No more typing reviews! Try our Samantha, our new voice AI agent.

Anomali vs Google Security Operations comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 18, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Anomali
Ranking in Security Information and Event Management (SIEM)
10th
Average Rating
8.0
Reviews Sentiment
6.2
Number of Reviews
13
Ranking in other categories
User Entity Behavior Analytics (UEBA) (5th), Advanced Threat Protection (ATP) (11th), Threat Intelligence Platforms (TIP) (3rd), Extended Detection and Response (XDR) (11th)
Google Security Operations
Ranking in Security Information and Event Management (SIEM)
28th
Average Rating
8.8
Reviews Sentiment
7.5
Number of Reviews
6
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (13th), AI-Powered Cybersecurity Platforms (12th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Anomali is 1.4%, up from 0.3% compared to the previous year. The mindshare of Google Security Operations is 1.3%, up from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Anomali1.4%
Google Security Operations1.3%
Other97.3%
Security Information and Event Management (SIEM)
 

Featured Reviews

TarunKumar11 - PeerSpot reviewer
Global Leadership Council at a tech company with 10,001+ employees
Strategic threat intelligence has improved detection speed and consistently reduces analyst workload
Anomali can be improved in various aspects. Its AI-driven automation can further advance, and AI-powered investigation summaries can improve. User experience could be enhanced through simplification of workflows. Better board-level cyber risk dashboards could provide easier visualization. Additionally, Anomali could work on simplifying the pricing structure. Although it excels in threat intelligence aggregation and operationalization, stronger GenAI capability, improved executive reporting, and a more intuitive workflow for analysts would further increase SOC efficiency and add more business value. Regarding Anomali's AI capabilities, governance and security are quite good. Anomali has incorporated AI and machine learning primarily to improve correlation and prioritization. These capabilities are valuable but could be more mature. The platform could achieve better threat correlation, prioritization, more anomaly detection, and allow AI to accelerate intelligence analysis while further improving quality and relevance. The accuracy and reliability of Anomali's AI output are fairly reasonable and good. The AI engine works well, but this capability could be improved. Better threat correlation with threat actors, certain indicators of compromise, malware, and campaigns is possible. Threat prioritization could increase, and alert noise could be reduced through further de-duplication. While reasonable, this is not the best available, and other products possibly have more AI maturity, such as Recorded Future and CrowdStrike Falcon.
CK
Technical Lead at a transportation company with 1,001-5,000 employees
Simplified detection rules and SOAR workflows have improved compliance-focused operations
One improvement I am looking for is silent log source monitoring. If some feed or some host went offline or was not pulling any logs into Google Security Operations, I would want better visibility. Silent host monitoring would make a significant difference because it is very hard to track which host went down, and there are many false positives as a result. I think there is a lot of room for scalability improvements, particularly in the integration of third-party applications. Currently, I have to write a script and use a cloud run function to pull logs. If there were direct ingestion by simply providing an API key and some sort of client certificate, it would be much easier.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use."
"Anomali has impacted my organization positively because our SOC team, which is actively monitoring all the tools—either SIM, SOAR, or threat intelligence platform—operates in multiple shifts."
"The feature I have found most valuable is credential monitoring. This feature is easy and quick."
"With Anomali, we benefit by obtaining threat information prior to incidents, making our threat hunts proactive and having incident response plans ready, which saves almost 40% of the time from the traditional model."
"The most valuable aspect of Anomali is the threat modeling capability."
"Anomali positively impacts our organization, notably improving our vulnerability management program under reducing attack surface management."
"We now have a very robust collection of threat intelligence based on the capabilities that Anomali provides."
"I think it's one of the awesome tools I've worked with to date."
"The valuable parts of Google Security Operations include how easy it is to write parsers or detection rules, and it is well-advanced in the analytical part."
"Without hyperbole, I have never, in my entire career, encountered a vendor or a vendor community as awesome as Siemplify. Siemplify and the Siemplify Community quite literally made it possible for our SOC to increase almost five-fold in our number of clients and number of analysts and to go from a Monday to Friday 9-5 shop to a 24/7 shop all in the span of under a year and a half and all while continually adding capabilities and improving the services we offer to our clients."
"Google Security Operations helps meet all the important regulatory compliance across all verticals."
"Overall, Google SecOps is a very useful service for security operations."
"Google SecOps is extremely useful for threat detection and hunting."
"The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations with other security operation solutions, enhancing our flexibility. The user interface is generally straightforward, although recent changes may require some adjustment and Siemplify's integrations and capabilities offer potential support for various compliance requirements."
"The most valuable feature of Siemplify is the playbooks that can be created."
 

