Anomali Lens+™ is the first natural language processing (NLP) based web content parser that highlights all cyber threat information for further investigation.
Anomali Lens+ scans and converts unstructured data, such as news stories, social media, research papers, blogs, paste sites, coding repositories, and internal content sources like SIEM user interfaces, into actionable intelligence. Anomali Lens+ leverages natural language programming (NLP) that takes unstructured data and identifies threat actors, malware families, and attack techniques as they relate to threat intelligence.
Anomali Lens+ accelerates the threat analyst's workflow by automatically scanning and identifying threat data in any web-based document using natural language programming. This data can be automatically imported into Threatstream for further investigation and analysis. The ability to research emerging threats more quickly, and communicate cyber risk to executive leadership more effectively is especially valuable during time-critical situations such as cyber-attacks or high-profile data breaches.
Lens+ supports the MITRE ATT&CK framework, allowing analysts to take a model-based approach to threat analysis by identifying the tactics, techniques, and procedures (TTPs) identified in scanned pages. For example, you can quickly examine the latest security bulletin or a research blog post using Lens+ to uncover MITRE ATT&CK techniques. These TTPs can then be automatically imported into Anomali Threatstream to support deeper research and analysis, including creating MITRE ATT&CK heatmaps for a better understanding of the threat environment.
Click below to learn more about the following features available with Lens+:
Executives and CISOs often struggle to hire qualified security personnel to maintain a proper and consistent security posture. But even success in meeting those staffing goals isn’t enough. Data feeds must be translated into boardroom-ready presentations—an often complex and time-consuming process in itself.
Anomali Lens+ amplifies the productivity of every frontline Security Operations Center staff, enabling them to produce intelligence products with the quality of seasoned cyber professionals.
CISOs often try to access analyst tools directly just to stay informed. However, most cyber tools are not designed to directly alert CISOs that their organization is at risk of being victimized by the threats appearing in online news sources on a daily basis.
Anomali Lens+ puts the power directly into the hands of the CISO. With a Lens+-enabled Web browser, CISOs can determine the relevance of online cyberattack reports, by leveraging Anomali detection capabilities. Anomali searches an organization’s historic cyber security event logs to uncover evidence of compromise by comparing them against Anomali’s vast database of high fidelity threat indicators. Lens+ gives CISOs a direct look at the relevant data with a single click.