Combines Splunk’s Powerful Analytics with Anomali’s Comprehensive Threat Data to Identify and Respond to Detected Threats
Every week the award winning Anomali Labs team publishes a threat briefing, delivering topical cyber events and intelligence to subscribers. The briefing includes trending threat information and new threat intelligence. Anomali also provides details on observed threats across the global Anomali ThreatStream Community. All the research is vetted and curated by the Anomali Labs team and includes actionable IOCs and detailed threat bulletins.
In addition to the weekly briefing Anomali also provides Breaking News alerts, delivering critical updates in real time as new cyber threats become known. This information is delivered proactively to Splunk app users with all available details to evaluate if customers have been breached.
This service allows independent threat researchers to publish and share intelligence research with the Anomali ThreatStream Community. Anomali makes intelligence sharing efficient and seamless, allowing the entire community to benefit from threat analysis from any member.
Subscribers can instantly check their exposure against published threats automatically. Anomali briefings include specific, actionable IOCs and automate a health check against subscribers’ own live Splunk event data. Matches are highlighted so further investigation can be done.
Once threat matches are identified Anomali provides security teams the tools to research and investigate IOCs further. Here Anomali delivers critical insight into IOC threats, including actors, techniques, associated IOCs and other threat details. From within the Splunk interface users can access this information, or pivot to the Anomali portal for additional investigation capabilities.
A Ponemon Study of North American & United Kingdom Companies