We performed a comparison between Mandiant Advantage and ThreatConnect Threat Intelligence Platform (TIP) based on real PeerSpot user reviews.
Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR)."I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"The product integrates security into one tool instead of having third-party security tools."
"The summarization of emails is a valuable feature."
"The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to ensure a complex and massive attack against our customer's infrastructure on the forum. That is, they were animating people on a formum. The solution alerted us to this two days ahead of the attack, which gave us plenty of time to prepare for it."
"It is so valuable to have someone performing these functions outside of our business hours when we don't have staff in the building. We've seen a lot of solid metrics on the amount of malware that it's detecting and resolving. We're pleased with it so far."
"The advantage of the solution is being able to go look up threat actors and get a lot of detailed information about different attacks and different tactics and general information about threats."
"The most valuable features are ease of use and the ability to customize it."
"ThreatConnect has a highly user-friendly interface."
"It's a solid platform and is stable enough. It is not complicated and is easy to use."
"The product automatically generated a threat score based on the maliciousness of an IP."
More ThreatConnect Threat Intelligence Platform (TIP) Pros →
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"At times, there may be delays in the execution of certain actions and their effects."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"The solution does not offer a unified response and standard data."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful."
"Mandiant's on-prem client is too processor-intensive, so it's putting a strain on the local device's CPU. When a scan is running on the device, the other processing tasks slow to a crawl. We're still trying to figure out the correct settings for the client."
"I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform."
"They should make it a little bit easier to generate events and share them with the community"
"It would be good to have more feeds and more integrated sources for enrichment."
"Integration is an area that could use some improvement."
"I couldn’t get any training videos online when I was working with the tool."
More ThreatConnect Threat Intelligence Platform (TIP) Cons →
More ThreatConnect Threat Intelligence Platform (TIP) Pricing and Cost Advice →
Mandiant Advantage is ranked 20th in Extended Detection and Response (XDR) with 3 reviews while ThreatConnect Threat Intelligence Platform (TIP) is ranked 4th in Threat Intelligence Platforms with 4 reviews. Mandiant Advantage is rated 8.6, while ThreatConnect Threat Intelligence Platform (TIP) is rated 8.0. The top reviewer of Mandiant Advantage writes "It gives us peace of mind that issues can be addressed when our core IT team isn't working". On the other hand, the top reviewer of ThreatConnect Threat Intelligence Platform (TIP) writes "The tool could be integrated into any environment, but it was expensive, and the deployment process was complex". Mandiant Advantage is most compared with CrowdStrike Falcon, Cortex Xpanse, Cymulate, Microsoft Defender External Attack Surface Management and Recorded Future, whereas ThreatConnect Threat Intelligence Platform (TIP) is most compared with Anomali ThreatStream, Recorded Future, ThreatQ, Palo Alto Networks Cortex XSOAR and EclecticIQ.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.