Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.



Anomali® delivers intelligence-driven cybersecurity solutions, these include Anomali ThreatStream®, Anomali Match™ and Anomali Lens™. Private enterprises and public organizations use Anomali to gain unlimited visibility, speed time to detection, and constantly improve security operations. Anomali customers include more than 1,500 global organizations, many of the Global 2000 and Fortune 500, and large government and defense organizations around the world. Founded in 2013, it is backed by leading venture firms including GV, Paladin Capital Group, Institutional Venture Partners, and General Cayalyst.

Our Website:

Latest Content From Anomali

Whitepaper: Frost Radar: Global Threat Intelligence Platform Market, 2020 from Anomali

by AnomaliDec 01, 2020

Within a field of eight competitors, Anomali was positioned on the Frost Radar as the clear innovation leader and ranked second in growth index. Frost & Sullivan profiled companies that demonstrate a commitment to improving their products and growing their market share.

Key points covered in the Frost Radar are as follows:

• Strategic Imperative and Growth Environment
• Frost Radar: Global Threat Intelligence Platforms Market
• Companies to Action: Anomali
• Strategic Insights
• Next Steps: Leveraging the Frost Radar to Empower Key Stakeholders

"Our awards program recognizes companies that are driving change, achieving growth, and setting new standards in performance. In our extensive study of the market, we determined that Anomali is outperforming competitors and owns the lion's share of enterprise customers using TIPS to improve security and risk," said Mikita Hanets, lead research analyst, Frost & Sullivan.

Download this report to see why Frost & Sullivan named Anomali the winner of its 2020 Frost Radar Innovation Excellence Award for the Global Threat Intelligence Platforms (TIP) Market and owns the highest share of the TIP market (40%) and continues to demonstrate substantial year-over-year growth.

Whitepaper: ROI Study: Economic Validation Report of the Anomali Threat Intelligence Platform

by AnomaliDec 01, 2020

Never before has it been so critical for enterprises to effectively empower an increasingly remote workforce with access to applications and resources across a number of geographic regions, networks, and devices.

Enterprises have been forced to quickly implement solutions, ease restrictions and policies, and remove barriers to entry, placing an even greater burden on their security teams to operate effectively and efficiently to protect the organization and its assets.

Security teams must work smarter and more efficiently to incorporate as much threat intelligence information as possible to identify and remediate threats.

EGS's model predicts a return on investment of 233% and a payback period of only 11 months for an organization with a security team of 10 individuals choosing to implement Anomali versus continuing to operate without a threat intelligence platform.

Download the full report.

Whitepaper: Threat Intelligence Solutions: A SANS Review of Anomali ThreatStream

by AnomaliDec 01, 2020

Cybersecurity is a daily, ongoing battle between sophisticated and motivated adversaries and defenders seeking not only to mitigate breaches and attacks, but also to prevent them from occurring. A key strategy for security organizations that want to become intelligence-driven is to be proactive in their cyber defense by utilizing external threat data.

To better understand technologies specifically designed to empower cybersecurity teams to work smarter and faster while capitalizing on massive troves of cyber intelligence, SANS took an opportunity to review Anomali ThreatStream. In this paper, TJ Banasik, SANS Expert, covers these elements:

• Review of ThreatStream's features
• Complimentary Anomali products
• Several use-case performance reviews

"Our experience with Anomali ThreatStream was overwhelmingly positive. It proved to be a very powerful threat intelligence platform that has significant benefits for security and intelligence analysts struggling to aggregate intelligence, enabling them to make sense of it quickly to recommend or take actions critical to the security of their organization." TJ Banasik

Read the full paper to learn more about the SANS review of Anomali ThreatStream.

Research Report: Osterman Research-Nation-State Attack Survey: Top CISO Concerns

by AnomaliMar 27, 2020

The Situation Between the United States and Iran is Influencing CISO's Security Strategy and Operations.

Nation-state attacks--in which military of non-military government entities seek to infiltrate other governments, enterprises, or non-commercial organizations--are on the rise. For example, Microsoft revealed in mid-2019 that 8,000 of its enterprise customers had been targeted by these types of attacks during the previous twelve months.

Nation-state attacks are especially worrisome after kinetic incidents, such as the January 2020 altercations between the United States and Iran. While some nation-state attacks are driven by political aims, many are driven by industrial espionage, intelligence gathering, and other malicious goals.

To determine the extent of concern and readiness for nation-state attacks in enterprise-level organizations, Osterman Research conducted an in-depth survey of CISOs. Download the full Osterman Research Survey Report to learn what they discovered. To determine the extent of concern and readiness for nation-state attacks in enterprise-level organizations, Osterman Research conducted an in-depth survey of CISOs. Download the full Osterman Research Survey Report to learn what they discovered.

Research Report: SANS 2020 Cyber Threat Intelligence Survey Results

by AnomaliMar 27, 2020

The Maturation of Cyber Threat Intelligence (CTI)

This year's survey had a record number of respondents (1,006) and the highest ever reporting of Cyber Threat Intelligence (CTI) programs within organizations. 2020 showed 80% of respondents reporting that they produce or consume CTI, an increase of 10% to last year.

