View
17
Download
0
Category
Preview:
Citation preview
Threat Intelligence Redefined
STAXXFree, easy way to subscribe
to any STIX/TAXII feed
ThreatStreamThe most widely adopted
Threat Intelligence Platform
Anomali EnterprisePowerful
Threat Hunting engine
The Anomali Platform
STAXX™Free, Easy STIX/TAXII Solution
STAXX gives you a free, easy way to subscribe to any STIX/TAXII feed. Simply download the STAXX client, configure your data sources, and STAXX handles the rest.
• Installs in minutes; simple configuration wizard• Powerful search and dashboarding features• Export IOCs for internal integration• Investigate IOCs with free STAXX online portal
ThreatStream®
Threat Intelligence Platform
ThreatStream manages all the complexity of collecting intelligence, optimizing the data, integrating with internal systems, and helping you perform investigations.
• Aggregate threat intelligence feeds from any source• Normalize, de-duplicate, enrich intelligence data• Integrate IOCs with SIEMs, Firewalls, endpoints, or via API• 2-way sharing and trusted circles for vetted collaboration
Anomali Enterprise™Powerful Threat Hunting Engine
Anomali Enterprise is a powerful Threat Hunting engine that discovers active threats. Anomali compares millions of IOCs against billions of network and system activity.
• Identifies active threats in your network• Discovers IOC matches over 365 days historical data• Investigate IOCs to find associated indicators, actors, TTPs, etc.• Provides threat context (actors, campaigns), not just IPs and domains
Modern Honey NetworkComplete Honeypot Management Platform
The Modern Honey Network project is a free, open source solution that makes deploying and managing deception servers as easy as copying and pasting a few commands.
• Supports dozens of standard honeypot sensors• Integrates easily with other solutions via REST APIs• Installs in seconds• Rich reporting, attack map, rule authoring
808 Winslow Street, Redwood City, CA 94063 USA 1-844-4-THREATS | info@anomali.com | www.anomali.com Copyright ©2017 Anomali. All Rights Reserved.
Anomali IntegrationsIntegrate Threat Intelligence Seamlessly
Anomali offers pre-built, fully supported integrations with SIEMs, firewalls, endpoint systems and other security and IT solutions. APIs allow custom integrations as well.
*Popular Integrations
• Customer traffic is summarized and analyzed in Anomali cloud
• Traffic is matched against millions of IOCs
• Anomali delivers alerts for any suspicious activity
• Investigate alerts and get recommendations for response
Anomali ReportsAnomali Reports is a free service that analyzes your IT activity and
alerts you to potential security breaches and attacks in process.
Anomali Reports gives SMBs critical visibility into threats and
the ability to investigate and contain breaches.
Weekly Threat BriefingAnomali Labs issues a Weekly
Threat Briefing containing a digest and of key security
threat news of the week and recommendations for response.
APP StoreAnomali offers a threat
intelligence directory where organizations call access premium
feeds from partners.
• Curated weekly digest of key security news
• Every security alert includes specific, associated IOCs
• Health Check feature lets you evaluate your exposure
• Integrates with ThreatStream, Anomali Enterprise, Splunk App
• Access premier 3rd party threat intelligence feeds
• Trial and evaluate different feeds
• Purchase feeds directly within the Anomali platform
• Integrate feeds with internal systems via ThreatStream
Apps and Add-ons
Recommended