Threat Intelligence Platform

Anomali offers the comprehensive suite of Threat Intelligence solutions for organizations of any size.

Watch Overview


Anomali STAXX gives you a free, easy way to subscribe to any STIX / TAXII feed.

  • Install in minutes: Simplify download and install, then follow the wizard to collect feeds.
  • Configure feeds: Simple UI walks you through configuring all your STIX/TAXII feeds.
  • Setup schedules: Tell STAXX how often you want to download the latest intelligence.
  • Search and analyze: Built-in search UI lets you sift through IOCs; links to IOC details.

STAXX is 100% free and always will be.

Learn More


ThreatStream offers the most comprehensive Threat Intelligence Platform, allowing organizations to access all intelligence feeds and integrate it seamlessly with internal security and IT systems.

  • Collect: Via the ThreatStream portal you can access hundreds of threat intelligence feeds.
  • Optimize: ThreatStream normalizes and optimizes intelligence, making it more actionable.
  • Integrate: Out of the box integrations with SIEMs, FW, and other systems, plus API access.
  • Share: ThreatStream offers 2-way sharing and secure trusted circles for vetted collaboration.

Learn More

Anomali Enterprise

Anomali Enterprise (AE) is a powerful Threat Hunting engine that compares millions of IOCs against your internal traffic to identify active threats. AE is the only solution that scales to analyze millions of IOCs against billions of events/day, over 365 days.

  • Threat Hunting: Identifies real threats active in your network against millions of IOCs.
  • Forensic Search: Analyze new IOCs to see if they’re already active in your network.
  • IOC Research: Expand individual IOCs to find associated indicators, campaigns, TTPs, etc.
  • Strategic Threat Analysis: Understand threat Actors and Campaigns, not IPs and domains.

Learn More

Anomali Apps and Add-ons

Anomali offers a number of additional products tailored to meet specific needs:

  • Limo: Free TAXII service for users who want to get started with Threat Intelligence data.
  • Splunk App: Free app matches IOCs in your Splunk instance, and integrates our Weekly Threat Briefing.
  • Weekly Threat Briefing: Weekly Anomali Labs report includes specific IOCs and ability to check your exposure.
  • Modern Honeynet: MHN is Anomali’s open-source honeypot, with over 12,000 installations.

Learn More