The Anomali Blog: Anomali posts

The Anomali Blog

Analysis and perspectives from the leading voice in threat intelligence.

Category: Anomali

John Callon
John Callon December 17, 2020

Anomali December Release: The Need for Speed

We are happy to announce the Anomali Quarterly Release for December 2020. For our product and engineering teams to deliver this latest set of features and enhancements, they worked closely with our customers with a particular eye to further improving the speed of threat intelligence operations. As organizations mature in their…

Elayne Hovsmith
Elayne Hovsmith September 21, 2018

Anomali Announces New Threat Platform and SDKs at Detect ‘18

Detect ‘18 began this year with keynote addresses from Hugh Njemanze and General Colin L. Powell, USA (Ret.). Anomali announced in their keynote the launch of a new Threat Platform and developer SDKs. The Anomali Threat Platform delivers a comprehensive threat detection, analysis, and response suite and is comprised of five…

Luis Mendieta
Luis Mendieta May 31, 2018

DreamBot Campaign Dreams Big

SummaryBeginning late April, Anomali Labs observed a phishing campaign distributing malicious documents containing macros to download DreamBot, a variant of Ursnif. The downloaded DreamBot payload turned out to be a stealthy keylogger, contrary to previously observed behavior from this malware family. The campaign, which lasted…

Travis Farral
Travis Farral March 1, 2018

Measuring the Effectiveness of Threat Feeds

We do a lot of important and sometimes complicated things as we try to defend organizations from cyber attacks. One thing that often gets left behind, or at least isn’t done as effectively as it could be, is measuring what we do and how well we do it. I think I’m speaking for more than just myself when I say that. I…

David Greenwood
David Greenwood February 14, 2018

Generating Your Own Threat Intelligence Feeds in ThreatStream

Getting threat intelligence into your existing security products - SIEMs, endpoints, network tools -- can significantly enhance their effectiveness and longevity. Here at Anomali we understand the value of product integrations, so much so that my entire job is to manage the 30+ we currently offer.Recently we launched a feature…

David Greenwood
David Greenwood October 26, 2017

What I’ve Learned as a Part-Time Cyber Threat Analyst Using Anomali Match

A few months ago I wrote a post detailing how Anomali Match helped me to identify a malware threat to my home network. Many have since emailed me asking how they can do the same (please keep them coming!).Since writing that post, my router has generated millions of logs that have been ingested by Anomali Match (thankfully still no…

David Greenwood
David Greenwood September 25, 2017

Give Splunk (And Your Security Team) A Helping Hand With Threat Intelligence

Performance is often one of the biggest gripes I hear from Splunk users. Even after spending time carefully architecting a distributed search environment, running it on top-of-the-range hardware, and carefully assigning user permissions, Splunk searches can still often run painfully slowly.This scenario is particularly true of…

Anissa Khalid
Anissa Khalid September 21, 2017

Addressing Threat Blindness

In just four years since launching Anomali we’ve seen Threat Intelligence become a standard element of enterprise security programs. Last week we published a Ponemon Institute report on “The Value of Threat Intelligence” (our 2nd year sponsoring this research) – in it we found:80%of enterprises now leverage…

Evan Wright
Evan Wright August 31, 2017

Hacker Tactics - Part 1: Domain Generation Algorithms

Coauthored by Evan Wright and Payton BushAdversaries are constantly changing and improving how they attack us. In this six-part series we'll explore new or advanced tactics used by threat actors to circumvent even the most cutting-edge defenses.What are DGAs?DGAs are code that programmatically produce a list of domain names.…

Subscribe to the Anomali Newsletter

Get the latest Anomali updates and cybersecurity news straight to your inbox each month.

Subscribe Now