dcsimg

Anomali ThreatStream: Threat Intelligence Product Overview and Insight

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Email  

See the complete list of top threat intelligence companies.

Company Description

Anomali was created in 2013 and has since grown to 200+ employees. It is privately held with several venture capital investors. It has offices in Redwood City, Belfast, Boston, London and Germany. Anomali's series C funding raised $30 million in 2016, raising the total funding to more than $56 million since launching in 2013.

Product Description

The Anomali suite of threat intelligence solutions is said to empower organizations to detect, investigate and respond to active cybersecurity threats. Its ThreatStream threat intelligence platform aggregates and optimizes millions of threat indicators, creating a "cyber no-fly list." Anomali integrates with internal infrastructure to identify new attacks, searches forensically over the past year to discover existing breaches, and enables security teams to quickly understand and contain threats. Anomali also offers STAXX, a free tool to collect and share threat intelligence, and provides a free, out of the box intelligence feed, Anomali Limo.

Features include:

  • data collection from multiple sources and formats
  • normalization, enrichment, de-duplication of data, and removal of false positives
  • integration with security tools such as SIEMs, firewalls, IPS, endpoints, etc.
  • workflows and functionalities to analyze and share data
  • brand monitoring (automatic search for typosquatted domains & compromised credentials)
  • sandboxing (research malicious indicators directly within the ThreatStream platform)
  • extracting data from suspected phishing emails for immediate blocking

"Anomali ThreatStream is a central platform for collecting, managing, and sharing threat intelligence," said Payton Bush, Product Marketing Manager at Anomali. "Integration with common security solutions ensures that organizations can identify and respond to the threats relevant to their environment."

Agents

Anomali ThreatStream does not use agents.

Markets and Use Cases

Bush said Anomali provides value for any organization across any industry vertical that is looking to leverage threat intelligence. Anomali's ThreatStream Platform is used by 30% of the Fortune 100. Current customers also include 4 out of 5 major U.S. banks, as well as the Bank of England.

Applicable Metrics

ThreatStream consumes both structured and unstructured data from hundreds of threat intelligence feeds, processing millions of Indicators of Compromise (IOCs).

Security Qualifications

Anomali has a SOC2 Type I certification.

Intelligence

Anomali's ThreatStream platform utilizes MACULA, a machine learning algorithm, to score and weight indicators and remove false positives. The ThreatStream platform automates traditionally manual data curation tasks. It also integrates with other security products, including SIEMs, firewalls, endpoint products and more.

Delivery

ThreatStream is available as a SaaS, on-premises, or hybrid solution. With the hybrid solution, customers can pull information down from the cloud without any of the data that they personally manage leaving their network.

Pricing

Pricing for the ThreatStream Platform varies based on the customer environment.

Submit a Comment

Loading Comments...