Anomali Altitude automates detection, analysis, and threat response

Anomali, a leader in intelligence-driven cybersecurity solutions, unveiled the Anomali Altitude platform.

The Anomali Altitude platform delivers Anomali Lens, Anomali ThreatStream, and Anomali Match. The integrated product suite allows customers to automate detection, analysis, and response for high-priority external and internal threats.

Anomali Lens

This first-of-its-kind technology allows anyone, from security operations staff to board members, to automatically and immediately know if their organizations are being attacked, who adversaries are, and if the attacks have been successful. With these key security questions answered, users can make effective decisions about how to respond.

With one click, Anomali Lens scans web-based content, detects and highlights all threats identified within, provides easy-to-understand details about the threats, and tells users if any threats are already present in their networks.

Web content Anomali Lens scans includes news, blogs, research, bulletins, SIEM logs, other security logs, IR reports, Twitter and other social networks.

Automated threat bulletins created by Anomali Lens are added to Anomali ThreatStream. These can then be shared across organizations, among trusted circles, and ISACs. Bulletins can be directly integrated into security controls for immediate blocking, detection, and mitigation.

Anomali Lens is supported by advanced natural language processing (NLP) and context-aware detection. Currently deployed as a browser plugin, it will soon be available for mobile devices.

Anomali Match

Anomali Match integrates cyber threat intelligence, MISP data, OSINT, SIEM logs, vulnerability assessment tools, and other big data sources to match billions of IOCs and threats against any that are present in customers’ networks.

By providing automated, retrospective analysis for extended periods, users detect threats and compromises that have been present for short and long durations. Anomali Match replaces Anomali Enterprise and includes all of that solution’s former capabilities. Several new features and benefits include:

• Enhanced machine learning for DGA – New deep learning capabilities enable 90 percent-plus accuracy for Domain Generation Algorithm (DGA) detection
• Big data support with Elasticsearch – Integration provides retrospective analysis for high volumes of threat data spanning a year or more
• Anomali Match analysis dashboard – New visual representations optimize the use of multiple threat feeds
• Anomali Match stand alone – Automated, direct importation of data from MISP and other sources improves threat scoring and enrichment
• Anomali lens – Integration provides immediate confirmation of when threats are present in networks

Anomali ThreatStream

Our threat intelligence platform (TIP) integrates threat data from the widest range of feeds to create actionable threat intelligence.

Anomali ThreatStream is the foundation for the new Anomali Preferred Partner Program. Six partners that have joined the program are now providing complementary threat feeds. These include Flashpoint, ReversingLabs, DomainTools, Farsight, Intel471, and Sixgill.

“Any business that can find answers hidden in massive volumes of data has a competitive advantage. When it comes to cybersecurity, organizations that can make sense of what billions of cyber threat indicators mean can make decisions that will give them a defensive edge,” said Hugh Njemanze, CEO, Anomali.

“We’ve brought a platform to market that allows customers to harness threat data, information and intelligence to drive effective cybersecurity decisions, a capability that tips the scales in their favor.”

“The most sure-fire way to lose a battle is to go into it without knowing anything about your enemy. Organizations that aren’t using advanced levels of cyber threat intelligence are going to continually fall short in their efforts to defend their networks,” said Richard Stiennon, IT-Harvest chief research analyst and noted cybersecurity author.

“As a pioneer of cyber threat intelligence, Anomali helped take the practice mainstream with its early platform. It is now introducing a new generation of solutions to the market that will allow its customers to effectively leverage adversarial intelligence.”