Learn How a Virtual Networking Approach Can Strengthen the Security of Federal Networks REGISTER >
See the complete list of top threat intelligence companies.
Anomali was created in 2013 and has since grown to 200+ employees. It is privately held with several venture capital investors. It has offices in Redwood City, Belfast, Boston, London and Germany. Anomali's series C funding raised $30 million in 2016, raising the total funding to more than $56 million since launching in 2013.
The Anomali suite of threat intelligence solutions is said to empower organizations to detect, investigate and respond to active cybersecurity threats. Its ThreatStream threat intelligence platform aggregates and optimizes millions of threat indicators, creating a "cyber no-fly list." Anomali integrates with internal infrastructure to identify new attacks, searches forensically over the past year to discover existing breaches, and enables security teams to quickly understand and contain threats. Anomali also offers STAXX, a free tool to collect and share threat intelligence, and provides a free, out of the box intelligence feed, Anomali Limo.
- data collection from multiple sources and formats
- normalization, enrichment, de-duplication of data, and removal of false positives
- integration with security tools such as SIEMs, firewalls, IPS, endpoints, etc.
- workflows and functionalities to analyze and share data
- brand monitoring (automatic search for typosquatted domains & compromised credentials)
- sandboxing (research malicious indicators directly within the ThreatStream platform)
- extracting data from suspected phishing emails for immediate blocking
"Anomali ThreatStream is a central platform for collecting, managing, and sharing threat intelligence," said Payton Bush, Product Marketing Manager at Anomali. "Integration with common security solutions ensures that organizations can identify and respond to the threats relevant to their environment."
Anomali ThreatStream does not use agents.
Markets and Use Cases
Bush said Anomali provides value for any organization across any industry vertical that is looking to leverage threat intelligence. Anomali's ThreatStream Platform is used by 30% of the Fortune 100. Current customers also include 4 out of 5 major U.S. banks, as well as the Bank of England.
ThreatStream consumes both structured and unstructured data from hundreds of threat intelligence feeds, processing millions of Indicators of Compromise (IOCs).
Anomali has a SOC2 Type I certification.
Anomali's ThreatStream platform utilizes MACULA, a machine learning algorithm, to score and weight indicators and remove false positives. The ThreatStream platform automates traditionally manual data curation tasks. It also integrates with other security products, including SIEMs, firewalls, endpoint products and more.
ThreatStream is available as a SaaS, on-premises, or hybrid solution. With the hybrid solution, customers can pull information down from the cloud without any of the data that they personally manage leaving their network.
Pricing for the ThreatStream Platform varies based on the customer environment.
Free Security Resources
Detect and Investigate Malicious IP Activities in SIEM with Predictive Threat Intelligence
You already know how good Splunk is at correlating and analyzing operational data. But did you know that when you combine real-time, predictive threat intelligence with your IP logs, Splunk can actually alert you to perimeter attacks and accelerate the discovery and response to advanced online attacks?
- Continuously monitor and analyze over 4.3 billion IP addresses and affiliated IPs, URLs, files and mobile apps for highly accurate, actionable, real-time intelligence
- Identify IPs with a history of malicious behavior and predict which IPs pose a greater risk of a future attack
- Integration is fast, easy and will help your SIEM deliver greater depth and security insight into threats than you ever imagined possible