Innovation, Content and Context

Anomali Labs is the Research and Development arm of Anomali. Our mission is to conduct threat research and rapid prototyping for the purpose of enhancing and advancing customers’ mission-critical security and hunting operations.

We are a force multiplier for all users of the Anomali threat intelligence platform by proactively identifying new and targeted threats and sharing this intelligence through ThreatStream 6.0. We publish threat intelligence on actors, campaigns, incidents, TTPs, and signatures as well as being the leading producer of indicators of compromise (IoC) and indicators of warning (IoW) within the Anomali threat intelligence platform.

We share and present our research with the larger security community through open source project releases, presentations at Marquee conferences, blog posts, and through direct customer interactions.

Cool Stuff

Modern Honey Network (MHN)

Modern Honey Network (MHN)

Modern Honey Network at Bay Area Open Source Security Hackers

Modern Honey Network at Bay Area Open Source Security Hackers

Augmenting Netflow with the Honeypot Data for Internal Breach Monitoring and Detection

Augmenting Netflow with the Honeypot Data for Internal Breach Monitoring and Detection

Lessons Learned from Building and Running MHN, the World's Largest Crowdsourced Honeynet

Lessons Learned from Building and Running MHN, the World's Largest Crowdsourced Honeynet

Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open Source Tools

Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open Source Tools

112 Lessons Learned from Building and Running MHN the Worlds Largest Crowdsourced Honeynet

112 Lessons Learned from Building and Running MHN the Worlds Largest Crowdsourced Honeynet

Modern Honey Network

Modern Honey Network

Shockpot

Shockpot

Hpfeeds Logger

Hpfeeds Logger