Anomali Threat Platform

2 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.1 out of 101

McAfee Enterprise Security Manager

22 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 6.8 out of 101

Add comparison

Likelihood to Recommend

Anomali Threat Platform

Being the best threat intelligence platform/tool on the market, it is fantastic in terms of performance and it has taken a lot of burden of curating and weeding through false positives off of our team freeing them up to focus on manual threat hunting and content building.
No photo available

McAfee Enterprise Security Manager

I would make a cautionary recommendation. If you're heavily invested in a McAfee product line, the McAfee Enterprise Security Manager is a natural fit and you probably already understand the risk of working with them. If you are greenfield looking for a SIEM, I would advise documenting your use cases very well, because you may find yourself doing a new implementation down the road.
No photo available

Feature Rating Comparison

Security Information and Event Management (SIEM)

Anomali Threat Platform
McAfee Enterprise Security Manager
7.0
Centralized event and log data collection
Anomali Threat Platform
McAfee Enterprise Security Manager
9.0
Correlation
Anomali Threat Platform
McAfee Enterprise Security Manager
8.8
Event and log normalization
Anomali Threat Platform
McAfee Enterprise Security Manager
7.6
Deployment flexibility
Anomali Threat Platform
McAfee Enterprise Security Manager
4.6
Integration with Identity and Access Management Tools
Anomali Threat Platform
McAfee Enterprise Security Manager
7.5
Custom dashboards and views
Anomali Threat Platform
McAfee Enterprise Security Manager
4.8
Host and network-based intrusion detection
Anomali Threat Platform
McAfee Enterprise Security Manager
7.0

Pros

  • Fantastic UI
  • STAXXX for sharing intelligence
  • Threat Intelligence feeds
  • Automation and collaboration cuts work down for the analysts
No photo available
  • McAfee Enterprise Security Manager has a large library of pre-made correlations that reduces the amount of work needed to make it functional.
  • This is a core McAfee product that is still getting support.
  • It has a substantial amount of compatibility and integration with other products.
No photo available

Cons

No answers on this topic
  • The migration off of Flash has been painful. The new interface is very difficult to work with. Even support tends to fall back to the Flash version.
  • The GUI is not intuitive under any version. Finding settings takes a significant amount of learning.
  • While the product is supported, the transitions from various directions have left the future of the product in question. It used to be the interface for IDS, but the new IDS is stand alone.
  • The way McAfee has dropped products with no warning in the past makes us skeptical of trusting any stated roadmap.
No photo available

Alternatives Considered

No answers on this topic
Splunk tends to be the top dog in the space. Everything is compatible and it's capable of anything. You just have to have the time and money to do the work. And if you have a large volume of logs (and who doesn't?), it's not cheap. McAfee Enterprise Security Manager's advantage is supposed to answer Spunk's weakness. You don't have to build everything from scratch. Out of the box, tools are supposed to make the tool valuable from day one. This is true, but, as always, take the sales pitch with a grain of salt. Get a live demo to see the navigation and interface. If your SOC is going to have to live with these screens day in and day out, make sure you're prepared.
No photo available

Return on Investment

  • After the Initial startup cost, it has overall had a positive impact by increasing efficiency of the team and freeing up analysts to do manual threat hunting
No photo available
  • For a tool that advertises how many correlations come out of the box, the selling point of easy administration is lost in the difficulty of administration.
  • The value of the tool being a significant part of the McAfee portfolio is questionable when integrated products are dropped without warning.
  • I would not put McAfee Enterprise Security Manager in a top three SIEM class, its more like a member of the top 10.
No photo available

Pricing Details

Anomali Threat Platform

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

McAfee Enterprise Security Manager

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details