February 29, 2016

ThreatStream Launches Threat Intelligence Analytics Engine to Make Intelligence Driven Security

Anomali Offers Two New Products that Unlock the Latent Operational Value of Threat Intelligence Data for the Enterprise.

Redwood City, Calif. – February 29, 2016 – ThreatStream, the provider of the market leading threat intelligence platform, today announced it has changed the company name to Anomali and launched two new products. The new brand reflects the company’s ongoing mission to enable customers to identify and address anomalous or undesirable behavior in their networks. The Anomali products announced today are Anomali Match Breach Analytics for mid-to-large enterprises and the Anomali Breach Detection Service for small to medium sized businesses. The new products allow organizations to leverage threat intelligence to find attacks during any phase of the attack chain.

“Today’s security technologies were never meant to ingest the growing millions of threat intelligence indicators that are now readily available. These indicators are rightly seen as critical to an active defense strategy. However the ability to exploit their value has not tracked their explosive growth in volume. We see threat intelligence as the new Big Data challenge,” said Hugh Njemanze, CEO of Anomali. “For perspective, we are currently managing close to 100 million threat indicators for any given customer and growing exponentially, up from 10 million only a year ago. Harmony Breach Analytics and Threat Analysis Reports Service were purpose-built to offload the work of digesting the raw volumes of threat intelligence from the existing security tools and instead directly deliver to those same tools the actionable information needed to drive security workflows.”

Anomali Match Breach Analytics Provides Intelligence with Relevance

Anomali Match Breach Analytics, available alongside of the newly upgraded ThreatStream 6.0 Threat Intelligence Platform, can work with your existing threat intelligence feeds, and focus security operations, incident responders and threat analysts on relevant actionable threats. Threat matches can be pushed back into an organization’s SIEM to support existing intelligence driven workflows. Anomali Match's unique approach scales to create threat intelligence with relevance beyond the 200+ day threat exposure window often sited in threat research. Anomali Match Breach Analytics unlocks the hidden operational value of threat intelligence data for incident responders and SOC personnel.

The security team benefits include the ability to:

  • Focus the security team on threat intelligence that’s relevant and specific to their organization at any given time
  • Perform retrospective analysis
  • Enable an intelligence driven SOC (ISOC)
  • Link indicators of compromise to threats at all points along the attack chain

Anomali Breach Detection Service

The Anomali Breach Detection Service allows an organization to simply and easily submit their raw log data to Anomali. The service takes advantage of Anomali’s state of the art store of threat intelligence data to detect likely breaches and report them. The generated reports provide security metrics for inbound and outbound threats and live links pointing to additional adversary research. These reports are available as a subscription service and provide automated security situational awareness to organizations that do not have a dedicated security staff.

The business and security benefits include the ability to:

  • Act as an SMB’s threat analyst, enabling internal staff to take action based on reported threats
  • Provide ongoing reports to your business partners for security assurance
  • Correlate, alert and analyze without having to invest costly dedicated security infrastructure
  • Create a report cadence and subscription size that’s the right size for your organization


The Anomali Breach Detection Service is available now. Anomali Match Breach Analytics is currently in beta and will be generally available in mid-April 2016. For more information please visit: www.anomali.com/product/

About Anomali

Anomali delivers earlier detection and identification of adversaries in your organizations network by making it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before material damage to your organization has occurred. Headquartered in Redwood City, Calif., the company is privately held and has received venture capital backing from General Catalyst Partners, Google Ventures, Institutional Venture Partners, and Paladin Capital Group, as well as individual investors. To learn more, visit www.anomali.com and follow us on Twitter@anomalidetect


Press Contact

Rick Popko

10Fold for Anomali

(925) 271-8227