• Home
  • Anomali Match vs. CyberArk Privileged Access Manager

Anomali Match vs CyberArk Privileged Access Manager comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Defender XDR

Read 76 Microsoft Defender XDR reviews
5,744 views|4,276 comparisons
98% willing to recommend
Anomali Logo

Anomali Match

Read 1 Anomali Match review
175 views|74 comparisons
50% willing to recommend
CyberArk Logo

CyberArk Privileged Access Manager

Read 142 CyberArk Privileged Access Manager reviews
11,160 views|6,378 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Extended Detection and Response (XDR)
April 2024
Executive Summary

We performed a comparison between Anomali Match and CyberArk Privileged Access Manager based on real PeerSpot user reviews.

Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR).
To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: April 2024).
Download the complete report
768,578 professionals have used our research since 2012.
Featured Review
Dinesh Jaisankar
Helps extend its protection to third-party applications, stops malware attacks, and reduces costs
Microsoft Defender can extend its protection to the third-party applications we use, which is helpful. Microsoft Defender XDR not only helps stop... Read more →
Anonymous User
Scalable, easy to use, but more features needed
Chris V
Great password management, API password retrieval functionality and Rest API retrieval
The solution provided password management and API password retrieval functionality.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR.""The integration with other Microsoft solutions is the most valuable feature.""For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity.""We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button.""It has great stability.""The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats.""The ability to integrate and observe a more cohesive narrative across the products is crucial.""The unified view of the threat landscape on a central dashboard is the most valuable feature."

More Microsoft Defender XDR Pros →

"I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use."

More Anomali Match Pros →

"The established sessions on the target systems are fully isolated and the privileged account credentials are never exposed to the end-users or their client applications and devices.""CyberArk Privileged Access Manager is stable.""CyberArk Privileged Access Manager's main benefit is it provides secure access to our servers. There are features to capture the user activity, it provides video recording processing. If the users are logged in to the server, we can see what activities they are performing. It's a very nice tool for Privileged Access Management. They have plenty of useful services and the solution has fulfilled our needs.""The flexibility of integrating with other technologies is important because of a lot of applications - a lot of COTS products - are not supported when we are bringing the application IDs. The CyberArk platform provides a lot of opportunities to do customization.""The biggest feature is the security of the overall solution. It's very secure. The vaulting technology and the number of security layers involved in the vault, where privileged accounts are actually stored, is the heart of the solution.""The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task.""It is a single tool that isolates possible kinds of malware. You get lateral movement blocking and auditing information, e.g., you know who is doing what. You are getting protections from the service as well as a useful environment. All your admins can easily go in and out of your company while accessing your servers in a secure way, even if they are working abroad.""It has a centralized page where you can manage everything. This makes work easier. You don't have to remember different module URLs or browser applications. It is very easy to get all the secure identities of other environments into a single page, which is very important for us as it helps a lot in terms of operations, e.g., reduces management time. This is a single page where you can manage all accounts and onboard them to the CyberArk. You can then secure and see passwords from everywhere. So, there is a single pane of glass where you can manage all the identities across environments as well as across different types of identities."

More CyberArk Privileged Access Manager Pros →

Cons
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform.""The capability to not only thwart attacks but also to adapt to evolving threats is crucial.""It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team.""I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses.""Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded.""Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides.""Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed.""The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."

More Microsoft Defender XDR Cons →

"A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution."

More Anomali Match Cons →

"It can be integrated with other systems, but it is not easy to integrate. It takes too long to integrate it. Its integration should be easier and simpler.""It should be easier to install. It is a comprehensive product, which makes it difficult to install. You need to have their consulting services in order to get it all installed and set up correctly because there is so much going on. It would be nice if there were an easier way to do the installation without professional services. I suspect they get a fair amount of their money from professional services. So, there is not a huge incentive.""I would like to see better automation in granting access, better tools, more efficient tools, to be able to customize the solution that CyberArk provides.""I would like easier integrations for creating an online dashboard that executives would look at or are able to run reports from the tool.""Our DevOps team is looking in the direction of cloud, because we are not in it today. We are hoping to build it with Conjur from the ground up.""I don't know if "failed authentication" is a glitch or if that was an update... However, since we are the CyberArk support within our organization, we need to know that the password is suspended and we won't know that unless we have the ITA log up. So when a user calls and says, "Hey, I'm locked out of CyberArk, I can't get into CyberArk," we have to go through all of these other troubleshooting steps because the first thing we don't think of right now is, "The account is suspended." It doesn't say that anymore.""The interface on version 9 looks old.""There is some stuff that we still have not fully integrated, which is our AIM solution. We are having all types of issues with it. I have been working with Level 3 support on it, but otherwise, from a functionality perspective, everything has been working except for the AIM solution."

More CyberArk Privileged Access Manager Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "When comparing the price of Anomali Enterprise to other solutions it is in the medium to high range. However, I am satisfied with the price."

    • More Anomali Match Pricing and Cost Advice →

  • "Pricing and licensing depend on the environment."
  • "It is not a cheap solution. It is expensive as compared with other solutions. However, it is one of the best solutions in their domain."
  • "It can be an expensive product."
  • "Cost efficiency is the number one thing that can be improved in my mind. This would change lots of companies minds on purchasing the product."
  • "The cost is high compared to other products."
  • "CyberArk provides all the features bundled. This is compared to other vendors who provide them as a different license for each functionality."
  • "Our risk is definitely significantly lower. Also, our resources are low."
  • "If you are looking at implementing this solution, buy the training and go to it."

