Anomali Match vs ThreatConnect Threat Intelligence Platform (TIP) comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Anomali Match and ThreatConnect Threat Intelligence Platform (TIP) based on real PeerSpot user reviews.

Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR).
To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: March 2024).
763,955 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature is the network security.""We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing.""It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces.""Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end.""Scanning, vulnerability reporting, and the dashboard are the most valuable features.""The summarization of emails is a valuable feature.""I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications.""Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."

More Microsoft Defender XDR Pros →

"I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use."

More Anomali Match Pros →

"It's a solid platform and is stable enough. It is not complicated and is easy to use.""ThreatConnect has a highly user-friendly interface.""The product automatically generated a threat score based on the maliciousness of an IP.""The most valuable features are ease of use and the ability to customize it."

More ThreatConnect Threat Intelligence Platform (TIP) Pros →

Cons
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things.""The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again.""Intrusion detection and prevention would be great to have with 365 Defender.""At times, there may be delays in the execution of certain actions and their effects.""There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial.""I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses.""I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises.""The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."

More Microsoft Defender XDR Cons →

"A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution."

More Anomali Match Cons →

"It would be good to have more feeds and more integrated sources for enrichment.""They should make it a little bit easier to generate events and share them with the community""I couldn’t get any training videos online when I was working with the tool.""Integration is an area that could use some improvement."

More ThreatConnect Threat Intelligence Platform (TIP) Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."
  • More Microsoft Defender XDR Pricing and Cost Advice →

  • "When comparing the price of Anomali Enterprise to other solutions it is in the medium to high range. However, I am satisfied with the price."
  • More Anomali Match Pricing and Cost Advice →

  • "The price of this product is in the mid-range, not too expensive, nor inexpensive."
  • "The price could be better."
  • "The tool is expensive."
  • More ThreatConnect Threat Intelligence Platform (TIP) Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    763,955 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Scanning, vulnerability reporting, and the dashboard are the most valuable features.
    Top Answer:While Microsoft Defender XDR carries a higher cost, its ease of use compared to Defender may justify the investment.
    Top Answer:While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a… more »
    Ask a question

    Earn 20 points

    Top Answer:The product automatically generated a threat score based on the maliciousness of an IP.
    Top Answer:The building of playbooks could be more refined. The training is not openly available. I couldn’t get any training… more »
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    Learn More
    Interactive Demo
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Anomali Match is an intelligence-driven extended detection and response solution that helps organizations quickly identify and respond to threats in real time. Anomali Match boosts organizational efficiency and productivity by automating detection actions that quickly profile a danger and its impact on the organization, allowing for an effective response.

    Anomali Match gathers security telemetry from your entire organization, including SIEM, EDR, Messaging, and Network, and integrates layered threat detection to identify pertinent threats and give analysts the actionable intelligence they need to look into the root causes or to clearly confirm an attack so that they can respond immediately.

    Anomali Match assists organizations in achieving cyber resilience by providing essential characteristics, such as:

    • Relevant intelligence at scale
    • Precision attack detection
    • Optimized response across security ecosystems

    Anomali Match Features

    Anomali Match has many valuable key features. Some of the most useful ones include:

    • Match is offered as a cloud-native or on-premises solution.

      • High performance indicator correlation at a rate of 190 trillion EPS is one of the additional cloud match capabilities.

      • Appliance and cloud-based ingestion of any telemetry related to security control.
    • Automated collection of current and historical event logs, asset data, and active threat data
    • Comprehensive visibility into historic security telemetry logs, millions of IOCs, and asset and vulnerability scan data
    • Continuous, real-time comparison of millions of indicators of compromise (IOCs) with all relevant security telemetry and log data
    • Automated retrospective inquiry and correlation of historical event logs with newly identified threat intelligence
    • Predictive protection against malicious C2 domains created by attacker domain generation algorithms
    • TTP-based hunting by actor, threat bulletin, or vulnerability employing advanced search analytics

    • Contextual threat intelligence in the form of actors, TTPs, campaigns, threat bulletins, and vulnerabilities, including MITRE ATT&CK details on the TTPs for a specific actor
    • Predictive DGA analysis to find bots connecting to C&C servers in your network

    Anomali Match Benefits

    There are many benefits to implementing Anomali Match. Some of the biggest advantages the solution offers include:

    • Quickly identify the impact in order to assess the criticality and prioritize the response.
    • Shorten the time it takes for active threats to be detected and for a response to be made.
    • Use automation, machine learning, and accessible intelligence to automatically detect and respond to potential threats.
    • Gain access to more than 5 years of security telemetry, millions of IOCs, and asset and vulnerability scan data.
    • Respond to difficult questions promptly and confidently to increase C-Level visibility.
    • Lower incident costs related to security, allowing for more effective security operations.

    Reviews from Real Users

    Anomali Match stands out among its competitors for a number of reasons. Two major ones are its concise CTI and its scalability.

    One PeerSpot reviewer, an IT Cyber Security Senior Analyst, notes of the solution, “I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use.” He adds, “Anomali Enterprise is scalable. We have approximately 15 people using the solution in my company.”

    The ThreatConnect Threat Intelligence Operations (TIOps) Platform lets organizations operationalize and evolve their cyber threat intel program, enabling cybersecurity operations teams to measurably improve their organization’s resilience to attacks. The TIOps Platform enhances collaboration across teams to drive proactive threat defense, and improve threat detection and response. The AI- and automation-powered TI Ops Platform enables analysts to perform all their work effectively and efficiently in a single, unified platform, allowing threat intel to be aggregated, analyzed, prioritized, and actioned against the most relevant threats. 

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    Bank of England, First Energy, UBISOFT, Bank of Hope, Blackhawk Network
    Oracle, IBM, General Dynamics, Scotiabank, Sony, Athena Health, Berkshire Hathaway Energy, Workday, TikTok
    Top Industries
    REVIEWERS
    Manufacturing Company18%
    Financial Services Firm12%
    Government12%
    Computer Software Company12%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm10%
    Government8%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company15%
    Government8%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company16%
    Government11%
    Manufacturing Company9%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise24%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise17%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise14%
    Large Enterprise64%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise11%
    Large Enterprise71%
    Buyer's Guide
    Extended Detection and Response (XDR)
    March 2024
    Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR). Updated: March 2024.
    763,955 professionals have used our research since 2012.

    Anomali Match is ranked 35th in Extended Detection and Response (XDR) while ThreatConnect Threat Intelligence Platform (TIP) is ranked 4th in Threat Intelligence Platforms with 2 reviews. Anomali Match is rated 7.0, while ThreatConnect Threat Intelligence Platform (TIP) is rated 8.0. On the other hand, the top reviewer of ThreatConnect Threat Intelligence Platform (TIP) writes "The tool could be integrated into any environment, but it was expensive, and the deployment process was complex". Anomali Match is most compared with Hunters, EclecticIQ, Microsoft Defender for Office 365 and STAXX, whereas ThreatConnect Threat Intelligence Platform (TIP) is most compared with Anomali ThreatStream, Recorded Future, ThreatQ, Palo Alto Networks Cortex XSOAR and Splunk SOAR.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.