PRODUCTS
Agentic SOC Platform Overview
Unifies threat intelligence, security data, and agentic AI into a single platform, enabling SOC and CTI teams to collaborate seamlessly. Teams gain context and AI-guided workflows to detect hidden threats, prioritize high-risk incidents, and respond faster.
Agentic SOC Platform Overview
Agentic SOC Platform Overview
Products
Unified Security Data Lake
Complete visibility, AI-guided insights, and unified workflows to detect, investigate, and respond at machine speed.
Unified Security Data Lake
Unified Security Data Lake
ThreatStream Next-Gen
The industry’s leading threat intelligence platform (TIP) that provides curated access to the world’s largest repository of curated threat intelligence.
ThreatStream Next-Gen
ThreatStream Next-Gen
Agentic AI
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Agentic AI
Agentic AI
Use Cases
Compliance
All-in-one ETL, SIEM, XDR, UEBA, and SOAR for blazing fast threat detection, investigation, and response.
Compliance
Compliance
Threat Detection
The industry’s leading threat intelligence platform (TIP) that provides curated access to the world’s largest repository of curated threat intelligence.
Threat Detection
Threat Detection
Investigation and Response
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Investigation and Response
Investigation and Response
Threat Hunting
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Threat Hunting
Threat Hunting
Threat Analysis
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Threat Analysis
Threat Analysis
Intelligence Distribution
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Intelligence Distribution
Intelligence Distribution
Capabilities
Threat Intelligence (TIP)
All-in-one ETL, SIEM, XDR, UEBA, and SOAR for blazing fast threat detection, investigation, and response.
Threat Intelligence (TIP)
Threat Intelligence (TIP)
SIEM
The industry’s leading threat intelligence platform (TIP) that provides curated access to the world’s largest repository of curated threat intelligence.
SIEM
SIEM
Agentic AI
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Agentic AI
Agentic AI
SOAR
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
SOAR
SOAR
XDR
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
XDR
XDR
USE CASES
Unified Security Data lake
Compliance
All-in-one ETL, SIEM, XDR, UEBA, and SOAR for blazing fast threat detection, investigation, and response.
Compliance
Compliance
Threat Detection
The industry’s leading threat intelligence platform (TIP) that provides curated access to the world’s largest repository of curated threat intelligence.
Threat Detection
Threat Detection
Investigation and Response
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Investigation and Response
Investigation and Response
Threat Hunting
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Threat Hunting
Threat Hunting
ThreatStream Next-Gen
Threat Detection
The industry’s leading threat intelligence platform (TIP) that provides curated access to the world’s largest repository of curated threat intelligence.
Threat Detection
Threat Detection
Investigation and Response
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Investigation and Response
Investigation and Response
Threat Hunting
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Threat Hunting
Threat Hunting
Threat Analysis
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Threat Analysis
Threat Analysis
Intelligence Distribution
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Intelligence Distribution
Intelligence Distribution
Agentic AI
Reason and Act
All-in-one ETL, SIEM, XDR, UEBA, and SOAR for blazing fast threat detection, investigation, and response.
Reason and Act
Reason and Act
Model Context Protocol
The industry’s leading threat intelligence platform (TIP) that provides curated access to the world’s largest repository of curated threat intelligence.
Model Context Protocol
Model Context Protocol
Marketplace
The Anomali Marketplace
A unique cybersecurity marketplace providing instant access to a growing catalog of threat intelligence providers, integration partners, and threat analysis tools.
The Anomali Marketplace
The Anomali Marketplace
Threat Intelligence Feeds
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Threat Intelligence Feeds
Threat Intelligence Feeds
Threat Analysis Tools and Enrichments
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
Threat Analysis Tools and Enrichments
Threat Analysis Tools and Enrichments
Security System Partners
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Security System Partners
Security System Partners
SDKs
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
SDKs
SDKs
RESOURCES
Explore Resources
Dive into the latest cybersecurity and threat intelligence news, tips, and insights through our library of articles, webinars, datasheets, industry reports, case studies, and more.
Explore Resources
Explore Resources
Global InfoSec Awards
Anomali scores triple win for SIEM, SecOps, and TIP
SIEM Optimization
Optimize SIEM with an intelligence-native approach built for speed, scale, and action.
STAXX
Your free STIX/TAXII solution
Explore
Blog
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Blog
Blog
Case Studies
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Case Studies
Case Studies
Glossary
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Glossary
Glossary
Engage
Webinars
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Webinars
Webinars
Events
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Events
Events
Demos and Videos
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Demos and Videos
Demos and Videos
Learn
What is a Threat Intelligence Platform (TIP)?
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
What is a Threat Intelligence Platform (TIP)?
What is a Threat Intelligence Platform (TIP)?
What is MITRE ATT&CK?
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
What is MITRE ATT&CK?
What is MITRE ATT&CK?
What is Threat Intelligence?
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
What is Threat Intelligence?
What is Threat Intelligence?
What are STIX/TAXII?
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
What are STIX/TAXII?
What are STIX/TAXII?
What is Security Analytics?
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
What is Security Analytics?
What is Security Analytics?
Company
About Anomali
Anomali is a revolutionary AI-Powered security and IT Operations Platform that is the first and only solution to bring together security operations and defense capabilities into one proprietary cloud-native big data solution.
About Anomali
About Anomali
Press Room
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Press Room
Press Room
Gartner Reviews
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
Gartner Reviews
Gartner Reviews
Awards
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
Awards
Awards
Leadership
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Leadership
Leadership
Careers
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
Careers
Careers
Contact Us
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
Contact Us
Contact Us
Partners
Partners Overview
Anomali is dedicated to fostering strong partnerships, ensuring shared success and growth through collaborative innovation and mutual support.
Partners Overview
Partners Overview
Partner Directory
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Partner Directory
Partner Directory
Channel Partners
We help MSSPs, resellers, system integrators, and distributors enable their customers with accelerated investigation and response, improved visibility, and automated SOC operations.
Become Channel Partner
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Become Channel Partner
Become Channel Partner
Partner Portal
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Partner Portal
Partner Portal
Technology Alliance Partners
We offer a robust set of APIs and Sales Development Kits (SDKs) to seamlessly integrate with other technologies and help deliver better business outcomes for customers.
Become Technology Alliance Partner
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Become Technology Alliance Partner
Become Technology Alliance Partner
Threat Intel Sharing
We offer the leading global threat sharing platform for ISACs, ISAOs, industry groups, holding companies, and other threat intel sharing communities seeking to power secure collaboration.
Become An Intel Sharing Partner
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Become An Intel Sharing Partner
Become An Intel Sharing Partner

