November 30, 2021

Anomali Quarterly XDR Product Release Strengthens Customers’ Threat Detection and Response Capabilities, Helping Them to Stop Attackers and Breaches

Enhancements Help Customers Better Detect Threats, Utilize Intelligence to Align with Organizational Goals, and Monitor Threats Targeting Domains and Assets

REDWOOD CITY, Calif. — NOV. 30, 2021 — Anomali, a leader in intelligence-driven extended detection and response (XDR) cybersecurity solutions, today announced availability of its quarterly product portfolio update. New capabilities further help organizations to align threat intelligence initiatives to organizational goals, which further improves productivity and efficiency of their security operations and threat intelligence programs. Additionally, we are introducing a cloud deployment option for Anomali Match, our intelligence-driven extended detection and response (XDR) solution. Now available in beta, it enables customers to receive all the advantages of an XDR solution with the flexibility of cloud deployment.

“To stay ahead of adversaries, organizations need technologies that support the massive volumes of global intelligence and data needed to detect and respond to advanced threats,” said Mark Alba, Chief Product Officer, Anomali. “Our cadence of new product features and enhancements is giving our customers an onramp to build and manage cost-efficient security operations programs that are underpinned by the information needed to identify and stop attackers and breaches before they have an opportunity to disrupt business and inflict massive losses.”

With this release, Anomali is delivering to its customers several new capabilities and benefits:

Anomali Match Cloud Beta – Match improves customers’ overall efficiency and security by automating XDR activities to quickly detect and respond to relevant threats. By offering Match via cloud-native deployment, customers receive all the advantages XDR delivers along with reduced total cost of ownership (TCO), as Anomali updates and manages the expanding IOC repository, enhancements, telemetry integrations, new versions, and overall platform performance.

Anomali Targeted Threat Monitoring Feed – This new intelligence feed focuses on threats targeting organizations and assets, giving intelligence analysts the automated threat intelligence needed to respond to targeted domain attacks quickly and effectively. Identified domains and compromised credentials are imported into Anomali ThreatStream to provide visibility and enriched intelligence to fully protect assets, as well as increased efficiencies by operationalizing this targeted intelligence within ThreatStream.

Intelligence Initiatives Enhancements - Intelligence Initiatives provides a foundation for customers to integrate the CTI lifecycle as part of their working process to better understand the value their teams deliver in working toward organizational and risk-oriented goals. This release expands Intelligence Initiatives to now support observables, threat models, and rules incorporating rule matches. It also includes new widgets that highlight key metrics and give management an immediate overview of initiatives their teams are working on.

Unified App Store Management - Global intelligence via open source and commercial feeds along with enrichment sources are the foundation of the Anomali ThreatStream platform. In this quarterly release, we’ve migrated enrichments to the Anomali Preferred Partner (APP) Store, enabling users to provision and manage all their intelligence sources in one place, making the activation process more seamless and manageable.

STIXX TAXII 2.1 Service Support - Trusted Automated Exchange of Intelligence Information (TAXII™) is an application protocol for exchanging intelligence over HTTPS. ThreatStream hosts a TAXII server instance that enables the sharing of observables with external applications, enabling out of the box integration with security controls and other products that consume threat intelligence. In this release, we’ve updated STIX TAXII server support to the latest standard (v2.1), ensuring compatibility so that anyone using a TAXII 2.1 client will be able to receive intelligence without issue.

For more information, read the blog: Anomali November Quarterly Product Release


About Anomali

Anomali is the leader in intelligence-driven extended detection and response (XDR) cybersecurity solutions. Anchored by big data management and refined by artificial intelligence, the Anomali XDR platform delivers proprietary capabilities that correlate the largest repository of global intelligence with telemetry from customer-deployed security solutions, empowering security operations teams to detect threats with precision, optimize response, achieve resiliency, and stop attackers and breaches. Our SaaS-based solutions easily integrate into existing security tech stacks through cloud-native, multi-cloud, on-premises, and hybrid deployments. Founded in 2013, Anomali serves public and private sector organizations, ISACs, MSSPs, and Global 1000 customers worldwide in every major industry. Leading venture firms including General Catalyst, Google Ventures, and IVP back Anomali. Learn more at