BLOG

Category: ThreatStream

Anomali Enterprise Cyber Threat Intelligence Malware SIEM ThreatStream

What I’ve Learned as a Part-Time Cyber Threat Analyst Using Anomali Enterprise

A few months ago I wrote a post detailing how Anomali Enterprise helped me to identify a malware threat to my home network. Many have since emailed me asking how they can do the same (please keep them coming!).Since writing that post, my router has generated millions of logs...
Read More


Cyber Threat Intelligence SIEM Splunk ThreatStream

ThreatStream Matches As Notable Events in Splunk? Here’s How…

In a previous post I showed how the Anomali ThreatStream Splunk app can integrate with Splunk's own Enterprise Security app to provide analysts with familiar and powerful investigation workflows. Since the post was published I've received a number of emails from the Anomali community asking;...
Read More


Cyber Threat Intelligence Splunk Threat Intelligence Platform ThreatStream

Automate Your Workflows With Threat Intelligence Alerts in Slack

Recently, I was speaking to a friend who is using the popular messaging app, Slack, to help run the Security Operations Centre (SOC) at his organisation. Not only have they have setup alerts that feed from their security tools into Slack, but the analysts can run queries against these tools,...
Read More


Malware ThreatStream

Halt the Sidecar Bear’s infrastructure with Intel 471 and Anomali Threatstream

By Mark Arena, Intel 471 and Travis Farral, AnomaliWe’ve all seen the research into Fancy Bear (aka APT28, Sofacy etc) which is likely a group sponsored by or a part of the Russian government. They even have their own website. Research into these groups is predominantly reactive.Typical...
Read More


Cyber Threat Intelligence SIEM Splunk ThreatStream

Proactively monitor your network against attacks using our FREE Threat Intelligence in Splunk

A few weeks ago I showed how to use the Anomali ThreatStream Splunk App to hunt known actors that had been observed trying to access your environment, and in some cases where they were already inside.For those who are not yet ThreatStream customers, do not fear. Our...
Read More


Cyber Threat Intelligence SIEM Splunk Threat Intelligence Platform ThreatStream

Malicious Actors Inside Your Network? Here’s How To Find Them.

As an analyst, context is key.With hundreds, often thousands, of security incidents raised by modern SIEM products it can make the process of triaging the most serious of them incredibly difficult. Adding context to events that form a security incident can help investigations by reducing both time and effort....
Read More


Anomali Enterprise ThreatStream

Anomali Opens New Office in Belfast, Ireland

One of the biggest challenges that comes with delivering a popular product is managing the associated growth. Anomali has experienced tremendous growth each year since its founding in 2013. As Anomali continues to grow in Europe, it only makes sense to increase our presence to serve that market.“Anomali has...
Read More


Cyber Threat Intelligence Threat Intelligence Platform ThreatStream

Passive DNS Analytic Use Cases in ThreatStream

As mentioned in our previous blogpost on passive DNS (PDNS), ThreatStream recently added passive DNS to its Optic™ Platform.  Passive DNS is a technique for capturing, storing, and indexing DNS queries and responses to enable forensic search, discovery, and analysis over historic DNS records.  It enables analysts...
Read More


Cyber Threat Intelligence Threat Intelligence Platform ThreatStream

Introduction to Passive DNS Usage in ThreatStream

As most seasoned security and forensics analysts know, passive DNS (PDNS) is incredibly useful for discovering new relationships between IP addresses and domain names when researching or triaging a new network Indicator of Compromise (IoC).  Passive DNS is a technique for capturing, storing, and indexing DNS queries and responses...
Read More


Cyber Threat Intelligence SIEM Threat Intelligence Platform ThreatStream

ThreatStream OPTIC Maltego Integration

  ThreatStream LABS is excited to announce the capability for ThreatStream customers to utilize OPTIC's extensive intelligence database from within Paterva's Maltego Data and Link visualization tool using our new Maltego transforms.  These transforms allow users to enrich entities and expand on indicators of warning (IOW)...
Read More


Threat Intelligence Platform ThreatStream

Buckle Up

Today is a huge day for ThreatStream. Just under two years ago we entered the market with a simple idea: to properly defend your network from cyber threats you have to know who is attacking you. Most companies operate without this knowledge, but ThreatStream is essentially changing this paradigm with...
Read More


Cyber Threat Intelligence Threat Intelligence Platform ThreatStream

ThreatStream: A New Approach

Listen to ThreatStream CEO, Hugh Njemanze discuss the growth of threat intelligence and how ThreatStream differentiates itself from others in the industry.
Read More


ThreatStream

Threat Stream Launches next-gen Threat Intelligence Platform

Greetings Threat Stream community,We are pleased to announce that we have successfully launched the next version of the Threat Stream Threat Intelligence Platform. By working closely with the community of users we have not only enhanced the look and feel of the platform but have added valuable features allowing...
Read More


Cyber Threat Intelligence ThreatStream

Chinese Hackers Pilfer US Military Crown Jewels

A new leaked report has recently exposed Chinese sponsored cyber attacks have resulted in the theft of top US military technologies such as (but not limited to):Terminal High Altitude Area Defense Patriot Advanced Capability-3 Extended Area Protection and Survivability System (EAPS) F-35 V-22 Aegis Ballistic Missile Defense System USMC...
Read More



Get the latest threat intelligence news in your email.