Anomali Lens | Anomali
Anomali Lens

Identify threat intelligence in unstructured data in seconds

Schedule demo
Anomali Lens

Faster Threat Knowledge

Anomali Lens uses Natural Language Processing (NLP) to automatically scan and identify threat data in any web-based content or even PDFs – and then operationalize it with a click.

Anomali Lens Scan screenshot
Scan

Identify threat intelligence in unstructured data in seconds

Lens provides threat intelligence knowledge and context at your fingertips. By simply scanning a web page or PDF report, Lens uses Natural Language Processing (NLP) to automate the identification of threat indicators, threat actors, malware families, and attack techniques.

  • Scan, detect, and highlight all cyber threat references found on a web page
  • Intelligently identify all referenced tactics, techniques, and procedures (TTPs)
  • Tooltips provide context about the highlighted threats
  • Visual highlights tell you if the threats are “known” to your organization
Accelerate

Automate threat research and reporting

Security analysts spend many hours researching threats by manually copying, pasting, and pivoting on threat data from sources such as news articles, blogs, threat bulletins, and social media. Lens automatically converts scanned threat data into structured, machine-readable threat intelligence that can be operationalized and imported into Anomali ThreatStream in seconds.

  • Intelligently identify all referenced tactics, techniques, and procedures (TTPs)
  • Identify at a glance whether scanned threat data is known, unknown, or trending within ThreatStream
  • Launch sandbox detonations
  • Open a new ThreatStream investigation with the click of a button
Anomali Lens Accelerate screenshot
Anomali Lens Operationalize screenshot
Operationalize

Import IOCs at a click, create threat bulletins, and know if you’ve been impacted

Threat intelligence identified by Lens is automatically matched against your network events and logs to tell you at a glance if your organization has been impacted.

  • Import scanned threat data into Anomali Threatstream or Anomali Match with the click of a button
  • Automatically import MITRE ATT&CK data into a ThreatStream investigation
  • Know if your network has been impacted
  • Export your investigation
  • Pivot, investigate, and visualize imported threat intelligence in MITRE ATT&CK heatmaps
 
 

Go with Anomali and improve your security posture

Organizations rely on Anomali to harness the power of threat intelligence to make effective cybersecurity decisions that reduce risk and strengthen defenses.