My main use case for Anvilogic is coordinating and tracking indicators of compromise and detection rules. I use Anvilogic for coordinating and tracking indicators of compromise or detection rules by feeding detection rules into Splunk, our Splunk environment, and these are turned into actionable alerts for our security operations center.

Anvilogic has positively impacted my organization by being a force multiplier for our security operations center and has allowed us to coordinate and distribute work more efficiently and provide consistency among the multiple SIEM environments.

I was able to create 90 detection scenarios in the first two weeks of using Anvilogic, which showcases how it improved efficiency and consistency for my team.

The best features Anvilogic offers are consistent recording and tracking of detection engine detection rules as they adapt over time to adversary's behaviors, and the ability to operate in multiple security SIEM environments.

Anvilogic works for my team by providing a single point of contact to put detection engineering rules that then get distributed to all of the various event management engines, as we have multiple SIEM environments in our company, including Microsoft Defender, Splunk, Elastic, and others.

Anvilogic has changed how my team thinks about detection by allowing us to no longer apply the same configurations and correlation rules in multiple Splunk environments and can transparently search across multiple SIEMS platforms.

What surprised me the most about Anvilogic once I started using it is the ease of creating and maintaining custom threat intel and threat scenarios.

Anvilogic can be improved with more support for cross-platform and native detection languages such as Sigma and Yara rules.

I have been using Anvilogic for about six months.

Anvilogic has been very stable and reliable.

Anvilogic's scalability has been great as it has been able to scale and perform well, better than the available resources we have to throw at it, and we have not run into any issues with our analysts not being able to access Anvilogic and perform their activities efficiently.

Anvilogic customer support has been very productive to work with.

I have seen a return on investment in that Anvilogic has been more of a fundamental enablement technology than a return on investment, but it has definitely allowed us to move more quickly with integrating our corporate acquisitions as well as with our corporate colleagues who use other SIEM technologies.

When other teams ask about Anvilogic, I tell them it makes detection engineering into a process rather than a one-time operation.

I convinced my leadership to adopt Anvilogic by comparing it to the manual operations and the overhead of repeated detection engineering processes.

My advice for others looking into using Anvilogic is to start with the configurations and detection rules that come prepackaged, and then reach out and create your own to expand your capabilities; once you start using this system, it becomes much easier and more efficient than manually maintaining detection rules.

I provide this review with a rating of 10.

It serves as the glue between all my vendor telemetry and gives us the capability to build our own detection capabilities in a very advanced way. We have moved off of single-based detections into threat scenarios, which gives us significantly higher fidelity detection capability.

There were no surprises about Anvilogic once I started using it. I knew the quality of the team that was building this tool and it has been a great partnership and collaboration, and they have just been fantastic partners.

It has been a journey that we have jointly been on together. As we are building our program, we are partnering very closely with Anvilogic and pushing the threshold of detection engineering capabilities.

We are on a continuous journey together, and we are continuously trying to push and innovate new ways to push the threshold of detection engineering. We are only able to do many of these capabilities due to the partnership that we have with Anvilogic, where they are meeting what we need to continually push new innovative solutions.

I appreciate all the features of Anvilogic. Our usage of Anvilogic has evolved since onboarding. We originally started soft and focused really on the ETL process to bring data in. As we started getting data in, we began using the detection and correlation engine. As we got more advanced, we started using the threat scenario engine, and we have built many custom processes from that.

Anvilogic can be improved by adding the ability to do on-ingest detections. This is something that we have been having a conversation on for a short time now, but I am hopeful that they will have that in their future roadmap.

I have been using Anvilogic for just about three years.

I would assess the stability and reliability of Anvilogic as very good. There has been no downtime in the traditional sense, but it has all been scheduled downtime. We have had advanced notice, and there are no performance issues or crashes that we know of. Anytime we have been using the platform, it has been available.

Anvilogic scales effectively with the growing needs of my organization. We have not had any scaling issues thus far.

Just my team has access to Anvilogic, and that is by design.

I would evaluate their customer service and tech support as fantastic. We have had a great partnership. I would rate them a ten out of ten.

The need for something better first triggered when I joined the organization and started building the detection response program. I was familiar with the big name products, but I was looking to build something bleeding edge and next-gen. With Anvilogic, I knew the team, and I knew that it was a team of practitioners building this tool as opposed to one practitioner who hired software engineers to build the tool. I have experience consulting those types of products. I knew Anvilogic was being built by practitioners, which really motivated me to pursue the tool.

There has been a journey regarding how I justify things to leadership and how I convinced leadership to let me adopt Anvilogic. There was significant information and education that had to occur at the board level to get adoption and buy-in. As we have helped mature the education level of the board to embark on the journey, it became prevalent that we needed a solution and a partner that could keep up with the growing demand that we have in this particular space.

We are pure cloud based, and we run on top of Snowflake. The deployment was very simple. We were in the early phase for Snowflake, so there were a couple early implementation hiccups, but we partnered with Anvilogic on those, and that was kind of part of us being that early implementation partner. We paved the way for future Snowflake customers.

We started our journey with Anvilogic. I do not have the metrics to show in our current organization that could justify that, but the capability that we have on Anvilogic is unmatched to any other platform.

I considered Panther and Hunters before selecting Anvilogic. Originally, we would have considered Anvilogic, but they had not migrated or enabled the capability on Snowflake yet. We were actually in the 11th hour for signing a contract with Hunters when Anvilogic reached out to me and said they were testing a Snowflake capability and asked if we were willing to test it. We put together a time frame for a very quick POV. I knew the capability and the aptitude of this team and was very motivated to do so in a timely manner, and we were able to conclude our POV and determine it was a superior product before we signed the contract with Hunters.

If Anvilogic disappeared tomorrow, everything would break first.

I would rate Anvilogic a ten out of ten.