Skip to main content
TrustRadius
Anomali ThreatStream

Anomali ThreatStream

Overview

What is Anomali ThreatStream?

ThreatStream from Anomali in Redwood City speeds detection of threats by uniting security solutions under one platform and providing tools to operationalize threat intelligence. ThreatStream also automates many of the tasks typically assigned to security professionals, freeing analysts to quickly…

Read more
Recent Reviews
Read all reviews
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Anomali ThreatStream?

ThreatStream from Anomali in Redwood City speeds detection of threats by uniting security solutions under one platform and providing tools to operationalize threat intelligence. ThreatStream also automates many of the tasks typically assigned to security professionals, freeing analysts to quickly…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

56 people also want pricing

Alternatives Pricing

What is CrowdStrike Falcon?

CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no…

What is Egnyte?

Egnyte provides a unified content security and governance solution for collaboration, data security, compliance, and threat detection for multicloud businesses. More than 16,000 organizations trust Egnyte to reduce risks and IT complexity, prevent ransomware and IP theft, and boost employee…

Return to navigation

Product Demos

Anomali ThreatStream Explainer Video

YouTube

Anomali Threatstream Splunk App Adaptive Response Capabilities

YouTube
Return to navigation

Product Details

What is Anomali ThreatStream?

Anomali ThreatStream Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(11)

Reviews

(1-2 of 2)
Companies can't remove reviews or game the system. Here's why
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We are one of the largest MSSPs in the region, and threat intelligence requirements are very critical for us to provide the best-in-class services to our esteemed customers. We are living in an era where the security threat landscape changes each second, and it becomes imperative that we keep up to terms with the latest developing threats. Anomali ThreatStream provides us a platform that we can leverage to stay updated about the latest happenings in Cybersecurity.
  • Provides high confident IOCs that can be used to sweep across logs.
  • Provides an excellent platform to research about security content.
  • Helps support our internal content development program by providing information about the latest campaigns, threat actors, malware, etc.
  • The user interface, perhaps there is some room for improvement although it is good already.
  • Confidence assigning process for IOCs needs to be more robust and transparent.
  • While integration with SIEM solutions is a cakewalk, there is definitely added value if SIGMA rule conversion and YARA rule creation are provided from the platform.
Anomali ThreatStream is excellent in scenarios where we deliver Managed Security Services to customers. It offers exhaustive volumes of information in the form of threat bulletins, IOCs, Threat Actor profiling, and details related to campaigns in the wild which can be used to a great extent by MSSPs. For an enterprise SOC, I believe it is a little less suited purely because of the pricing aspect as it is slightly towards the expensive side of the spectrum.
  • The platform itself offers a great place to research the current threat landscape.
  • IOC ingestion directly in to SIEM for advanced correlation using rules created in SIEM.
  • Threat Bulletins delivered periodically that cater to security know-how requirements.
  • We have seen a positive ROI as the security monitoring is taken to the next level when it is augmented with threat intel data that Anomali provides.
  • Our customers are very satisfied with the periodic threat reports that we send, which are created using Anomali ThreatStream.
  • The overall business objectives are met as Threat Intel is one of the most important pillars when it comes to providing security services, and we use Anomali ThreatStream extensively for that.
I think they both have their own pros and cons. However, I like Anomali ThreatStream better because of its strong local presence in MENA market which renders great support from the vendor during needy times. I have also figured out that IOC integration with SIEM solutions is fairly easy and straight forward with Anomali ThreatStream.
Arcsight Enterprise Security Manager (formerly HP Arcsight), Splunk Enterprise Security (ES), Palo Alto Networks Next-Generation Firewalls - PA Series
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Threat stream is being used to monitor the environment for threats or other indicators of compromise. Well there are many other feeds to ingest direct stream provides us a community-based and for the source of relevant information. as part of the security implementation threat stream is essentially used to protect the entire organization.
  • Indicators of Compromise
  • Signatures
  • Community Sharing
  • Platform Features
  • Integration
  • Additional IOCs
Parsing is useful information into other tools but can be a hit or miss depending on the tool. In regards to the quality of data, there is room for improvement as there is a constant growth of attackers and their techniques. Anomali Threat stream does well for larger organizations to use in tandem with other security suites.
  • Sandboxing features via JoeSSandbox
  • Threat Intelligence
  • Community platform
  • Threat intelligence
  • Security posture
  • Compliance
Many of the products that can be used to be ingested into a security event management software can be cumbersome with threat streamThere are many opportunities to continue fine-tuning the environment and providing great context in regards to threat research. When compared to other products threat stream stands out from usability and features.
VMware Carbon Black App Control (formerly cb protection), ReliaQuest, Cofense Vision
Return to navigation