Schedule a Demo

PRODUCTS
Agentic SOC Platform Overview
Unifies threat intelligence, security data, and agentic AI into a single platform, enabling SOC and CTI teams to collaborate seamlessly. Teams gain context and AI-guided workflows to detect hidden threats, prioritize high-risk incidents, and respond faster.
Agentic SOC Platform Overview
Agentic SOC Platform Overview
Products
Unified Security Data Lake
Complete visibility, AI-guided insights, and unified workflows to detect, investigate, and respond at machine speed.
Unified Security Data Lake
Unified Security Data Lake
ThreatStream Next-Gen
The industry’s leading threat intelligence platform (TIP) that provides curated access to the world’s largest repository of curated threat intelligence.
ThreatStream Next-Gen
ThreatStream Next-Gen
Agentic AI
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Agentic AI
Agentic AI
Use Cases
Compliance
All-in-one ETL, SIEM, XDR, UEBA, and SOAR for blazing fast threat detection, investigation, and response.
Compliance
Compliance
Threat Detection
The industry’s leading threat intelligence platform (TIP) that provides curated access to the world’s largest repository of curated threat intelligence.
Threat Detection
Threat Detection
Investigation and Response
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Investigation and Response
Investigation and Response
Threat Hunting
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Threat Hunting
Threat Hunting
Threat Analysis
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Threat Analysis
Threat Analysis
Intelligence Distribution
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Intelligence Distribution
Intelligence Distribution
Capabilities
Threat Intelligence (TIP)
All-in-one ETL, SIEM, XDR, UEBA, and SOAR for blazing fast threat detection, investigation, and response.
Threat Intelligence (TIP)
Threat Intelligence (TIP)
SIEM
The industry’s leading threat intelligence platform (TIP) that provides curated access to the world’s largest repository of curated threat intelligence.
SIEM
SIEM
Agentic AI
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Agentic AI
Agentic AI
SOAR
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
SOAR
SOAR
XDR
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
XDR
XDR
USE CASES
Unified Security Data lake
Compliance
All-in-one ETL, SIEM, XDR, UEBA, and SOAR for blazing fast threat detection, investigation, and response.
Compliance
Compliance
Threat Detection
The industry’s leading threat intelligence platform (TIP) that provides curated access to the world’s largest repository of curated threat intelligence.
Threat Detection
Threat Detection
Investigation and Response
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Investigation and Response
Investigation and Response
Threat Hunting
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Threat Hunting
Threat Hunting
ThreatStream Next-Gen
Threat Detection
The industry’s leading threat intelligence platform (TIP) that provides curated access to the world’s largest repository of curated threat intelligence.
Threat Detection
Threat Detection
Investigation and Response
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Investigation and Response
Investigation and Response
Threat Hunting
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Threat Hunting
Threat Hunting
Threat Analysis
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Threat Analysis
Threat Analysis
Intelligence Distribution
Advanced AI and natural language processing to simplify and speed up analysis so you can stop threats in their tracks.
Intelligence Distribution
Intelligence Distribution
Agentic AI
Reason and Act
All-in-one ETL, SIEM, XDR, UEBA, and SOAR for blazing fast threat detection, investigation, and response.
Reason and Act
Reason and Act
Model Context Protocol
The industry’s leading threat intelligence platform (TIP) that provides curated access to the world’s largest repository of curated threat intelligence.
Model Context Protocol
Model Context Protocol
Marketplace
The Anomali Marketplace
A unique cybersecurity marketplace providing instant access to a growing catalog of threat intelligence providers, integration partners, and threat analysis tools.
The Anomali Marketplace
The Anomali Marketplace
Threat Intelligence Feeds
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Threat Intelligence Feeds