Cons

"Anomali can be improved by expanding its capability to capture a broader range of threats because it currently has limitations and may not catch everything occurring in the world, especially from the dark web."
"Less code in integration would be nice when building blocks."
"My experience with Anomali's customer support has not gone so well for us."
"Anomali Enterprise could improve by combining all the other tools' features into one solution."
"An area for improvement is the intelligence sharing within the Anomali community. The tagging system can be inconsistent, as any company can use any tags for their reporting."
"One more improvement I would mention is regarding compromised credential monitoring. Anomali should increase their capability to fetch details from various dark web solutions where threat actors post compromised credentials."
"Support in the past has been top-notch, but recent trends indicate that it has taken a back seat, as we often don't get answers for days."
"A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution."
"I'm inclined to say that I'd love to see some Machine Learning capabilities integrated into the platform, however, I just attended a demo this morning where Siemplify gave a sneak peek into some Machine Learning capabilities that they are currently developing and have roadmapped for release soon."
"We often encounter minor issues that could be improved, but we maintain communication with the developers and submit feature requests. Recently, I requested enhancements such as improved search functionality within playbooks and expanded options for exporting case data."
"Building the playbooks could be easier and the integration could improve. It is a difficult process, such as what API connections need to be made."
"The main improvement could be in the accuracy and detail provided in threat descriptions."
"I can give customer service a rating of six because it is very hard sometimes to keep up with the support."
 

Pricing and Cost Advice

"When comparing the price of Anomali Enterprise to other solutions it is in the medium to high range. However, I am satisfied with the price."
Information not available
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Manufacturing Company
9%
Construction Company
8%
Computer Software Company
6%
Financial Services Firm
15%
Manufacturing Company
10%
University
7%
Outsourcing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise1
Large Enterprise14
By reviewers
Company SizeCount
Small Business4
Large Enterprise3
 

Questions from the Community

What is your experience regarding pricing and costs for Anomali Enterprise?
My experience with pricing involved a yearly, two-year contract; I can't specify the setup cost, but it was aligned with our budget, so I consider it good.
What needs improvement with Anomali ThreatStream?
I can mention one point regarding improvements for Anomali, which is more enhanced reporting flexibility. The reporting provided to us is not too detailed and could be more enhanced. Better filteri...
What is your primary use case for Anomali ThreatStream?
I was using Anomali primarily for threat intelligence operations, security monitoring, and threat detection initiatives. I was part of the SOC team, and my role and responsibilities involved workin...
What is your experience regarding pricing and costs for Siemplify?
The pricing for Google SecOps and Microsoft Sentinel is almost the same, with no significant differences.
What needs improvement with Siemplify?
A potential area of improvement for Google Security Operations could be cost. I think Google has already started developing AI SOC and Agentic SOC, so I do not have any other suggestions for improv...
What is your primary use case for Siemplify?
Google Security Operations is the main tool that my clients use for the security operations of their companies.
 

Also Known As

Match, Lens, ThreatStream, STAXX, Anomali Security Analytics
Siemplify ThreatNexus
 

Overview

 

Sample Customers

Bank of England, First Energy, UBISOFT, Bank of Hope, Blackhawk Network
FedEx Mondelez Intenrational Check Point Trustwave Atos Cyberint Bae Systems Crowe Longwall Security Telefonica Nordea HCL
Find out what your peers are saying about Anomali vs. Google Security Operations and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.