The Anomali Blog: ThreatStream posts

The Anomali Blog

Analysis and perspectives from the leading voice in threat intelligence.

Category: ThreatStream

Anomali Threat Research
Anomali Threat Research December 29, 2020

Anomali ThreatStream Sunburst Backdoor Custom Dashboard Provides Machine Readable IOCs Related To SolarWinds Supply Chain Attack

SolarWinds, a provider of IT management and monitoring software deployed by thousands of global customers, was breached between March and June of 2020 by an Advanced Persistent Threat (APT) that cybersecurity company FireEye is tracking as UNC2452. As part of the supply chain attack, the APT compromised the company’s Orion…

Kris Palmer
Kris Palmer July 12, 2018

The Gamer Theory of Threat Hunting

Teamwork. Determination. Satisfaction. Video gaming missions provide us with an escape from reality that is often viewed as simple and relaxing. However, the dedication required to conquer these complex missions goes largely unnoticed. The copious, and often draining, amounts of effort and cooperation applied to these missions is…

Dan Katz
Dan Katz May 10, 2018

Seven Characteristics of a Successful Threat Intelligence Program

For every enterprise Threat Intelligence Program, there is a fine line between success, neglect, and failure. But what defines the success of a Threat Intelligence Program? The definitions of that success can vary greatly depending on the nature of the organization. Given the varying sizes, technologies, and skill levels of team…

David Greenwood
David Greenwood April 5, 2018

Introducing the Newly Certified ThreatStream QRadar App

Here at Anomali we have over 30 out-of-the box integrations, from SIEMs to endpoints and everything in between. Our QRadar integration is one of our most popular.The QRadar app and Content Pack available to ThreatStream customers provide security analysts visibility into threats within their network by matching and enriching log…

Intel Acquisition Team
Intel Acquisition Team February 22, 2018

A Timeline of APT28 Activity

APT28 (aka Fancy Bear, aka Pawn Storm, aka Sednit, aka Sofacy, aka Group 74, aka Sednit, aka Sofacy, aka Strontium, aka Threat Group-4127) finds its way into the news with some regularity. Most recently the group claimed to have released documents from the International Luge Federation. APT28 is probably best known for its attacks…

Subscribe to the Anomali Newsletter

Get the latest Anomali updates and cybersecurity news straight to your inbox each month.

Subscribe Now