Threat Intelligence Feeds
Threat Analysis Tools and Enrichments
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
Threat Analysis Tools and Enrichments
Threat Analysis Tools and Enrichments
Security System Partners
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Security System Partners
Security System Partners
SDKs
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
SDKs
SDKs
RESOURCES
Explore Resources
Dive into the latest cybersecurity and threat intelligence news, tips, and insights through our library of articles, webinars, datasheets, industry reports, case studies, and more.
Explore Resources
Explore Resources
Global InfoSec Awards
Anomali scores triple win for SIEM, SecOps, and TIP
SIEM Optimization
Optimize SIEM with an intelligence-native approach built for speed, scale, and action.
STAXX
Your free STIX/TAXII solution
Explore
Blog
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Blog
Blog
Case Studies
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Case Studies
Case Studies
Glossary
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Glossary
Glossary
Engage
Webinars
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Webinars
Webinars
Events
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Events
Events
Demos and Videos
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Demos and Videos
Demos and Videos
Learn
What is a Threat Intelligence Platform (TIP)?
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
What is a Threat Intelligence Platform (TIP)?
What is a Threat Intelligence Platform (TIP)?
What is MITRE ATT&CK?
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
What is MITRE ATT&CK?
What is MITRE ATT&CK?
What is Threat Intelligence?
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
What is Threat Intelligence?
What is Threat Intelligence?
What are STIX/TAXII?
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
What are STIX/TAXII?
What are STIX/TAXII?
What is Security Analytics?
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
What is Security Analytics?
What is Security Analytics?
Company
About Anomali
Anomali is a revolutionary AI-Powered security and IT Operations Platform that is the first and only solution to bring together security operations and defense capabilities into one proprietary cloud-native big data solution.
About Anomali
About Anomali
Press Room
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Press Room
Press Room
Gartner Reviews
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
Gartner Reviews
Gartner Reviews
Awards
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
Awards
Awards
Leadership
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Leadership
Leadership
Careers
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
Careers
Careers
Contact Us
Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.
Contact Us
Contact Us
Partners
Partners Overview
Anomali is dedicated to fostering strong partnerships, ensuring shared success and growth through collaborative innovation and mutual support.
Partners Overview
Partners Overview
Partner Directory
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Partner Directory
Partner Directory
Channel Partners
We help MSSPs, resellers, system integrators, and distributors enable their customers with accelerated investigation and response, improved visibility, and automated SOC operations.
Become Channel Partner
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Become Channel Partner
Become Channel Partner
Partner Portal
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Partner Portal
Partner Portal
Technology Alliance Partners
We offer a robust set of APIs and Sales Development Kits (SDKs) to seamlessly integrate with other technologies and help deliver better business outcomes for customers.
Become Technology Alliance Partner
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Become Technology Alliance Partner
Become Technology Alliance Partner
Threat Intel Sharing
We offer the leading global threat sharing platform for ISACs, ISAOs, industry groups, holding companies, and other threat intel sharing communities seeking to power secure collaboration.
Become An Intel Sharing Partner
Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, and more.
Become An Intel Sharing Partner
Become An Intel Sharing Partner

