Within a field of eight competitors, Anomali was positioned on the Frost Radar as the clear innovation leader and ranked second in growth index. Frost & Sullivan profiled companies that demonstrate a commitment to improving their products and growing their market share.

Key points covered in the Frost Radar are as follows:

• Strategic Imperative and Growth Environment
• Frost Radar: Global Threat Intelligence Platforms Market
• Companies to Action: Anomali
• Strategic Insights
• Next Steps: Leveraging the Frost Radar to Empower Key Stakeholders

"Our awards program recognizes companies that are driving change, achieving growth, and setting new standards in performance. In our extensive study of the market, we determined that Anomali is outperforming competitors and owns the lion's share of enterprise customers using TIPS to improve security and risk," said Mikita Hanets, lead research analyst, Frost & Sullivan.

Download this report to see why Frost & Sullivan named Anomali the winner of its 2020 Frost Radar Innovation Excellence Award for the Global Threat Intelligence Platforms (TIP) Market and owns the highest share of the TIP market (40%) and continues to demonstrate substantial year-over-year growth.

Never before has it been so critical for enterprises to effectively empower an increasingly remote workforce with access to applications and resources across a number of geographic regions, networks, and devices.

Enterprises have been forced to quickly implement solutions, ease restrictions and policies, and remove barriers to entry, placing an even greater burden on their security teams to operate effectively and efficiently to protect the organization and its assets.

Security teams must work smarter and more efficiently to incorporate as much threat intelligence information as possible to identify and remediate threats.

EGS's model predicts a return on investment of 233% and a payback period of only 11 months for an organization with a security team of 10 individuals choosing to implement Anomali versus continuing to operate without a threat intelligence platform.

Download the full report.

Cybersecurity is a daily, ongoing battle between sophisticated and motivated adversaries and defenders seeking not only to mitigate breaches and attacks, but also to prevent them from occurring. A key strategy for security organizations that want to become intelligence-driven is to be proactive in their cyber defense by utilizing external threat data.

To better understand technologies specifically designed to empower cybersecurity teams to work smarter and faster while capitalizing on massive troves of cyber intelligence, SANS took an opportunity to review Anomali ThreatStream. In this paper, TJ Banasik, SANS Expert, covers these elements:

• Review of ThreatStream's features
• Complimentary Anomali products
• Several use-case performance reviews

"Our experience with Anomali ThreatStream was overwhelmingly positive. It proved to be a very powerful threat intelligence platform that has significant benefits for security and intelligence analysts struggling to aggregate intelligence, enabling them to make sense of it quickly to recommend or take actions critical to the security of their organization." TJ Banasik

Read the full paper to learn more about the SANS review of Anomali ThreatStream.

The Situation Between the United States and Iran is Influencing CISO's Security Strategy and Operations.

Nation-state attacks--in which military of non-military government entities seek to infiltrate other governments, enterprises, or non-commercial organizations--are on the rise. For example, Microsoft revealed in mid-2019 that 8,000 of its enterprise customers had been targeted by these types of attacks during the previous twelve months.

Nation-state attacks are especially worrisome after kinetic incidents, such as the January 2020 altercations between the United States and Iran. While some nation-state attacks are driven by political aims, many are driven by industrial espionage, intelligence gathering, and other malicious goals.

To determine the extent of concern and readiness for nation-state attacks in enterprise-level organizations, Osterman Research conducted an in-depth survey of CISOs. Download the full Osterman Research Survey Report to learn what they discovered. To determine the extent of concern and readiness for nation-state attacks in enterprise-level organizations, Osterman Research conducted an in-depth survey of CISOs. Download the full Osterman Research Survey Report to learn what they discovered.

The Maturation of Cyber Threat Intelligence (CTI)

This year's survey had a record number of respondents (1,006) and the highest ever reporting of Cyber Threat Intelligence (CTI) programs within organizations. 2020 showed 80% of respondents reporting that they produce or consume CTI, an increase of 10% to last year.

As the field reaches maturity, understanding and improving the effectiveness of CTI programs will become more critical. This paper focuses on why finding the right people and tools for a Cyber Threat Intelligence (CTI) program is crucial, the intelligence cycle process, as well as the value and inhibitors of CTI.

