Analysis and perspectives from the leading voice in threat intelligence.
We are happy to announce the Anomali Quarterly Release for December 2020. For our product and engineering teams to deliver this latest set of features and enhancements, they worked closely with our customers with a particular eye to further improving the speed of threat intelligence operations. As organizations mature in their…
The world may be on pause due to the COVID-19 pandemic, but threat actors haven’t slowed down. Don’t worry, neither has Anomali … Four years ago, we recognized that public and private sector organizations had developed a healthy appetite for solutions and strategies that could help them to improve their threat…
Detect ‘18 began this year with keynote addresses from Hugh Njemanze and General Colin L. Powell, USA (Ret.). Anomali announced in their keynote the launch of a new Threat Platform and developer SDKs. The Anomali Threat Platform delivers a comprehensive threat detection, analysis, and response suite and is comprised of five…
SummaryBeginning late April, Anomali Labs observed a phishing campaign distributing malicious documents containing macros to download DreamBot, a variant of Ursnif. The downloaded DreamBot payload turned out to be a stealthy keylogger, contrary to previously observed behavior from this malware family. The campaign, which lasted…
We do a lot of important and sometimes complicated things as we try to defend organizations from cyber attacks. One thing that often gets left behind, or at least isn’t done as effectively as it could be, is measuring what we do and how well we do it. I think I’m speaking for more than just myself when I say that. I…
Getting threat intelligence into your existing security products - SIEMs, endpoints, network tools -- can significantly enhance their effectiveness and longevity. Here at Anomali we understand the value of product integrations, so much so that my entire job is to manage the 30+ we currently offer.Recently we launched a feature…
A few months ago I wrote a post detailing how Anomali Match helped me to identify a malware threat to my home network. Many have since emailed me asking how they can do the same (please keep them coming!).Since writing that post, my router has generated millions of logs that have been ingested by Anomali Match (thankfully still no…
Performance is often one of the biggest gripes I hear from Splunk users. Even after spending time carefully architecting a distributed search environment, running it on top-of-the-range hardware, and carefully assigning user permissions, Splunk searches can still often run painfully slowly.This scenario is particularly true of…
In just four years since launching Anomali we’ve seen Threat Intelligence become a standard element of enterprise security programs. Last week we published a Ponemon Institute report on “The Value of Threat Intelligence” (our 2nd year sponsoring this research) – in it we found:80%of enterprises now leverage…
Coauthored by Evan Wright and Payton BushAdversaries are constantly changing and improving how they attack us. In this six-part series we'll explore new or advanced tactics used by threat actors to circumvent even the most cutting-edge defenses.What are DGAs?DGAs are code that programmatically produce a list of domain names.…
Get the latest Anomali updates and cybersecurity news straight to your inbox each month.
Subscribe Now