solution to refresh properly to show that the problem has been eliminated."
"Azure Security Center takes a long time to update, compared to the on-premises version of Microsoft Defender."
"We would like to have better transparency as to how the security score is calculated because as it is now, it is difficult to understand."
"Customizing some of the compliance requirements based on individual needs seems like the biggest area of improvement. There should be an option to turn specific controls on and off based on how your solution is configured."
"The overview provides you with good information, but if you want more details, there is a lot more customization to do, which requires knowledge of the other supporting solutions."
"The product was a bit complex to set up earlier, however, it is a bit streamlined now."
"Defender is occasionally unreliable. It isn't 100% efficient in terms of antivirus detection, but it isn't an issue most of the time. It's also somewhat difficult to train new security analysts to use Defender."
"Most of the time, when we log into the support, we don't get a chance to interact with Microsoft employees directly, except having it go to outsource employees of Microsoft. The initial interaction has not been that great because outsourced companies cannot provide the kind of quality or technical expertise that we look for. We have a technical manager from Microsoft, but they are kind of average unless we make noise and ask them to escalate. We then can get the right people and the right solution, but it definitely takes time."
"A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution."
"Integration is an area that could use some improvement."
"They should make it a little bit easier to generate events and share them with the community"
"It would be good to have more feeds and more integrated sources for enrichment."
Microsoft Defender for Cloud protects your Azure and hybrid resources. Microsoft uses a wide variety of physical, infrastructure, and operational controls to help secure Azure—but there are additional actions you need to take to help safeguard your workloads. Turn on Azure Security Center to strengthen your cloud security posture. Within Azure Security Center, use Azure Defender to protect your hybrid cloud workloads. With Azure Security Center, you can:
- Assess and visualize the security state of your resources in Azure, on-premises, and in other clouds with Azure Secure Score
- Simplify enterprise compliance and view your compliance against regulatory requirements
- Protect all your hybrid cloud workloads with Azure Defender, which is integrated with Security Center
- Use AI and automation to cut through false alarms, quickly identify threats, and streamline threat investigation
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
Anomali Match is an intelligence-driven extended detection and response solution that helps organizations quickly identify and respond to threats in real time. Anomali Match boosts organizational efficiency and productivity by automating detection actions that quickly profile a danger and its impact on the organization, allowing for an effective response.
Anomali Match gathers security telemetry from your entire organization, including SIEM, EDR, Messaging, and Network, and integrates layered threat detection to identify pertinent threats and give analysts the actionable intelligence they need to look into the root causes or to clearly confirm an attack so that they can respond immediately.
Anomali Match assists organizations in achieving cyber resilience by providing essential characteristics, such as:
Anomali Match Features
Anomali Match has many valuable key features. Some of the most useful ones include:
Anomali Match Benefits
There are many benefits to implementing Anomali Match. Some of the biggest advantages the solution offers include:
Reviews from Real Users
Anomali Match stands out among its competitors for a number of reasons. Two major ones are its concise CTI and its scalability.
One PeerSpot reviewer, an IT Cyber Security Senior Analyst, notes of the solution, “I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use.” He adds, “Anomali Enterprise is scalable. We have approximately 15 people using the solution in my company.”
The ThreatConnect Platform allows security teams to go beyond managing threat intel to operationalizing and making threat intel actionable. The Platform is built on a market-leading threat intelligence platform that includes a modern analytics engine leveraging machine learning, orchestration and automation, case management, and an extensible API along with a marketplace of apps to seamlessly connect tools into the platform.
Threat Intelligence Data Model, Library and Scoring - Native threat intelligence management built into the Platform that ingests dozens of commercial and open source threat feeds, as well as intel shared via STIX and TAXII, then normalizes and scores the intelligence making it ready for action.
Analytics Engine - A key differentiator in the ThreatConnect Platform is our analytics engine – CAL – that leverages machine learning and provides multiple capabilities such as: Community-powered insights on threats and indicators across ThreatConnect users, a “Rosetta Stone” that automatically translates the aliases of threat actor groups used across the threat intel landscape, a series of intelligence feeds that marry our massive dataset with our cutting edge tradecraft and analytics to bring novel datasets that nobody else is talking about, and Report Cards that allow you to track how open source TI feeds are performing in the real world.
Threat Graph - ThreatConnect’s Threat Graph visualization is a game changer that provides an environment where analysts can quickly explore, pivot, and gain insight into the connection between seemingly disparate intelligence and data points to get a comprehensive picture of a threat to the organization.
Low-Code Automation and Workflow - Low-code security automation and workflows are core capabilities of our Platform, enabling CTI and SecOps teams to gain efficiencies, improve consistency, and increase their efficacy by standardizing on specific processes and workflows, and automating repetitive tasks, processes, and playbooks, generating significant ROI for security teams by reducing the manual burden on analysts.
Browser Extension - Allows analysts to instantaneously scan and identify relevant pieces of information from any web-based resource with a simple click of a button. It allows analysts to quickly understand what is currently known about an indicator and to add it to the Threat Library to aid in future analysis and investigation efforts, as well as translate threat actor aliases in real-time.
Anomali Match is ranked 15th in Extended Detection and Response (XDR) with 1 review while ThreatConnect Threat Intelligence Platform (TIP) is ranked 13th in Threat Intelligence Platforms with 3 reviews. Anomali Match is rated 7.0, while ThreatConnect Threat Intelligence Platform (TIP) is rated 8.4. The top reviewer of Anomali Match writes "Scalable, easy to use, but more features needed". On the other hand, the top reviewer of ThreatConnect Threat Intelligence Platform (TIP) writes "Ease to use, customizable, and they have responsive and knowledgeable support". Anomali Match is most compared with STAXX, Proofpoint Email Protection, Palo Alto Networks WildFire and Microsoft Defender for Office 365, whereas ThreatConnect Threat Intelligence Platform (TIP) is most compared with Palo Alto Networks WildFire, Palo Alto Networks Cortex XSOAR, Mandiant Advantage, Anomali ThreatStream and Recorded Future.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.