Schedule a Demo

ANOMALI MARKETPLACE

Threat Analysis tools and enrichments

The only marketplace for threat intelligence, enrichments, and integrations.

ITEM ONE

ANOMALI FEED

THIS IS ANOMALI FEED TEXT

ANOMALI TEXT NUMBER FOUR

ITEM ONE

ANOMALI FEED

THIS IS ANOMALI FEED TEXT

ANOMALI TEXT NUMBER FOUR

Integrated tools and intelligence that provide context and actionable information

Security teams now have a wide variety of threat intelligence sources feeding them indicators of compromise, but knowing an IP address or domain name is just the first step in preventing or responding to a threat. Enriching the context around IOCs dramatically increases their value to analysts, and augmenting your threat research with advanced threat analysis services, such as sandboxing, provides critical details.

Looking to expand your threat analysis capabilities? We can help to identify the right enrichment data and analysis tools for your organization.

Get Started

Threat Analysis Tools and Enrichments

Anomali provides 200+ advanced threat analysis services, including:

Partners

Authentic8

Authentic8 enables anyone, anywhere, on any device to experience the web without risk. The Silo Web Isolation Platform by Authentic8 separates the things you care about like apps, data and devices, from the things you cannot trust like public websites, external users and unmanaged devices. Silo executes all web code in a secure, isolated environment that is managed by policy, to provide protection and oversight. The world’s most at-risk organizations rely on Silo to deliver trust where it cannot otherwise be guaranteed.

Datasheet

Visit Website

Partners

Cisco Umbrella

Cisco Umbrella (formerly OpenDNS) is a cloud security platform that provides the first line of defense against threats on the internet wherever users go. And because it’s built into the foundation of the internet and delivered from the cloud, Umbrella is the simplest security product to deploy and delivers powerful, effective protection. The intelligence from Cisco Umbrella Investigate provides the most complete view of the relationships and evolution of internet domains, IPs, and malware, and adds the security context needed to uncover and predict threats.

