Partner Data Sheet: Ciphertrace

Anomali and CipherTrace: Cryptocurrency Threat Intelligence

Detect, investigate, and respond to crypto-threats with CipherTrace Sentry and Anomali ThreatStream

CipherTrace and Anomali Joint Solution Features

• Deep Blockchain Insights: CipherTrace Sentry Enrichment for Anomali ThreatStream provides powerful and easy-to-use cryptocurrency de- anonymization and tracing to increase crypto-threat visibility, detection, and response and enhance investigations.
• Credible Transaction Attribution: With CipherTrace Sentry, Anomali users can leverage CipherTrace’s industry-leading attribution to de-anonymize crypto- addresses and associate them with real-world entities and events, such as criminals, dark markets, ransomware events, terrorist funding, crypto- exchanges and ATMs, and more.

Immediate Time-to-Value

• Matches Crypto Addresses with IP Addresses: Using the CipherTrace enrichment for Anomali ThreatStream, users can view all the crypto addresses associated with an IP Address of interest, along with their associated owners and events.
• Investigate Ransomware Payments: Detailed blockchain analytics and cryptocurrency intelligence data to track cryptocurrency payments made to hackers.
• Comprehensive Tracing of Transactions: Users can easily trace a given address’s input and output transactions via the Anomali ThreatStream user interface.

Boost Anomali With Superior Crypto-Intelligence

The CipherTrace Sentry integration allows users to work with a vast array of data to enable detailed analysis, without leaving the Anomali ThreatStream platform. CipherTrace does this through a variety of techniques, including running transactions on 1,000 crypto-exchanges. CipherTrace analysts add over 1.5 million attribution datapoints each week.

Use Case: Detecting and Investigating Cryptocurrency Threats

Target Market:

Leading Financial Institutions and Law Enforcement agencies

Challenge:

The need to identify crypto-activity associated with clients and insider transactions in order to:

• Thoroughly understand threats and suspicious activities
• Perform investigations
• Execute targeted due diligence activities

Solution:

CipherTrace and Anomali connected and investigated crypto-addresses, IP addresses, and funds flows, along with their relationships to entities and events of interest.

With CipherTrace and Anomali, the security team was able to:

• Improve threat hunting by exposing hidden crypto-activity in corporate networks
• Perform extended due diligence on client activities related to cryptocurrency
• Assist clients and internal constituents with enhanced investigations into ransomware and malware incidents, dark market activities, and other crypto-related situations
• Access and correlate crypto-intelligence data for investigations right from the Anomali dashboard

Customer Benefit:

• Detailed, accurate, graphical reports that can be used as evidence in legal proceedings
• Better business decision-making: increased time-to-insight for internal investigations
• Single dashboard view: provides visibility into previously hidden crypto-activities
• Collate data from multiple sources: Combines crypto-data with other information sources for deeper insights

Benefits:

Identify Threats

Identify crypto-activity associated with internal and external IP addresses of interest.

Follow the Money

Trace crypto address transactions via the ThreatStream user interface to follow the money in ransomware, theft, and other investigations and find source and destination of funds.

Extend Anomali threat intelligence with seamless integration of real-time contextual crypto-ownership and movement-of-funds data tied to IP addresses and real-world events.