As the field reaches maturity, understanding and improving the effectiveness of CTI programs will become more critical. This paper focuses on why finding the right people and tools for a Cyber Threat Intelligence (CTI) program is crucial, the intelligence cycle process, as well as the value and inhibitors of CTI.

Key takeaways from this year's survey:

• Collaboration is key
• Not all processes require the same level of automation
• The necessary data and tools change as CTI teams evolve
• Requirements are taking hold and are a staple of mature teams
• A community of consumers and producers contribute to CTI

Read this year's report to learn more about how to keep your CTI program moving forward.

Whitepaper: Phishing Campaign Targets Multiple U.S. and International Government Procurement Services

by AnomaliJan 23, 2020

Global Phishing Campaign Spoofs Multiple Government Procurement Services With Credential Harvesting

Anomali researchers have identified a credential harvesting campaign designed to steal the login credentials for multiple government procurement services from a range of countries. The procurement services are used by multiple public sector organizations to match buyers and suppliers.

This whitepaper aims to provide an overview of the discovered phishing campaign, as Anomali researchers consider it likely that the actors will continue to target these services in the future. We'll cover:

• The targeted landscape and spoofed organizations
• Lure documents and credential harvesting sites
• Threat Infrastructure Analysis
• Specific indicators of compromise (IOCs) associated with the campaign

Read the full report to understand the possible motivations of this phishing campaign.

Whitepaper: Malicious Activity Aligning with Gamaredon TTPs Targets Ukraine

by AnomaliJan 23, 2020

Russia-Sponsored APT Group, Gamaredon (Primitive Bear), Believed Responsible for Ukraine Targeting

The Anomali Threat Research (ATR) team has identified malicious activity that they believe is being conducted by the Russia-sponsored Advanced Persistent Threat (APT) group, Gamaredon (Primitive Bear). Lure documents observed appear to target Ukrainian entities such as diplomats, government employees, military officials, and more.

The object of this report is to highlight new Gamaredon tactics, techniques, and procedures (TTP) and share indicators of compromise (IOCs) to the security community for awareness and further analysis. You'll find:

• Current targeting landscape
• Lure document analysis
• Technical IOCs associated with the campaign

Learn about the indicated risk to Ukrainian government entities by APT threat group Gamaredon (Primitive Bear).

Whitepaper: The Lure of PSD2: Anomali Threat Research

by AnomaliJan 23, 2020

While PSD2 Legislation Aims at Reducing Payment Fraud for the Financial Industry, Threat Actors See an Opportunity to Lure New Phishing Victims

PSD2 is a directive aimed at regulating payment services with the intention to make cross-border payments in the EU as easy, efficient, and secure as payments within a member state. PSD2 builds on the previous legislation, and the UK Financial Conduct Authority (FCA) has agreed to a phased roll-out plan to full compliance by March 2021. As efforts within the financial sector work toward implementation, cyber threat actors and groups are using PSD2 as an opportune theme to target and strike.

This whitepaper highlights recent notable findings to raise awareness of malicious activity across financial institutions, electronic money institutions, and payment institutions throughout Europe. We'll cover:

• Key findings and active threats
• Analysis of malicious PSD2 lure tactics
• IOCs for your security teams to proactively monitor

Read the full report to reduce the potential impact of PSD2 phishing lures.

E-Book: Managing Threat Intelligence Playbook

by AnomaliOct 16, 2019

Threat Intelligence for Improved Cyber Threat Mitigation and Accelerated Remediation

Understanding threat intelligence and implementing a threat intelligence solution to enhance your cybersecurity strategy should not be an intimidating process. With a solid plan, your transition to threat intelligence can be smooth, useful, and insightful. This ebook covers the basic steps for successfully adding threat intelligence to your environment, and how to avoid underutilizing it:

  • What Challenges Do Threat Intelligence Platforms Address?
  • What to Look for in a Threat Intelligence Platform?
  • How Threat Management Fits Into the Security Lifecycle
  • Anomali Altitude™
  • Case Studies

Get the eBook and achieve your threat intelligence and management goals.

Research Report: SANS 2019 Top New Attacks and Threat Report

by AnomaliOct 16, 2019

Basic Security Hygiene Practices are Key to Avoiding the Majority of Commodity Attacks

There is no shortage of media coverage of cybersecurity breaches and outages, and there are many places to find statistics about how many attacks were launched in cyberspace. What is harder to find is expert advice on areas that are worth focusing your resource and efforts on in an effort to protect your organization.

This SANS whitepaper analyzes a baseline of breach and malware data from the past year and goes further to summarize expert opinions from SANS instructors on the emerging threats to look out for in 2019 and beyond. SANS experts cover the areas they believe will have the highest impact for the future, in addition to mitigation advice for each.

Areas include:

  • DNS Related Attacks
  • Domain Fronting
  • Targeted Cloud-Based Personal Attacks
  • Management Infrastructure/Embedded Hardware Attacks

Get the full report and focus your efforts when protecting your organization.