As the holiday season approaches, our team has been working hard to bring holiday joy with enhancements and features to Anomali’s suite of intelligence-driven XDR solutions.
We’re excited to announce our quarterly product release update for November 2021.
Key highlights for this quarter include:
- Anomali Match Cloud Deployment Availability
- New Anomali Targeted Threat Monitoring Feed
- Enhancements to Intelligence Initiatives
- Unified App Store Management
- STIXX TAXII 2.1 Service Support
Match Cloud Beta
According to Gartner research, a whopping 85% of enterprises will adopt a cloud-first principle by 2025. That’s not surprising, as the pandemic increased digital transformation plans, leading enterprise organizations to shift their priorities and focus.
Anomali has been at the forefront of cloud security, beginning with ThreatStream, our threat intelligence management solution. We’re excited to continue innovating in cloud security by introducing a cloud-native deployment option for Match, Anomali's extended detection and response (XDR) engine.
Anomali Match helps organizations quickly detect and respond to threats in real-time to stop breaches and attackers. Match provides precision attack detection that enables security teams to pinpoint relevant threats, understand their criticality, and prioritize response. By offering Match via cloud-native deployment, customers receive all the advantages XDR delivers along with reducing total cost of ownership (TCO), as Anomali updates and manages the expanding IOC repository, enhancements, integrations, new versions, and overall platform performance.
Match and ThreatStream are key components of Anomali’s Cloud XDR platform. Look for more information on the launch of Anomali’s XDR platform coming soon.
Anomali Targeted Threat Monitoring
Organizations face constant threats from sophisticated threat actors using phishing and other forms of social engineering to target their employees and customers. According to the FBI, 6.95 million new phishing and scam pages were created in 2020. Security teams need help keeping up with the ever-changing threat landscape to help defend their brand against these targeted attacks.
Anomali Targeted Threat Monitoring is a new intelligence feed focused on targeted domain attacks, providing analysts with the automated threat intelligence they need to respond quickly and effectively. Identified domains and compromised credentials are imported into ThreatStream and operationalized, providing security teams with visibility and enriched intelligence to fully protect their assets, as well as increased efficiencies by operationalizing this targeted intelligence within ThreatStream.
Visit the Anomali App Store or reach out to your Customer Success Manager for more information.
Enhancements to Intelligence Initiatives
In the August quarterly release, we announced Intelligence Initiatives, enabling customers to track their organizational goals and objectives within ThreatStream. The goal of Intelligence Initiatives is to provide a foundation for organizations to integrate the CTI (Cyber Threat Intelligence) lifecycle as part of their working process to better understand and value their team’s effort while working toward organizational and risk-oriented goals.
With this release, we’ve expanded Intelligence Initiatives to now support observables, threat models, and rules incorporating rule matches. We’ve also added more out-of-the-box dashboards with new widgets that highlight key metrics to give management an immediate overview of current Initiatives being worked on by their threat intelligence teams.
Intelligence Initiatives are a great way to increase the value of your investment with Anomali and the efficiencies within your organization. Reach out to your Customer Success Manager to learn more.
Unified App Store Management
The Anomali team has been working hard to simplify how users view current intelligence sources, as well as trial new offerings effortlessly in ThreatStream.
At the core of the ThreatStream platform are intelligence sources - including feeds and enrichment sources. In this month's release, we’ve migrated Enrichments to the APP Store, enabling users to provision, update and manage all their intelligence sources in one clear and simple view.
This enhanced user navigation experience makes the activation process more seamless and manageable. Look for additional enhancements, including health and statistics, coming soon.
ThreatStream STIX TAXII 2.1 Server Support
Trusted Automated Exchange of Intelligence Information (TAXII™) is an application protocol for exchanging intelligence over HTTPS. ThreatStream hosts a TAXII server instance that enables the sharing of observables with external applications, enabling out-of-the-box integration with security controls and other threat intelligence-consuming products.
In this release, we’ve updated STIX TAXII server support to the latest standard (v2.1), ensuring that any applications or products attempting to gather indicators using a TAXII 2.1 client will be able to receive intelligence without issue.
Resilience starts here.
Anomali continues to innovate, with intelligence-driven XDR solutions and capabilities that take security from intelligence to detection in seconds to deliver the cyber resilience organizations need.
Check out our new video to learn more.
Until next quarter, reach out to your Customer Success Manager with any questions.