Anomali Overview

NARRATOR: Cybersecurity has become an issue that touches everyone. It is a topic that confuses and scares many people, and for good reason. A simple action like clicking a link in an email or visiting a seemingly legitimate website can cause you to become a victim.

HUGH NJEMANZE: Cybersecurity is the latest frontier of defending against bad guys. The way the military used to look at it-- there was air, land, and sea. And now there's also cyberspace to defend. Basically, cyberspace is anything that your computing devices connect to, whether it's your smartphones or your laptops or your desktop computers. If you connect to the cloud or you connect to a website, you're in cyberspace. And that has come very heavily under attack by people who either want to steal information or make money. And defending against it, in a way, is analogous to physical defense against traditional bad guys. In that world, you have things like burglar alarms, surveillance systems, cameras monitoring, barriers to entry, et cetera. Very similarly, in the cyber world, you have companies that build different categories of tools to perform similar defenses. We have things called firewalls that look at traffic and decide what traffic to block from your network. We have intrusion detection systems that try to figure out who is doing bad things within your systems and report on that. We have tools that look at what's being reported by the other security devices to tell you what's going on in the bigger picture.

NARRATOR: Unlike the physical world, an organization must defend itself against thousands of cyber attacks every day. Most of those are low-level, noisy, very basic attacks. But some are serious. An organization needs to be able to identify these serious attacks and prioritize response. Threat intelligence makes this possible.

HUGH NJEMANZE: Firewalls, et cetera, are all very good and useful. But typically, they're not enough to defend your network. If you look at the traditional systems, they are mostly focused on monitoring what's happening to your network. The good thing about those is they do detect breaches. The bad thing is they only detect things after the fact. What you would really want in an ideal world is to know before bad things have happened. Threat intelligence is a list of known malicious actors that have done bad things on anybody's network. Threat intelligence by itself is great, but it's not useful unless the tools that would like to make use of it can consume it. What you want is a system that allows you to take that intelligence and make it usable for all the existing cybersecurity tools.

NARRATOR: What if there was a comprehensive platform for threat detection, investigation, and response? Anomali arms security teams with highly optimized threat intelligence powered by machine learning. Anomali identifies real threats in your network at any scale in seconds.

HUGH NJEMANZE: Some of the benefits of using Anomali is we've worked hard to build an ecosystem that is comprehensive in terms of helping you be more effective with security. Typically, there is a lot of sources of threat intelligence information. Some of them are paid for. Some of them are freely available in communities. A lot of threat intel feeds are constructed differently. They use different techniques to grab the information. So if you want to deploy more than one threat intelligence feed, it quickly becomes a big challenge because these are all disparate feeds. But we have them all in one place. We can do what is called provisioning, which is basically providing that information to your security network automatically. So it saves a lot of effort in terms of mixing and matching, getting benefit from more than one feed. We released a trio of SDKs. SDKs are software development kits. And that makes it easy for other vendors to do integrations into our platform, for customers to customize. If they have, for example, legacy tools that commercial integrations are not available for, they can use the SDK to build those integrations in-house. So between the SDKs and the app store, there is a lot of ecosystem support to build an entire practice around threat intelligence. And we continue to think of more things to add to that environment every day. We created Anomali to give organizations the capability to defeat the most advanced and serious cyber threats. The Anomali threat platform automates the process of bringing together internal and external threat information in a way that provides actionable threat intelligence, speeding and simplifying the entire security lifecycle. Anomali takes massive volumes of threat data and continuously monitors the network, identifying in seconds when new attacks are launched. The Anomali ecosystem of threat intelligence partners ensures that organizations have the most relevant information available to them. Anomali also empowers the cyber threat analysts, arming them not only with technology to combat threats but also with training and skills to become true cyber threat hunters. Only Anomali delivers a truly comprehensive threat platform that allows you to stay ahead of your adversaries.

NARRATOR: Anomali. Know your adversaries. Knowledge is power. Stay up-to-date on the latest emerging threats with the Anomali weekly threat briefing.