September 21, 2017

Anomali Announces Real Time Forensics to Give Organizations Instant Visibility Into Newly Discovered

Adds New Automation and Detection Capabilities to Threat Intelligence Product Lines; Debuts Latest Platform Innovations at Detect 2017 Conference

REDWOOD CITY, CA and WASHINGTON, DC--(Marketwired - Sep 21, 2017) - Anomali, provider of market-leading threat intelligence solutions, today announced significant updates to its three core platforms -- ThreatStream, Anomali Match and STAXX. The new capabilities increase threat analyst productivity and enhance enterprise threat detection and remediation. Key additions to the product lines include Real Time Forensics (RTF) technology, support for STIX/TAXII 2.0 and automated workflows for streamlined analyst collaboration.

"The continuing pace of major breaches highlights the need for more effective, more efficient, and more accurate threat detection. In many cases, breaches are detectable and preventable well before damage occurs," said Hugh Njemanze, CEO, Anomali. "We developed Real Time Forensics technology to finally give organizations the threat visibility they have been lacking. With RTF, security teams can know in seconds if they've ever been targeted by malicious actors."

Anomali Enterprise 3.0 Delivers Real Time Forensics
As new threats are discovered daily, organizations need insights in seconds -- not hours. Anomali Match now provides Real Time Forensics to help organizations immediately identify any existing exposure over the past year or more. Using RTF, Anomali Match automatically evaluates new indicators against all prior history to determine within seconds if and when a system was previously targeted or compromised. Anomali Match 3.0 also includes broader log source support for syslog, SIEM, AWS S3 and Netflow/sFlow.

ThreatStream Enhancements Boost Analyst Productivity
Anomali's flagship platform, ThreatStream, was purpose built to deliver the full value of cyber threat intelligence. Today's analysts face ever-increasing volumes of threat data, making it difficult to quickly pinpoint and remediate threats. New threat model workflows in ThreatStream allow multiple analysts to collaborate on threat bulletins and investigations through an intuitive interface, speeding threat detection and mitigation. The latest version of ThreatStream boosts analyst efficiency with a new rules engine that can trigger automated actions, such as creating an investigation or tagging an indicator.

STAXX 3.0 Enables More Robust Threat Intelligence Sharing
Anomali STAXX and the associated Anomali Limo out-of-the-box TAXII service provide the threat intelligence community with a simple and free way to receive STIX/TAXII threat intelligence feeds. The new STAXX 3.0 provides support for STIX/TAXII 2.0, enabling more robust sharing of cyber threat intelligence. Using a new STIX/TAXII "bridge" feature, STAXX can now translate STIX/TAXII data to 2.0 and vice versa, making any STIX client and STIX server able to communicate with each other, regardless of version.

"Today's cybersecurity teams are tasked with analyzing millions of threat indicators daily to not only identify new attacks, but also determine where they may have already been compromised. This is increasingly challenging as the cyber threat landscape constantly changes, with new threats discovered daily that need to be evaluated and triaged," said Scott Crawford, Research Director for Information Security at 451 Research. "Technologies need to enable analysts to move quickly in pinpointing what's relevant, where their organization is at risk and where they may have previously been breached. Anomali is providing analysts with a capable platform designed to answer these needs."

To learn more about these latest offerings, visit Anomali at Detect '17 September 20 - 22 at the Gaylord National Resort & Convention Center.

Learn more about Anomali products:
Follow us on Twitter: @Anomali
Follow us on LinkedIn

About Anomali
The Anomali suite of threat intelligence solutions empowers organizations to detect, investigate and respond to active cybersecurity threats. The award-winning ThreatStream threat intelligence platform aggregates and optimizes millions of threat indicators, creating a "cyber no-fly list." Anomali integrates with internal infrastructure to identify new attacks, or search forensically over the past year to discover existing breaches, and enables security teams to quickly understand and contain threats. Anomali also offers STAXX, a free tool to collect and share threat intelligence, and provides a free, out of the box intelligence feed, Anomali Limo. To learn more, visit and follow us on Twitter: @anomali.

Press Contact
Nicole Pitaro
Bhava Communications for Anomali
(630) 532-8879