Anomali unveils new solutions and capabilities to strengthen cyber resiliency for users

Anomali unveiled new capabilities to extend an organization’s visibility across their entire internal and external digital footprint with an integrated risk assessment that protects against potential attacks.

With this quarterly platform update, Anomali introduced its Attack Surface Management solution and new capabilities that continue to deliver the most relevant, actionable intelligence about adversaries and the necessary tools Security Operation Centers (SOC) need to predict and protect against current and future attacks.

“Anomali has heard from customers that effective security starts with knowing where you are vulnerable to an attack – seeing yourself the way attackers do. With this release, Anomali continues to innovate, delivering unparalleled visibility, precision detection and insights that allow security professionals to defend against targeted threats,” said Mark Alba, CPO at Anomali. “Building on our existing Premium Digital Risk Protection offering, our unique Attack Surface Management provides comprehensive exposure management that enables security teams to map their digital footprint, understand targeted threats, attackers’ opportunities and prioritize on the remediation actions required to keep their organization secure and operational.”

The need for proactive security has never been more evident, with digital transformation fundamentally changing how organizations operate. Solving for the growing complexity of today’s changing threat landscape, Anomali has introduced new solutions and capabilities to help organizations become more proactive and decisive in protecting their organizations, while reducing overall risk and improving costs. Enhancements include:

Attack Surface Management

Provides visibility into all externally facing organizational managed and unmanaged assets. Using a unique combination of threat intelligence, asset discovery and threat detection, Anomali identifies exposures, determines if they have been exploited and provides the insights required to execute on risk-based remediation based on asset criticality, vulnerability, and attack severity.

In addition, with Anomali Match, organizations can prioritize their asset remediation based on real, detected threats to exposed assets. With this, they are able to assess the potential impact of the threat actors targeting organizations, their motivations for attacking and their tactics and techniques they use as they carry out an active campaign.

Together, Attack Surface Management, integrated into intelligence and threat detection management, enables Security Operation Centers (SOCs) to move from reactive security response to proactive security posture management.

Intelligence Channels

Tailored intelligence aligned with an organization’s prioritized intelligence requirements and threat themes, curated by The Anomali Threat Research team. The Malware Intelligence and Mobile Threat Defense channels, powered by Polyswarm, are currently available. Ready-to-go Intelligence Channels will also include Threat Actor Monitoring and TTPs; Brand and Domain Monitoring; Phishing and Fraudulent Activity; Infrastructure; Region or Sector-based Specific Threats; Social Media; Vulnerabilities and Exploits.

“Recent ESG Research showed that security operations have become more difficult at most organizations over the past few years, partly due to a growing attack surface,” said Jon Oltsik, Senior Principal Analyst and Fellow, Enterprise Strategy Group. “Anomali’s new solutions can help enterprise organizations take the next step in their journey toward SOC modernization.”

Additional enhancements with this platform release include:

Visualizations of attack flow patterns: Based upon its continued work with the MITRE Engenuity Center for Threat-Informed Defense, Anomali has implemented a new Attack Flow Library that provides an access point for MITRE Attack Flows to visualize the sequence of attack techniques in ThreatStream Cloud.

Anomali detection intelligence: Provides Actor, Malware, TTP & Vulnerability associations in addition to targeted industry/region information that enables high confidence detection, alert prioritization, and custom dashboards for tracking relevant threats to enhance investigation capabilities. Available for Anomali Match customers only.

Automated response: The first phase of our cross-platform response workflow provides a pre-defined set of response actions within The Anomali Platform that can be automatically distributed downstream to security controls (SIEMs, SOARs, EDRs, etc.).

Cloud XDR tooling: Gauge the volume of telemetry ingested and retained in Anomali Match Cloud to monitor usage.

Feeds health status: Monitors the health status of feed-based intelligence as it is ingested into Anomali ThreatStream to ensure reliable intelligence.

Share this