    • More CyberArk Privileged Access Manager Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    See Recommendations
    768,578 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an… more »
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment.
    Read all 29 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:Defender XDR has good threat visibility, but it could be better in some areas, like when we are hunting for a specific… more »
    Read all 37 answers   →
    Ask a question

    Earn 20 points

    How does Sailpoint IdentityIQ compare with CyberArk PAM?
    Top Answer:We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to… more »
    Read all 2 answers   →
    What do you like most about CyberArk Privileged Access Manager?
    Top Answer:CyberArk PAM can be easily automated.
    Read all 45 answers   →
    What is your experience regarding pricing and costs for CyberArk Privileg...
    Top Answer:The product is expensive. I rate the product’s pricing a seven out of ten, where one is cheap and ten is expensive.
    Read all 31 answers   →
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    CyberArk Privileged Access Security
    Learn More
    Microsoft
    Anomali
    CyberArk
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Anomali Match is an intelligence-driven extended detection and response solution that helps organizations quickly identify and respond to threats in real time. Anomali Match boosts organizational efficiency and productivity by automating detection actions that quickly profile a danger and its impact on the organization, allowing for an effective response.

    Anomali Match gathers security telemetry from your entire organization, including SIEM, EDR, Messaging, and Network, and integrates layered threat detection to identify pertinent threats and give analysts the actionable intelligence they need to look into the root causes or to clearly confirm an attack so that they can respond immediately.

    Anomali Match assists organizations in achieving cyber resilience by providing essential characteristics, such as:

    • Relevant intelligence at scale
    • Precision attack detection
    • Optimized response across security ecosystems

    Anomali Match Features

    Anomali Match has many valuable key features. Some of the most useful ones include:

    • Match is offered as a cloud-native or on-premises solution.

      • High performance indicator correlation at a rate of 190 trillion EPS is one of the additional cloud match capabilities.

      • Appliance and cloud-based ingestion of any telemetry related to security control.
    • Automated collection of current and historical event logs, asset data, and active threat data
    • Comprehensive visibility into historic security telemetry logs, millions of IOCs, and asset and vulnerability scan data
    • Continuous, real-time comparison of millions of indicators of compromise (IOCs) with all relevant security telemetry and log data
    • Automated retrospective inquiry and correlation of historical event logs with newly identified threat intelligence
    • Predictive protection against malicious C2 domains created by attacker domain generation algorithms
    • TTP-based hunting by actor, threat bulletin, or vulnerability employing advanced search analytics

    • Contextual threat intelligence in the form of actors, TTPs, campaigns, threat bulletins, and vulnerabilities, including MITRE ATT&CK details on the TTPs for a specific actor
    • Predictive DGA analysis to find bots connecting to C&C servers in your network

    Anomali Match Benefits

    There are many benefits to implementing Anomali Match. Some of the biggest advantages the solution offers include:

    • Quickly identify the impact in order to assess the criticality and prioritize the response.
    • Shorten the time it takes for active threats to be detected and for a response to be made.
    • Use automation, machine learning, and accessible intelligence to automatically detect and respond to potential threats.
    • Gain access to more than 5 years of security telemetry, millions of IOCs, and asset and vulnerability scan data.
    • Respond to difficult questions promptly and confidently to increase C-Level visibility.
    • Lower incident costs related to security, allowing for more effective security operations.

    Reviews from Real Users

    Anomali Match stands out among its competitors for a number of reasons. Two major ones are its concise CTI and its scalability.

    One PeerSpot reviewer, an IT Cyber Security Senior Analyst, notes of the solution, “I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use.” He adds, “Anomali Enterprise is scalable. We have approximately 15 people using the solution in my company.”

    CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

    CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

    Benefits of CyberArk Privileged Access Manager

    Some of CyberArk Privileged Access Manager’s benefits include:

    • The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
    • The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
    • The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

    Reviews from Real Users

    CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

    PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

    Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    Bank of England, First Energy, UBISOFT, Bank of Hope, Blackhawk Network
    Rockwell Automation
    Top Industries
    REVIEWERS
    Manufacturing Company19%
    Computer Software Company14%
    Government11%
    Financial Services Firm11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company15%
    Government8%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm24%
    Computer Software Company13%
    Insurance Company12%
    Healthcare Company9%
    VISITORS READING REVIEWS
    Educational Organization30%
    Computer Software Company12%
    Financial Services Firm10%
    Manufacturing Company5%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise23%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise15%
    Large Enterprise63%
    REVIEWERS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise66%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise38%
    Large Enterprise48%
    Buyer's Guide
    Extended Detection and Response (XDR)
    April 2024
    Download Free Report
    Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR). Updated: April 2024.
    DOWNLOAD NOW
    768,578 professionals have used our research since 2012.

    Anomali Match is ranked 36th in Extended Detection and Response (XDR) while CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews. Anomali Match is rated 7.0, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of Anomali Match writes "Scalable, easy to use, but more features needed". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". Anomali Match is most compared with ThreatConnect Threat Intelligence Platform (TIP), EclecticIQ, Microsoft Defender for Office 365 and STAXX, whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.