Anomali’s quarterly update empowers users to optimize and speed incident response

Anomali announced the availability of its quarterly portfolio update. New capabilities expand visibility for security operations analysts over a wider range of relevant threat intelligence and critical asset data, enable more precise threat detection, and empower users to optimize and speed incident response.

This new release supports customer demand for the adoption of extended detection and response (XDR) capabilities and elevated levels of cyber resilience.

“The COVID-19 pandemic and other market factors are forcing organizations to accelerate their digital transformation projects at a pace that cybersecurity programs aren’t fully prepared to contend with. This new reality is opening gaps that bad actors are taking advantage of with extreme aggression,” said Mark Alba, Anomali Chief Product Officer. “To help customers stop breaches and attackers, we continually innovate our product suite to empower them to detect, investigate, and respond to adversaries wherever they strike, and to lay a solid foundation that will keep them protected into the future.”

New product features available to Anomali customers include:

• Anomali Match 4.4 extends Anomali XDR capabilities to customers that don’t use the Anomali ThreatStream threat intelligence platform (TIP). With out-of-the-box, high-fidelity intelligence that includes quantitative IOCs and qualitative Actor, Campaign, Bulletin, and TTP reports, customers execute more accurate detection and increase response efficiency.
• Custom dashboards that align global threat intelligence with local SOC threat prioritization activities, providing customers with the flexibility to have what matters most to them readily available within their dashboard view.
• Industry news monitoring that leverages machine learning (ML) to determine global trends and to provide increased visibility into what’s going on across the entire threat landscape.
• Enhanced STIX 2.1 support with Custom Objects & Relationship Objects, to help improve the threat sharing process and make it easier for our customers to exchange relevant information.
• Support for MITRE ATT&CK Framework version 9.0 via Attack Patterns, emphasizing our continued support to integrate Anomali solutions into frameworks and processes our customers utilize.
• New additions, upgrades, and integrations, including a Visual Advanced Search Editor within Anomali ThreatStream that provides customers with visual feedback, and Lens integrations with Office 365.

“Attacks are becoming more frequent and sophisticated, a reality that is forcing organizations to expand access to information that can show them when and where adversaries are striking,” said Jon Oltsik, Senior Principal ESG Analyst and ESG Fellow. “Companies that can quickly identify and surface relevant threats will improve their detection and response capabilities exponentially, giving them an advantage over cyberthreats.”