A solution to operationalize actionable data and insights to secure any organization. Anomali ThreatStream provides curated access to the a global repository of threat intelligence, delivering enrichment, contextualization, and detection of known and emerging threats.
N/A
Mimecast Threat Intelligence
Score 7.5 out of 10
N/A
Mimecast offers a threat intelligence service, including the company's Threat Intelligence Dashboard, threat remediation, and the Mimecast Threat Feed for integration threat intelligence into compatible SIEM or SOAR platforms.
Anomali ThreatStream is excellent in scenarios where we deliver Managed Security Services to customers. It offers exhaustive volumes of information in the form of threat bulletins, IOCs, Threat Actor profiling, and details related to campaigns in the wild which can be used to a great extent by MSSPs. For an enterprise SOC, I believe it is a little less suited purely because of the pricing aspect as it is slightly towards the expensive side of the spectrum.
I think Mimecast is great for companies who want granular control over their email. Once it is setup, it really does just run along without IT needing to get involved too much. Any time we have 'issues' - such as incorrectly blocked emails or attachments, we can easily figure out what we need to do and how to fix it. Mimecast is great for teams who don't want to sit there all day and manage and look at emails. It would suit a large organisation who want deep control.
Because all incoming and outgoing (with journaling setup for internal email) go through Mimecast it is a one-stop-shop for searching out emails from past months or years. It is light years better than using local archives such as .pst files.
Since they touch all incoming email Mimecast is excellent our filtering out spam, malware and virus emails before it even gets to your server whether on-premise or in the cloud.
The user interface, perhaps there is some room for improvement although it is good already.
Confidence assigning process for IOCs needs to be more robust and transparent.
While integration with SIEM solutions is a cakewalk, there is definitely added value if SIGMA rule conversion and YARA rule creation are provided from the platform.
It works perfectly and is really easy to manage when you understand the menu and how it works. It really is 'set and forget' with minor changes needed from time to time to blacklist and whitelist senders and domains. It makes our life really easy and gives us a lot of data to understand how or business and users operate.
Mimecast has a 24 hours phone hotline available to assist you with issues as they arise. This is the typical help desk situation where you reach level one and go to level two if this issue is extensive however I have found their level one techs to more than capable of dealing with most issues I have called about. The only negative I would mention is that their email support is less hardy when it comes to response time so I have grown to realize that calling is the only way to get timely support.
Many of the products that can be used to be ingested into a security event management software can be cumbersome with threat streamThere are many opportunities to continue fine-tuning the environment and providing great context in regards to threat research. When compared to other products threat stream stands out from usability and features.
We have seen a positive ROI as the security monitoring is taken to the next level when it is augmented with threat intel data that Anomali provides.
Our customers are very satisfied with the periodic threat reports that we send, which are created using Anomali ThreatStream.
The overall business objectives are met as Threat Intel is one of the most important pillars when it comes to providing security services, and we use Anomali ThreatStream extensively for that.
