Systems, methods and products for determining the trustworthiness of anonymous sensors, including a sensor health check, a data ballpark check, a reputation comparison, and optional “last resort” procedures. The sensor health check examines sensor operating parameters to see if they fall within an envelope of expected values. If not, the sensor is unhealthy and is not trusted. The data ballpark check determines whether the sensor's traffic data falls within a predefined envelope of values. If the sensor is healthy and the traffic is within expected ranges, the sensor is trusted. If the traffic data is outside expected ranges, the reputation comparison, determines whether IP addresses, domains or other IOCs in the traffic data are found in the reputation list which may corroborate the traffic as trustworthy because it represents malicious or not-in-the-wild traffic. “Last resort” procedures may include applying safelists/blocklists, signature controls etc. to verify sensor/data trustworthiness.