Anomali Marketplace

Connect with the Anomali CISO community

Anomali Preferred Partner Store

The only marketplace for threat intelligence, enrichments, and integrations.

Turnkey integrations with your existing security infrastructure

Anomali ThreatStream aggregates threat intelligence under one platform, providing an integrated set of tools to support fast, efficient investigations, and delivering "operationalized" threat intelligence into security controls at machine speed.

Interested in leveraging threat intelligence in your security solution? Become an Anomali Technology Partner and let's solve customer problems together!

SIEM Integrations

Add high-fidelity threat intelligence to event data in your SIEM so your SOC analysts can focus on the real threats rather than false positives. Anomali continuously gathers and risk-ranks threat intelligence (for severity and confidence) and delivers enriched, prioritized IoCs with threat context and relevance to your SIEM for monitoring and detection of security threats in your enterprise infrastructure.

Anomali's security operations ecosystem includes turnkey integrations with the leading SIEM and data lake solutions, including:

SOAR Integrations

SOAR tools give your SOC team the ability to automate and orchestrate the security incident response lifecycle. Anomali's threat intelligence and detection products tightly integrate with the industry's leading SOAR solutions, providing the triggers to initiate incident response and remediation, as well as to help incident response teams enrich, investigate and prioritize incidents with contextualized threat intelligence.

Integrated Anomali SOAR partners include:

Firewalls and Network Security Integrations

Firewalls and network security solutions – often regarded as the key to preventing malicious threats from penetrating your network – are tightly integrated with the Anomali ThreatStream platform. ThreatStream automatically delivers the high-fidelity threat intelligence of your choice to your network perimeter and security products to actively protect your users and assets and to minimize false positives.

Anomali network security solution partners with ready-to-deploy integrations include:

Endpoint Security Integrations

Focus on meaningful threats by combining real-time threat intelligence with event data in your endpoint detection and response deployment, allowing your security team to defend proactively and respond faster. In addition to the automated delivery of enriched and risk-ranked indicators to your protection services, integrated External Lookup gives your analysts needed information about alerts at their fingertips, taking them to Anomali ThreatStream intelligence details pages. From here, analysts are provided with all available context – and should an indicator be attributed to a specific actor group or campaign, ThreatStream will provide related observables and threat models which you need to be aware of to efficiently thwart attacks.

Anomali endpoint security solution partners with off-the-shelf integrations include:

Risk & Vulnerability Management Integrations

Integrate Anomali with your risk and vulnerability management platform to understand the health of your corporate assets and how adversaries might impact your business. Our integrations can help you understand how gaps in your security could be leveraged by an adversary to gain access to key assets, and focus your corrective actions before a breach event can take place. Automated, real-time delivery of critical, contextualized intelligence on the most relevant threat actors and their TTPs allows you to identify related control gaps or misconfigurations, then refine your security stack to reduce risk and increase assurance.

Anomali risk and vulnerability management solution partners with off-the-shelf integrations including:

Improve your detection and response capabilities

Organizations rely on Anomali to harness the power of threat intelligence to deliver effective extended detection and response (XDR) capabilities.