Key takeaways from this year's survey:

• Collaboration is key
• Not all processes require the same level of automation
• The necessary data and tools change as CTI teams evolve
• Requirements are taking hold and are a staple of mature teams
• A community of consumers and producers contribute to CTI

Read this year's report to learn more about how to keep your CTI program moving forward.

Global Phishing Campaign Spoofs Multiple Government Procurement Services With Credential Harvesting

Anomali researchers have identified a credential harvesting campaign designed to steal the login credentials for multiple government procurement services from a range of countries. The procurement services are used by multiple public sector organizations to match buyers and suppliers.

This whitepaper aims to provide an overview of the discovered phishing campaign, as Anomali researchers consider it likely that the actors will continue to target these services in the future. We'll cover:

• The targeted landscape and spoofed organizations
• Lure documents and credential harvesting sites
• Threat Infrastructure Analysis
• Specific indicators of compromise (IOCs) associated with the campaign

Read the full report to understand the possible motivations of this phishing campaign.

Russia-Sponsored APT Group, Gamaredon (Primitive Bear), Believed Responsible for Ukraine Targeting

The Anomali Threat Research (ATR) team has identified malicious activity that they believe is being conducted by the Russia-sponsored Advanced Persistent Threat (APT) group, Gamaredon (Primitive Bear). Lure documents observed appear to target Ukrainian entities such as diplomats, government employees, military officials, and more.

The object of this report is to highlight new Gamaredon tactics, techniques, and procedures (TTP) and share indicators of compromise (IOCs) to the security community for awareness and further analysis. You'll find:

• Current targeting landscape
• Lure document analysis
• Technical IOCs associated with the campaign

Learn about the indicated risk to Ukrainian government entities by APT threat group Gamaredon (Primitive Bear).

While PSD2 Legislation Aims at Reducing Payment Fraud for the Financial Industry, Threat Actors See an Opportunity to Lure New Phishing Victims

PSD2 is a directive aimed at regulating payment services with the intention to make cross-border payments in the EU as easy, efficient, and secure as payments within a member state. PSD2 builds on the previous legislation, and the UK Financial Conduct Authority (FCA) has agreed to a phased roll-out plan to full compliance by March 2021. As efforts within the financial sector work toward implementation, cyber threat actors and groups are using PSD2 as an opportune theme to target and strike.

This whitepaper highlights recent notable findings to raise awareness of malicious activity across financial institutions, electronic money institutions, and payment institutions throughout Europe. We'll cover:

• Key findings and active threats
• Analysis of malicious PSD2 lure tactics
• IOCs for your security teams to proactively monitor

Read the full report to reduce the potential impact of PSD2 phishing lures.

Threat Intelligence for Improved Cyber Threat Mitigation and Accelerated Remediation

Understanding threat intelligence and implementing a threat intelligence solution to enhance your cybersecurity strategy should not be an intimidating process. With a solid plan, your transition to threat intelligence can be smooth, useful, and insightful. This ebook covers the basic steps for successfully adding threat intelligence to your environment, and how to avoid underutilizing it:

• What Challenges Do Threat Intelligence Platforms Address?
• What to Look for in a Threat Intelligence Platform?
• How Threat Management Fits Into the Security Lifecycle
• Anomali Altitude™
• Case Studies

Basic Security Hygiene Practices are Key to Avoiding the Majority of Commodity Attacks

There is no shortage of media coverage of cybersecurity breaches and outages, and there are many places to find statistics about how many attacks were launched in cyberspace. What is harder to find is expert advice on areas that are worth focusing your resource and efforts on in an effort to protect your organization.

This SANS whitepaper analyzes a baseline of breach and malware data from the past year and goes further to summarize expert opinions from SANS instructors on the emerging threats to look out for in 2019 and beyond. SANS experts cover the areas they believe will have the highest impact for the future, in addition to mitigation advice for each.

Areas include:

• DNS Related Attacks
• Domain Fronting
• Targeted Cloud-Based Personal Attacks
• Management Infrastructure/Embedded Hardware Attacks