The Anomali suite of threat intelligence solutions empowers organizations to detect, investigate and respond to active cybersecurity threats. Anomali integrates with internal infrastructure to identify new attacks and enables security teams to quickly understand and contain threats.
Products and Services
- Distribution of Information
- Anomali’s ThreatStream and STAXX products both support secure, two-way sharing within organizations and with external parties. Both platforms support the STIX and TAXII standards for sharing threat intelligence data. With Trusted Circles sharing in ThreatStream, TLP settings are used to ensure members of Trusted Circles gain access to critical intelligence in real-time while still protecting their organizations’ proprietary or sensitive data.
- Technology Platforms
- Anomali ThreatStream is a Threat Intelligence Platform (TIP) designed to help organizations collect, manage, and operationalize threat intelligence. Integrations with internal security systems and an analyst workbench provide security teams with the tools to effectively block, investigate, and respond to alerts.
- Threat Management and Analysis
- Anomali ThreatStream seamlessly integrates with SIEMs, endpoint products, perimeter security platforms, as well as a variety of threat intelligence providers to deliver a contextualized and prioritized view of threats to an organization. Analysis tools like PassiveDNS, WHOIS, and a built-in malware sandbox provide a platform for quickly and accurately assessing and responding to threats.