Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

9/12/2016
05:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Anomali and Department of Homeland Security Collaboration Enables Groundbreaking Automated Public/Private Sector Cybersecurity Information Sharing

Automated, Anonymized Public/Private Threat Intelligence Sharing Enables More Effective Protection of National Critical Infrastructure and Attacks Against U.S. Organizations

REDWOOD CITY, CA – (9/12, 2016) - Anomali, the provider of the market-leading ThreatStream threat intelligence and Anomali Enterprise platforms, today announced the successful integration between the Anomali platform and the Department of Homeland Security (DHS) Automated Indicator Sharing (AIS) system. AIS allows private sector entities, federal agencies, and state and local governments to anonymously share cyber threat indicators at machine speed, allowing participants to mitigate cyber threats in real-time. Customers of Anomali now have the opportunity to opt-in to the information sharing program and immediately benefit from the process of receiving pertinent security event information such as IP addresses, domain names, hashes and actor tactics, techniques and procedures.

“Since its inception, the goal of Anomali has been to facilitate information sharing in a secure and effective manner between like-minded communities,” said Hugh Njemanze, CEO of Anomali. “By contributing intelligence into a trusted and secure platform, enterprises and government agencies alike can paint a clearer picture of the threat landscape and truly close the gap with the adversary.”

This effort signifies an important milestone toward fully automating two-way sharing of threat intelligence and anonymous sharing indicators of compromise (IoCs). By providing the backbone technology for voluntary information sharing between the public and private sectors, Anomali aims to close the cybersecurity skills gap, improve the overall security posture and enhance the identification and remediation of cyberattacks against U.S. organizations. 

Voluntary collaboration between public and private-sector entities will dramatically improve the skillsets of information security professionals within security operations centers, incident response teams and the industry in general. Moreover, the technology provided by Anomali breaks down the barriers that often hold security teams back from making threat intelligence actionable by enabling the automatic integration of IoCs into an organization’s existing security infrastructure to pinpoint, remediate and mitigate threats.

“Anomali is pleased to work with DHS to help advance automated indicator sharing,” said Todd Helfrich, vice president of federal at Anomali. “Anonymous, bi-directional information sharing between the Anomali platform and the DHS AIS system is a major milestone for public and private sector relations.”

In addition to integrating with the DHS AIS, Anomali Labs will contribute data from its open source Modern Honey Net project to DHS’s National Cybersecurity and Communications Integration Center (NCCIC). Anomali is also a participant in DHS’s Cyber Information Sharing and Collaboration Program (CISCP), DHS’s flagship program for public-private information sharing. CISCP is a comprehensive, strategic information sharing program and involves analyst-to-analyst collaboration and the sharing of a variety of analytical products regarding cyber threats.

For more information on the AIS project, please visit the DHS AIS website here: https://www.dhs.gov/ais.

 

Follow us on Twitter: @Anomali
Follow us on LinkedIn
Join us at our first-ever Threat Intelligence industry event, Anomali Detect: 9/11-9/13

 

About Anomali
Anomali delivers earlier detection and identification of adversaries in your organization's network by making it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali's approach enables detection at every point along the kill chain, making it possible to mitigate threats before material damage to your organization has occurred. Headquartered in Redwood City, Calif., the company is privately held and has received venture capital backing from General Catalyst Partners, GV, Institutional Venture Partners, and Paladin Capital Group, as well as individual investors. To learn more, visit www.anomali.com and follow us on Twitter: @anomali.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7856
PUBLISHED: 2021-04-20
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
CVE-2021-28793
PUBLISHED: 2021-04-20
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.
CVE-2021-25679
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed....
CVE-2021-25680
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only...
CVE-2021-25681
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The aff...