As the holiday season approaches, our team is working hard to bring holiday joy to you with enhancements and features to Anomali’s suite of intelligence-driven XDR solutions.
We are excited to announce the November 2021 quarterly product release updates.
The main highlights of this quarter are:
- Anomali Match Cloud Deployment Availability
- New Anomalous Targeted Threat Monitoring Feed
- Intelligence Initiative Improvements
- Unified App Store Management
- STIXX TAXII 2.1 service support
Cloud Beta Match
According to a Gartner study, by 2025, a whopping 85% of enterprises will adopt the cloud-first principle. This is not surprising, as the pandemic is causing business organizations to shift priorities and focus as digital transformation initiatives increase.
Anomali has been at the forefront of cloud security, starting with ThreatStream, a threat intelligence management solution. We are excited to continue to innovate in cloud security by introducing a cloud-native deployment option for Match, Anomali’s extended detection and response (XDR) engine.
Anomali Match empowers organizations to quickly detect and respond to threats in real time to block breaches and attackers. Match provides precision attack detection that enables security teams to pinpoint relevant threats, understand their importance, and prioritize responses. By offering Match through a cloud-native deployment, customers can benefit from all the benefits of XDR with reduced total cost of ownership (TCO) as Anomali updates and manages an expanding IOC repository, enhancements, integrations, new versions and overall platform performance. can enjoy.
Match and ThreatStream are key components of Anomali’s Cloud XDR platform. Find out more about Anomali’s upcoming XDR platform launch.
Anomaly Targeted Threat Monitoring
Organizations face a constant threat from sophisticated threat actors who use phishing and other forms of social engineering to target employees and customers. According to the FBI, 6.95 million new phishing and scam pages were created in 2020. Security teams need to help them cope with the ever-changing threat landscape to protect their brands from these targeted attacks.
Anomali Targeted Threat Monitoring is a new intelligence feed focused on targeted domain attacks, giving analysts the automated threat intelligence they need to respond quickly and effectively. By bringing the identified domains and compromised credentials into ThreatStream and operating them, they provide visibility and rich intelligence to your security team to fully protect your assets, as well as increase efficiency by operating this targeted intelligence within ThreatStream.
For more information, visit the Anomali App Store or contact your Customer Success Manager.
Improvements in Intelligence Initiatives
In our quarterly release in August, we announced an intelligence initiative, allowing our customers to track their organization’s goals and objectives within ThreatStream. The goal of the intelligence initiative is to enable organizations to integrate the Cyber Threat Intelligence (CTI) lifecycle as part of their work processes to better understand and value the efforts of their teams while providing a foundation on which to work towards organizational and risk-oriented goals. will be
This release extends the intelligence initiative to support rules that now incorporate observables, threat models, and rule matching. We’ve also added an out-of-the-box dashboard with new widgets highlighting key metrics to give executives an immediate overview of the initiatives their threat intelligence team is currently working on.
Intelligence initiatives are a great way to increase the value of your Anomali investment and efficiency within your organization. Contact your Customer Success Manager to learn more.
Unified App Store Management
The Anomali team has been working hard to simplify the way users view current intelligence sources and make it easy for users to try out new products on ThreatStream.
At the heart of the ThreatStream platform are intelligence sources, including feeds and enrichment sources. In this month’s release, we migrated Enrichments to the APP Store, allowing users to provision, update, and manage all their intelligence sources in one clear, simple view.
This improved user navigation experience makes the activation process smoother and easier to manage. Additional improvements including health and stats will be coming soon.
ThreatStream STIX TAXII 2.1 Server Support
TAXII™ (Trusted Automated Exchange of Intelligence Information) is an application protocol for exchanging intelligence over HTTPS. ThreatStream hosts TAXII server instances that can share observables with external applications, allowing out-of-the-box integration with products that consume security controls and other threat intelligence.
This release updates STIX TAXII server support to the latest standard (v2.1) so that any application or product that wants to collect metrics using the TAXII 2.1 client can receive the intelligence without problems.
Resilience starts here.
Anomali continues to innovate with intelligence-driven XDR solutions and capabilities that provide security from intelligence to detection in seconds to deliver the cyber resilience organizations need.
Check out our new video for more details.
Contact your Customer Success Manager if you have any questions until next quarter.
Have a nice holiday!
Learn more about STIX/TAXII.
Learn more about the Threat Intelligence Platform.