The Anomali Workflow Service (WS) is an annual subscription-based service that helps clients to:
While strategic-level planning and enterprise-level reforms can take months or years to implement, the WS offering is designed to take weeks. Through an understanding of the customer environment and tools, Anomali creates custom-tailored workflow visualizations, step-by-step instructions, and instructor-led tutorials on workflows. These efforts help clients to improve efficiency and realize more value from their Cyber Threat Intelligence (CTI) program, which ultimately enhances the organization’s ability to identify, detect, and respond to cyber threats.
Taking a consultative approach, the Anomali Professional Services team conducts discovery interviews with managers and analysts and develops an in-depth understanding of:
Our team of intelligence and InfoSec professionals combine these insights with a deep knowledge of Anomali platforms and industry technologies to develop and deliver a custom solution.
The Professional Services team reviews all discovery phase inputs and recommends necessary workflows to streamline areas of inefficiency or fill specific procedural gaps associated with people, processes, technologies, and outputs. Once approved by the client, Anomali creates process diagrams and stepby-step instructions for each workflow that will be used by client staff. Further, Anomali then reviews these workflows and coordinates with the client to update them on a continual basis to ensure alignment with client changes in personnel/organization, tools, processes, or outputs. The following diagram provides an example of a workflow.
The outcome of this consultative engagement is improved analyst proficiency and confidence with Anomali platforms and increased efficiency of key processes through detailed, codified workflows. These results improve the likelihood of successful implementation of Anomali technologies and lasting transformation of a client’s CTI program. Each engagement includes a 1-year support period for all deliverables—including updates to materials and incremental training—to cover Anomali platform updates, feature releases, or client infrastructure changes.
Illustration 1 – Sample workflow for creating a Feedback Loop. The feedback loop increases visibility and fosters information sharing and collaboration between teams, which is vital to understanding overall threat posture and producing high-quality intelligence products.