Integration pairs threat intelligence from Silicon Valley cybersecurity leader with security alerts from Microsoft’s global ecosystem to bring new security insights to customers
REDWOOD CITY, Calif.--April 17, 2018--Anomali, a leading provider of threat management solutions, announced today a collaboration with Microsoft to integrate threat intelligence from the Anomali ThreatStream platform with the security insights customers can obtain from the new Microsoft Graph security API.
The collaboration provides Microsoft and Anomali customers with the ability to correlate cloud service and network activity with adversary threat information. As the work progresses, the integration will provide a complete view of asset and user information from Graph providers allowing for increased time to detection and more relevant and actionable results. With contextual and historical threat information provided by Anomali, users have access to not only a detailed background, but also logs of current activity of known IoCs and the malicious actors associated with them.
“Historically, it has been a challenge to have consistent visibility into which user was logged into a specific machine at a particular time, and tie this activity to a specific IP address,” said Colby DeRodeff, co-founder and chief strategy officer of Anomali. “As a result, organizations have struggled to connect the dots between malicious cyber activity, users and systems. Microsoft technologies are at the heart of virtually every organization, providing unique visibility into the user and asset infrastructure. Our integration with the Microsoft Graph security API saves analysts time by simplifying access to security alerts and enhancing these alerts with relevant asset and user information without having to access multiple systems or consoles.”
Sarah Fender, principal group program manager of Microsoft said, “By enabling integration partners like Anomali, Microsoft helps organizations connect security insights from multiple solutions for improved cyber defense. We worked closely with Anomali during private preview of the security API, and the resulting integration showcases the power of enriching security alerts provided by the Security API with threat intelligence and context. Together, we can help organizations stay ahead of adversaries.”
The Anomali and Microsoft teams will be providing demonstrations of the Graph integration at booth N3501 at RSA.
Visit the Anomali site here to learn more about the Graph integration.
The Anomali suite of threat intelligence solutions empowers organizations to detect, investigate and respond to active cybersecurity threats. The award-winning ThreatStream threat intelligence platform aggregates and optimizes millions of threat indicators, creating a "cyber no-fly list." Anomali integrates with internal infrastructure to identify new attacks, or search forensically over the past year to discover existing breaches, and enables security teams to quickly understand and contain threats. Anomali also offers STAXX, a free tool to collect and share threat intelligence, and provides a free, out of the box intelligence feed, Anomali Limo. To learn more, visit www.anomali.com and follow us on Twitter: @anomali.