Datasheet

Visit Website

Partners

Cribl

Cribl is the Data Engine for IT and Security, offering enterprises choice, control, and flexibility to manage their data efficiently. Cribl Stream, the world’s leading observability pipeline, processes logs, metrics, and traces in real-time, routing data to any destination in any format. Cribl Edge is an intelligent agent, and Cribl Search is the industry’s first search-in-place solution. Founded in 2018 and headquartered in San Francisco, Cribl’s vendor-agnostic product suite helps Fortune 1000 companies optimize data usage and storage, reducing costs and enhancing security insights.

Datasheet

Visit Website

Partners

CrowdStrike

CrowdStrike™ is a leading provider of next-generation endpoint protection, threat intelligence, and services. CrowdStrike Falcon enables customers to prevent damage from targeted attacks, detect and attribute advanced malware and adversary activity in real time, and effortlessly search all endpoints reducing overall incident response time. CrowdStrike customers include some of the largest blue chip companies in the financial services, energy, oil & gas, telecommunications, retail, and technology sectors, along with some of the largest and most sophisticated government agencies worldwide.

Datasheet

Visit Website

Partners

DNSTwist Domain Spinning

The DNSTwist Domain Spinning enrichment helps users quickly identify potential domain squats and phishing domains, and empowers security teams to perform phishing detection as part of their investigations.

Datasheet

Visit Website

Partners

Deloitte Codex

Deloitte's Codex Enrichment allows access to a truly large malware sandbox dataset that encompasses additional data to include APT names from multiple vendors associated with malware, easy to understand malware naming, typing, execution information, and more.

Datasheet

Visit Website

Partners

DomainTools Iris

DNS-Based Cyber Threat Detection and Response

The DomainTools® Iris™ App for Anomali delivers a subset of DomainTools Iris data, together with pivot capability and domain risk score, directly to the analyst inside the The Anomali Security Operations Platform. This integration enables rapid in-context assessments of domain name observables and discovery of connected domains that share the same IP, hostname, or SSL certificate hash.

Datasheet

Visit Website

Partners

Farsight DNSDB

Farsight DNSDB (now part of DomainTools) is a Passive DNS historical database that provides a unique, fact-based, multifaceted view of the configuration of the global Internet infrastructure. This enrichment lets you look up and pivot on domain names and IP addresses using Farsight's Passive DNS (pDNS) database, DNSDB.

Datasheet

Visit Website

Partners

GreyNoise Intelligence

GreyNoise's integration with Anomali ThreatStream helps security analysts save time by revealing which events they can ignore. GreyNoise's data is a curation of IPs that saturate security tools with noise, like mass-internet scanners and harmless business services. This unique perspective helps analysts confidently ignore irrelevant or harmless activity, creating more time to uncover and investigate true threats.

Users can also enrich against GreyNoise to reduce observables created by mass-internet scanning and create more time to investigate targeted attacks. This enrichment provides context into IP behavior: intent, tags, first seen, last seen, geo-data, ports, OS and JA3. Advanced features showing timeline and similarity based information is available for users with those subscription features.

‍

Datasheet

Visit Website

Partners

HYAS

HYAS Insight’s integration with Anomali ThreatStream helps security analysts increase accuracy and speed investigations. Using exclusive data sources and non-traditional mechanisms, HYAS Insight data connects observables to billions of indicators of compromise to understand and counter adversary infrastructure. Users can find an interesting match in ThreatStream and amplify it with HYAS Insight to expand their understanding of the adversary’s infrastructure.

Datasheet

Visit Website

Partners

IPQualityScore

IPQualityScore (IPQS) provides Anomali ThreatStream users with enterprise-grade detection for sophisticated abuse. The IPQS Fraud and Risk Scoring Enrichment provides enterprise grade fraud prevention, risk analysis, and threat detection. Analyze IP addresses, email addresses, URLs, and domains to identify sophisticated bad actors and high risk behavior. IPQS uses a unique data set, gathered by our proprietary honeypot network that captures advanced abuse such as residential botnets, phishing, hijacked domains, and any IOC that's been associated with abusive behavior across our partner reporting network, which analyzes over 10,000 abuse reports per second.

Datasheet

Visit Website