Try our new research platform with insights from 80,000+ expert users

Anomali vs Microsoft Defender Threat Intelligence comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 1, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Anomali
Ranking in Advanced Threat Protection (ATP)
31st
Ranking in Threat Intelligence Platforms
9th
Average Rating
7.0
Reviews Sentiment
7.2
Number of Reviews
2
Ranking in other categories
Security Information and Event Management (SIEM) (56th), User Entity Behavior Analytics (UEBA) (25th), Extended Detection and Response (XDR) (41st)
Microsoft Defender Threat I...
Ranking in Advanced Threat Protection (ATP)
11th
Ranking in Threat Intelligence Platforms
4th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
31
Ranking in other categories
Microsoft Security Suite (18th)
 

Mindshare comparison

As of April 2025, in the Advanced Threat Protection (ATP) category, the mindshare of Anomali is 1.1%, up from 1.0% compared to the previous year. The mindshare of Microsoft Defender Threat Intelligence is 1.6%, up from 1.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Advanced Threat Protection (ATP)
 

Featured Reviews

PP
Easy and quick credential monitoring; tech support could be improved
Currently, we are not using any other solution for this use case, but previously we used MISP, which is an open-source project that requires a lot of effort to make work. That way, it required a lot of attention from our system administrator, and we had to sanitize the data very frequently because the peers we had. Sometimes they flooded our systems with chunk data and that needs to be handled and we decided to go with a paid solution instead.
Nim Nadarajah - PeerSpot reviewer
A native Microsoft solution the provides great ROI and continuously improves its offering
We have Microsoft bias. We generally don't have any significant negative feedback or improvement points around Defender, EDR and CMDR platforms. It does a good job across the board. The price point is something they can improve slightly for those who don't have an M 365 E5. I believe it's a $2.80 cents add-on. In Canadian, that's expensive. If they can drop it to a dollar, for those who don't have M 365 E5, they're going to open up market share and increase affordability for an entire market segment in the medium business category. Other than that, we have no major negative feedback.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The feature I have found most valuable is credential monitoring. This feature is easy and quick."
"I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use."
"The tool can proactively detect potential incidents."
"It just runs in the background. I don't have to worry about, making sure it's Intelligence. So, you know, this kind of makes it very easy, have to worry about installing. It is easy to use."
"The product's initial setup phase was straightforward."
"The solution is well integrated with other Microsoft security products."
"Microsoft's integration into the security stack works quite well."
"The tool is managed from the cloud, because of which the maintenance is very low."
"The product provides efficient email security for sending links and file attachments."
"The product is stable."
 

Cons

"A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution."
"Less code in integration would be nice when building blocks."
"Microsoft Defender Threat Intelligence is evolving and needs to fix and enhance numerous issues like stability and licensing. The continuous rebranding and licensing changes are confusing."
"Some of the customization features could be improved by providing a portion of it as open source."
"We encounter problems connecting the product deployed on the user endpoints with the servers."
"Microsoft itself is a major target for attacks and threats due to its size and popularity. That could be considered Microsoft's Achilles heel."
"Some of the customization features could be improved by providing a portion of it as open source."
"I would like to see more AI features and capabilities."
"The product's dashboard and incident reports functionality needs enhancement."
"While the current setup meets our needs, Microsoft can constantly improve customization and adaptability to rapidly evolving cybersecurity threats."
 

Pricing and Cost Advice

"When comparing the price of Anomali Enterprise to other solutions it is in the medium to high range. However, I am satisfied with the price."
"The product’s pricing is worth it."
"It is an expensive product."
"It's reasonably priced, though there's room for further improvement."
"They offer two license plans: Microsoft Defender for endpoints and Microsoft Defender for businesses."
"Microsoft's pricing structure involves annual fees."
"The solution is relatively expensive; however, our status as a gold partner provides us with several complimentary licenses, which offsets the cost."
"The tool is expensive as a stand-alone solution. However, it is not cheap when you purchase it as a bundle."
"I rate the product's price a six or seven on a scale of one to ten, where one is expensive, and ten is cheap."
report
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Computer Software Company
14%
Government
11%
Manufacturing Company
8%
Computer Software Company
17%
Financial Services Firm
12%
Educational Organization
11%
Government
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Anomali ThreatStream?
The feature I have found most valuable is credential monitoring. This feature is easy and quick.
What needs improvement with Anomali ThreatStream?
I think that this solution should improve its integrations. This part of the solution could be bigger and moved into the no-code direction. Less code in integration would be nice when building blocks.
What is your primary use case for Anomali ThreatStream?
Our primary use case for this solution is as a threat intelligence platform. We stream various threat feeds into this platform. We also make correlations between the feeds to duplicate the data, ag...
What do you like most about Microsoft Defender Threat Intelligence?
It just runs in the background. I don't have to worry about, making sure it's Intelligence. So, you know, this kind of makes it very easy, have to worry about installing. It is easy to use.
What needs improvement with Microsoft Defender Threat Intelligence?
Some of the customization features could be improved by providing a portion of it as open source. This would allow integration with other solutions, enhancing Threat Intelligence. Providing code cu...
What is your primary use case for Microsoft Defender Threat Intelligence?
We are using Microsoft Defender ATP specifically as an email security solution, as well as for our critical servers as a web security solution. We have almost eleven hundred users utilizing it for ...
 

Also Known As

Match, Lens, ThreatStream, STAXX, Anomali Security Analytics
No data available
 

Overview

 

Sample Customers

Bank of England, First Energy, UBISOFT, Bank of Hope, Blackhawk Network
Information Not Available
Find out what your peers are saying about Anomali vs. Microsoft Defender Threat Intelligence and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.