2 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 8.3 out of 101
22 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 6.8 out of 101

Add comparison

Likelihood to Recommend

Anomali Threat Platform

Being the best threat intelligence platform/tool on the market, it is fantastic in terms of performance and it has taken a lot of burden of curating and weeding through false positives off of our team freeing them up to focus on manual threat hunting and content building.
No photo available

McAfee Enterprise Security Manager

McAfee Enterprise Security Manager is well placed when the environment has other Intel products. We operate McAfee Move and the two products work extremely well together. The anti-virus product can be very cumbersome if used with another SIEM solution when log collecting.We have other areas where intel solutions are not in use and in these circumstances we used another well-known SIEM solution that had an easier implementation phase than Intel's and where remote access was challenging.
Philip Clarke profile photo

Feature Rating Comparison

Security Information and Event Management (SIEM)

Anomali Threat Platform
McAfee Enterprise Security Manager
6.8
Centralized event and log data collection
Anomali Threat Platform
McAfee Enterprise Security Manager
9.0
Correlation
Anomali Threat Platform
McAfee Enterprise Security Manager
8.9
Event and log normalization
Anomali Threat Platform
McAfee Enterprise Security Manager
7.4
Deployment flexibility
Anomali Threat Platform
McAfee Enterprise Security Manager
4.1
Integration with Identity and Access Management Tools
Anomali Threat Platform
McAfee Enterprise Security Manager
7.5
Custom dashboards and views
Anomali Threat Platform
McAfee Enterprise Security Manager
4.3
Host and network-based intrusion detection
Anomali Threat Platform
McAfee Enterprise Security Manager
6.7

Pros

  • Fantastic UI
  • STAXXX for sharing intelligence
  • Threat Intelligence feeds
  • Automation and collaboration cuts work down for the analysts
No photo available
  • Advanced Threat intelligence gives us the ability to prioritise alerts quickly and efficiently.
  • SIEM log collection allows us to integrate our other Intel products to a centralised point.
  • Physical appliances is one of the areas we have moved away from, so the ability for ESM to be available as a VDI was key.
Philip Clarke profile photo

Cons

No answers on this topic
  • If there is a requirement to integrate into other vendor products i.e. (log sharing) then this was very cumbersome.
  • Integration of vulnerability scanning that is available in other vendor products would be a good addition.
  • When integrating all of Intel's products a third party consultancy is usually required, where other vendor products can be configured without this additional cost.
Philip Clarke profile photo

Alternatives Considered

No answers on this topic
We looked at a few products, these were AlienVault, ESM, LogRhythm and Alert Logic.ESM at the time had more functionality and a friendlier and cleaner user interface than LogRhythmESM had an ability to integrate easily into Intel's endpoint solution versus AlienVault where a parser would have to be written, though AlienVault's inclusion of vulnerability management and IDS made it stand out from some of the others.ESM had a better correlation engine and log drill through than Alert Logic, and in our scenario we were not looking for a hosted solution at the time.ESM has a good network of partners and in the event a managed service is required the transition to this is made very easily.
Philip Clarke profile photo

Return on Investment

  • After the Initial startup cost, it has overall had a positive impact by increasing efficiency of the team and freeing up analysts to do manual threat hunting
No photo available
  • For a tool that advertises how many correlations come out of the box, the selling point of easy administration is lost in the difficulty of administration.
  • The value of the tool being a significant part of the McAfee portfolio is questionable when integrated products are dropped without warning.
  • I would not put McAfee Enterprise Security Manager in a top three SIEM class, its more like a member of the top 10.
No photo available

Pricing Details

Anomali Threat Platform

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details

McAfee Enterprise Security Manager

General
Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No
Additional Pricing Details