The Anomali Intelligence Augmentation Service (IAS) is a service that amplifies an organization’s own Cyber Threat Intelligence (CTI) programs, no matter their level of maturity. IAS provides crucial threat intelligence and insight into areas where organizations can lack visibility, experience, or simply the time required to understand complex and emerging threats.
With IAS, organizations can:
- Understand the specific threats, impacts, and adversaries facing their organization and targeted industry
- Leverage recognized security experts to investigate specific security concerns and scenarios
- Maximize the effectiveness of their internal security resources by extending their efforts with
- focused expertise
- Expand the organization’s field of view/scope/access to intelligence streams/wider understand- ing of the threat landscape
- Better communicate risks and threats to executives and stakeholders
- Augment your team with leveraging top tier industry experts
IAS offerings are designed with one goal in mind — providing you with the exact threat intelligence that best augments your unique security efforts and needs.
Powered by Anomali Threat Research (ATR), IAS enables strategic use of outside security experts and research that can provide the precise information necessary to protect your organization. The ATR team is composed of seasoned analysts and researchers each with over 80+ years combined of experience in enterprise incident response, computer forensics, malware analysis, and other defensive operations. Furthermore, the ATR team has access to a large number of intelligence sources that can provide extensive visibility.
IAS works in conjunction with the Anomali Support Portal, giving customers means to submit requests, gain complete visibility into ticket status, and receive direct support from the ATR team. IAS requests may also be submitted via email to IAS@anomali.com. While unique for each organization, IAS offerings include:
IAS offers investigations to answer specific customer-defined questions. Investigations provide insight into who, what, when, where and why as soon as possible. Examples include:
- Domain Intelligence: When you have a suspicious domain that keeps appearing in your network logs and need to know what it is and how it is interacting with your systems
- File Analysis: A strange file has appeared on your system, you know you can’t open it but you want to know what is it and if it is potentially malicious
- Compromised Credentials: Compromised accounts is one of the most common ways attackers access systems, and IAS investigation will tell you if your organization has potentially compromised accounts
- Actor Profiles: Understanding threat actors and how they work is imperative to security, IAS can provide full actor profiling including TTPs, historical overview, and IOCs
- OSINT: Many organizations do not realize the volumes of intelligence they release publically on themselves, this intel can be turned against them. IAS offers OSINT investigations to help customers understand what intelligence they are broadcasting
The ATR team has access to a large number of intelligence sources that can provide extensive visibility.
Analysis projects are more intensive than investigations, they tend to have a broader scope and delve deeper. Analysis is best suited for when an organization needs a full understanding of a subject. Due to their scope, analysis projects are time-consuming and costly and many organizations do not have the resources to commit to one, outsourcing this job to IAS removes these obstacles:
- Regional Analysis: Can you provide analysis and insight into threats facing the Asian financial sector?
- Timelines: I need to understand how Advanced Persistent Threat (APT) activity across the past two years impacts my organization.
- Industry Trends and Threats: What does the current Healthcare industry threat landscape look like? How have evolving standards impacted security efforts?
- Malware Reversal: Can you reverse engineer this malware to help us best understand how to defeat it?
3. Executive Summaries
High-level overviews designed to brief executives and other stakeholders on specific threats faced by your industry or organization. Examples include:
- Industry trends and threats: What threats pose the greatest potential impact for my specific industry?
- Organizational threats: What specific threats does my organization face? Are we a target?
4. Regular Reporting
Similar to Executive reports, but delivered on a Monthly or Quarterly basis. Focused on threats faced by your specific organization or industry.
How to Acquire IAS
IAS is available via the Anomali Support Portal. Once a request has been submitted via the portal, the ATR team will respond with an estimated cost and delivery time via a Scope of Work (SOW) that outlines the project scope and expectations.
If more information is needed, the scope and expectations need to be adjusted, or the request requires clarification, the analyst can be contacted directly through the Anomali Support Portal or via IAS@anomali.com.
For more information about pricing, availability, or to schedule a consultation, please contact: IAS@anomali.com