

Anomali and Huntress Managed SIEM are competing products in the cybersecurity market, both offering threat detection capabilities. Huntress Managed SIEM appears to have the upper hand due to its advanced endpoint protection features and ease of deployment.
Features: Anomali provides strong threat intelligence integration, enabling efficient data analysis from various sources. It offers robust tools for customizing threat detection. It integrates well with existing security infrastructure. Huntress Managed SIEM supports advanced endpoint detection and response, facilitates proactive threat hunting, and includes a user-friendly interface for managing threats effectively.
Ease of Deployment and Customer Service: Huntress Managed SIEM is known for a straightforward deployment process and responsive customer service, contributing to its user-friendly nature. Anomali’s deployment is complex and requires technical expertise but offers expansive customization for tailored security solutions.
Pricing and ROI: Anomali generally involves higher initial setup costs, justified by its extensive threat intelligence capabilities, yielding long-term returns. Huntress Managed SIEM features competitive pricing aimed at quick ROI through efficient threat mitigation. It is often considered a cost-effective choice for rapid value realization.
Analyst productivity has improved significantly, with hours saved because of automation and AI-driven work that Anomali performs.
Anomali provides us with a very cost-effective value compared to the market, and I would rate it ten out of ten for return on investment metrics.
There is a return on investment concerning time and effort saved by 40% after implementing Anomali.
I can expect an estimated five to twenty times return on investment with this solution.
I have seen a return on investment from using Huntress Managed SIEM because it saves a lot of time.
I have seen return on investment in terms of spotting cyber threats; breaches could lead to huge amounts of money going out of the organization, and Huntress Managed SIEM has prevented this.
They have strong onboarding and deployment assistance, provide a dedicated technical account manager for large customers, and engage in regular product updates and customer interaction.
The technical support at Anomali is excellent.
It doesn't seem very professional how they're handling support anymore.
You are communicating to tier one and tier two people who are then communicating on the back end, so you are not getting updates as frequently.
Customer support through our channel partners is excellent.
They will guide us through all aspects of the deployment.
The scalability is massive, allowing us to store millions of indicators.
I believe Anomali's scalability is good; whether it is an organization for ten people or one hundred thousand people, the job a threat intel platform has to do will be the same.
Anomali's scalability is impressive as a mature platform capable of processing large amounts of threat intelligence and indicators of compromise data.
It struggles with scalability when dealing with high logs, multi-site, multi-tenant setups, and large volumes of endpoints.
Huntress Managed SIEM is pretty scalable when there are more log sources to be integrated, or when there are high volumes of transactions which lead to higher log ingestion.
In my experience, Huntress Managed SIEM's scalability is very good and stable.
From a reliability perspective, Anomali consistently injects threat feeds, works on automation, performs reliable API integrations, and supports enterprise scale globally.
For example, while Microsoft allows ample time for users to adapt to deprecated features, Anomali only gave us three weeks before switching, so they need to be more cognizant of customer use cases from their engineering side.
The good thing is that they have a health check page, and if any issues arise, they notify us.
Huntress Managed SIEM is very stable.
Combining all aliases into a coherent solution would be beneficial, as we had to review each individual source ourselves.
Anomali should increase their capability to fetch details from various dark web solutions where threat actors post compromised credentials.
Anomali's ability to correlate and integrate different Threat Intel platforms, such as Mandiant and PolySwarm, is another valuable feature, removing duplicacy and enabling the application of specific IOCs across various security controls.
I would like Huntress Managed SIEM to integrate with EDRs like SentinelOne to combine that level of intelligence and information into their stack.
I believe Huntress Managed SIEM could be improved by increasing integrations with non-Microsoft solutions as this would broaden its appeal.
In my opinion, there is room for improvement in Huntress Managed SIEM, particularly in integration with third-party solutions.
Pricing and licensing are good, but the costs for purchasing threat feeds are somewhat complicated and a bit on the higher side.
My experience with Anomali's pricing is that it is higher compared to other open-source alternatives.
My experience with pricing, setup cost, and licensing is that there are not many follow-ups, but once we interacted with the product team or the leadership of Anomali, they managed a lot with us, and it all paid off to reach a conclusion that we would continue with this product.
I believe most competitors charge by the data slightly differently compared to how this solution does, as it is per data source rather than data size in gigabytes.
I did not have to spend more than what I initially budgeted for.
I think the pricing for SIEM is good.
Regarding integration, Anomali has capabilities to integrate with different downstream applications such as Palo Alto, allowing us to create playbooks to block domains, URLs, or IPs directly within the firewall.
Correlating IOCs with the telemetry data we are ingesting from our data sources allows us to pull monthly reports identifying how many assets and users interacted with malicious content, giving insight into whether communications failed or users accessed restricted content, providing complete visibility of the IOCs traveling throughout our environment.
It aggregates intelligence from hundreds of sources, automatically de-duplicates, applies risk scoring, applies context, and reduces much manual effort.
Huntress Managed SIEM combines machine detection with human investigation, which adds context and helps confirm if something is actually a threat rather than just noise.
Regarding the feature that requires no alert tuning, we are using the advanced filtering so we only see actionable events and not lots of noise, which filters out any false positives or areas of no concern.
Huntress Managed SIEM has helped in both angles, improving efficiency in SOC operations where the mean time to detect is drastically reduced.
| Product | Mindshare (%) |
|---|---|
| Anomali | 1.4% |
| Huntress Managed SIEM | 1.1% |
| Other | 97.5% |

| Company Size | Count |
|---|---|
| Small Business | 4 |
| Midsize Enterprise | 1 |
| Large Enterprise | 14 |
| Company Size | Count |
|---|---|
| Small Business | 8 |
| Midsize Enterprise | 2 |
| Large Enterprise | 2 |
Anomali delivers user-friendly cyber threat intelligence, offering concise insights with robust capabilities for evolving scenarios.
Anomali offers a powerful platform for cyber threat intelligence, allowing organizations to efficiently stream and analyze threat feeds. It excels in threat modeling, prioritizing intelligence, and supporting large-scale automation through its API, fostering a proactive security approach.
What are Anomali's Key Features?Anomali serves as a crucial tool for threat intelligence in industries ranging from finance to healthcare. Organizations stream threat feeds into Anomali to correlate and aggregate data, enhancing security measures and facilitating thorough threat investigations. Its adaptability makes it suitable across different sectors.
Huntress Managed SIEM delivers advanced threat detection and response capabilities tailored for Security Information and Event Management. It addresses cybersecurity challenges with automated monitoring and actionable insights.
Huntress Managed SIEM stands out by offering comprehensive security event monitoring designed for modern cybersecurity landscapes. It identifies potential threats and vulnerabilities, ensuring actionable data for quicker response. Its integration capabilities with existing security infrastructure make it a reliable choice for enhancing cyber defenses and incident resolution.
What are the key features of Huntress Managed SIEM?Huntress Managed SIEM is widely used across industries such as finance, healthcare, and retail, where it is critical to protect sensitive information. Its adaptability to different enterprise needs makes it an ideal choice for strengthening security frameworks in diverse sectors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.