We performed a comparison between Anomali Match and Cisco Secure Network Analytics based on real PeerSpot user reviews.
Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR)."A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"I have found the ability to delete unwanted threats beneficial."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"Microsoft 365 Defender is a good solution and easy to use."
"The visibility into threats that 365 Defender provides is really good. You get a full review of your security system and what can be improved. In the Microsoft 365 Defender portal the first page gives you a really big summary of which security policies you are following and what can be improved."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use."
"Ease of deployment, once you get your ducks in a row."
"It is a good application, providing for real-time monitoring of the organization of data. It can basically identify points of peak traffic where possible issues are being caused."
"If you are using Darktrace or NAC solutions you can integrate Stealthwatch."
"The most valuable features of this solution are the logging, keeping threats under control, and keeping our data and environment secure."
"Stealthwatch has greatly improved our network visibility, in terms of bandwidth, malware, and PCI violations."
"The most valuable features are encrypted threat analysis and the ability to run jobs on entire flows."
"This product alleviates the day-to-day headaches for us, in regards to metrics."
"Most valuable features are the network maps and server and network response time."
"The data recovery and backup could be improved."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"At times, there may be delays in the execution of certain actions and their effects."
"A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution."
"It would be better to let people know, up front, that is doesn't give you nice, clear information, as seen in the demos, without Cisco ISE installed."
"Better integration between Cisco Secure Network Analytics and Cisco Secure Workload would be beneficial."
"It is time-consuming to set it up and understand how the tool works."
"Stealthwatch needs improvement when it comes to speed."
"I would like to see more and cleaner reporting. For example, if I pull up Steven and I want to look and maybe compare him to what you've done in the past week, and compare that to the past six months, the point would be to see what the difference in activity looks like over this time. I don't see that capability in reporting to date. You see that trend but you don't really see a straightforward comparison. That right there is key to what we want to see about the normal activity."
"The configuration of the solution was quite complex."
"I would like to see interoperability with other Cisco products because we have ThousandEyes, Cisco Prime, and others. The interaction among these is important to us."
"We've had problems with element licensing costs so scalability is a concern."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Earn 20 points
Anomali Match is ranked 36th in Extended Detection and Response (XDR) while Cisco Secure Network Analytics is ranked 24th in Network Monitoring Software with 57 reviews. Anomali Match is rated 7.0, while Cisco Secure Network Analytics is rated 8.2. The top reviewer of Anomali Match writes "Scalable, easy to use, but more features needed". On the other hand, the top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". Anomali Match is most compared with ThreatConnect Threat Intelligence Platform (TIP), EclecticIQ, Microsoft Defender for Office 365 and STAXX, whereas Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.