1. Home
  2. Threat Intelligence Platforms
  3. Anomali ThreatStream Reviews
  4. User Review of Anomali ThreatStream
Anomali ThreatStream - Review from an MSSP user
May 14, 2022

Anomali ThreatStream - Review from an MSSP user

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Anomali ThreatStream

We are one of the largest MSSPs in the region, and threat intelligence requirements are very critical for us to provide the best-in-class services to our esteemed customers. We are living in an era where the security threat landscape changes each second, and it becomes imperative that we keep up to terms with the latest developing threats. Anomali ThreatStream provides us a platform that we can leverage to stay updated about the latest happenings in Cybersecurity.
  • Provides high confident IOCs that can be used to sweep across logs.
  • Provides an excellent platform to research about security content.
  • Helps support our internal content development program by providing information about the latest campaigns, threat actors, malware, etc.
  • The user interface, perhaps there is some room for improvement although it is good already.
  • Confidence assigning process for IOCs needs to be more robust and transparent.
  • While integration with SIEM solutions is a cakewalk, there is definitely added value if SIGMA rule conversion and YARA rule creation are provided from the platform.
  • The platform itself offers a great place to research the current threat landscape.
  • IOC ingestion directly in to SIEM for advanced correlation using rules created in SIEM.
  • Threat Bulletins delivered periodically that cater to security know-how requirements.
  • We have seen a positive ROI as the security monitoring is taken to the next level when it is augmented with threat intel data that Anomali provides.
  • Our customers are very satisfied with the periodic threat reports that we send, which are created using Anomali ThreatStream.
  • The overall business objectives are met as Threat Intel is one of the most important pillars when it comes to providing security services, and we use Anomali ThreatStream extensively for that.
I think they both have their own pros and cons. However, I like Anomali ThreatStream better because of its strong local presence in MENA market which renders great support from the vendor during needy times. I have also figured out that IOC integration with SIEM solutions is fairly easy and straight forward with Anomali ThreatStream.

Do you think Anomali ThreatStream delivers good value for the price?

Yes

Are you happy with Anomali ThreatStream's feature set?

Yes

Did Anomali ThreatStream live up to sales and marketing promises?

Yes

Did implementation of Anomali ThreatStream go as expected?

Yes

Would you buy Anomali ThreatStream again?

Yes

Arcsight Enterprise Security Manager (formerly HP Arcsight), Splunk Enterprise Security (ES), Palo Alto Networks Next-Generation Firewalls - PA Series
Anomali ThreatStream is excellent in scenarios where we deliver Managed Security Services to customers. It offers exhaustive volumes of information in the form of threat bulletins, IOCs, Threat Actor profiling, and details related to campaigns in the wild which can be used to a great extent by MSSPs. For an enterprise SOC, I believe it is a little less suited purely because of the pricing aspect as it is slightly towards the expensive side of the spectrum.