Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

9/30/2019
09:01 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Anomali Altitude Delivers Automated Intelligence Driven Cybersecurity Solutions

Customers Automate Detection, Analysis, Prioritization, Response, and Answers to Questions About All Threats, Including Any Identified in Web Based Content Spanning News, Twitter, Blogs, Research, Threat Bulletins, SIEM Logs, and More

REDWOOD CITY, Calif. AND NATIONAL HARBOR, MD, Sept. 30 — Anomali, a leader in intelligence-driven cybersecurity solutions, today unveiled the Anomali Altitude platform to a packed auditorium at the Gaylord National Harbor Convention Center during Detect 2019, the company’s fourth annual user conference.

The Anomali Altitude platform delivers Anomali Lens, Anomali ThreatStream, and Anomali Match. The integrated product suite allows customers to automate detection, analysis, and response for high-priority external and internal threats. 

Anomali Lens™

This first-of-its-kind technology allows anyone, from security operations staff to board members, to automatically and immediately know if their organizations are being attacked, who adversaries are, and if the attacks have been successful. With these key security questions answered, users can make effective decisions about how to respond.  

With one click, Anomali Lens scans web-based content, detects and highlights all threats identified within, provides easy-to-understand details about the threats, and tells users if any threats are already present in their networks. Web content Anomali Lens scans includes news, blogs, research, bulletins, SIEM logs, other security logs, IR reports, Twitter and other social networks.

Automated threat bulletins created by Anomali Lens are added to Anomali ThreatStream. These can then be shared across organizations, among trusted circles, and ISACs. Bulletins can be directly integrated into security controls for immediate blocking, detection, and mitigation.

Anomali Lens is supported by advanced natural language processing (NLP) and context-aware detection. Currently deployed as a browser plugin, it will soon be available for mobile devices.

Anomali Match™ 

Anomali Match integrates cyber threat intelligence, MISP data, OSINT, SIEM logs, vulnerability assessment tools, and other big data sources to match billions of IOCs and threats against any that are present in customers’ networks. By providing automated, retrospective analysis for extended periods, users detect threats and compromises that have been present for short and long durations. Anomali Match replaces Anomali Enterprise and includes all of that solution’s former capabilities. Several new features and benefits include:

 

  • Enhanced Machine Learning for DGA - New deep learning capabilities enable 90 percent-plus accuracy for Domain Generation Algorithm (DGA) detection

 

  • Big Data Support with Elasticsearch - Integration provides retrospective analysis for high volumes of threat data spanning a year or more

 

  • Anomali Match Analysis Dashboard – New visual representations optimize the use of multiple threat feeds

 

  • Anomali Match Stand Alone – Automated, direct importation of data from MISP and other sources improves threat scoring and enrichment

 

  • Anomali Lens – Integration provides immediate confirmation of when threats are present in networks

 

Anomali ThreatStreamⓇ

Our threat intelligence platform (TIP) integrates threat data from the widest range of feeds to create actionable threat intelligence. Anomali ThreatStream is the foundation for the new Anomali Preferred Partner Program. Six partners that have joined the program are now providing complementary threat feeds. These include Flashpoint, ReversingLabs, DomainTools, Farsight, Intel471, and Sixgill. 

 

Supporting Quotes

"Any business that can find answers hidden in massive volumes of data has a competitive advantage. When it comes to cybersecurity, organizations that can make sense of what billions of cyber threat indicators mean can make decisions that will give them a defensive edge," said Hugh Njemanze, CEO, Anomali. “We’ve brought a platform to market that allows customers to harness threat data, information and intelligence to drive effective cybersecurity decisions, a capability that tips the scales in their favor.”  

“The most sure-fire way to lose a battle is to go into it without knowing anything about your enemy. Organizations that aren’t using advanced levels of cyber threat intelligence are going to continually fall short in their efforts to defend their networks,” said Richard Stiennon, IT-Harvest chief research analyst and noted cybersecurity author. “As a pioneer of cyber threat intelligence, Anomali helped take the practice mainstream with its early platform. It is now introducing a new generation of solutions to the market that will allow its customers to effectively leverage adversarial intelligence.”

“Enterprises have numerous cybersecurity challenges, and many of these can be overcome with the help of cyber threat intelligence, including the ability to communicate risk status in a way that everyone can understand,” said Scott Crawford, research vice president at 451 Research. “Anomali’s recently released Lens technology can help those who are involved in the deepest technical positions to open meaningful dialogue with executive leaders who need to understand how security impacts business risk."

“There is no question that CISOs need to find ways to decrease the cybersecurity staff’s workload. Not that existing workers aren’t diligent professionals, there are simply not enough of people and advanced skills available,” said Jon Oltsik, senior principal analyst at ESG. “Anomali is bringing new levels of security automation to the market, which can help organizations mitigate the impact of talent shortages while improving the efficiency of the cybersecurity team."

For more information on the new Anomali platform and solutions, visit https://www.anomali.com/ 

 

Twitter: https://twitter.com/Anomali

LinkedIn: https://www.linkedin.com/company/anomali/

Blog: https://www.anomali.com/blog

 

About Anomali

AnomaliⓇ delivers intelligence-driven cybersecurity solutions. Anomali AltitudeTM platform solutions include Anomali ThreatStreamⓇ, Anomali MatchTM, and Anomali LensTM. Private enterprises and public organizations use Anomali to harnesses threat data, information, and intelligence to make effective cybersecurity decisions that strengthen defenses and reduce risk. The Anomali partner program provides access to threat feeds from all layers of the web and delivers seamless integrations into leading security infrastructure technologies. The Anomali Threat Research Team provides actionable threat intelligence that helps customers, partners and the overall security community to detect and mitigate the most serious threats to their organizations. Anomali customers include more than 350 global organizations, many of the Global 2000 and Fortune 500, and large government and defense organizations around the world. Founded in 2013, Anomali is backed by leading venture firms including GV, Paladin Capital Group, Institutional Venture Partners, and General Catalyst. Learn more at www.anomali.com

 

Contact:

Joe Franscella

News Media Relations

+1-209-597-6656

[email protected]   

 



 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/13/2020
Where Are the 'Great Exits' in the Data Security Market?
Dave Cole, Cofounder and CEO, Open Raven,  10/13/2020
Overcoming the Challenge of Shorter Certificate Lifespans
Mike Cooper, Founder & CEO of Revocent,  10/15/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15256
PUBLISHED: 2020-10-19
A prototype pollution vulnerability has been found in `object-path` <= 0.11.4 affecting the `set()` method. The vulnerability is limited to the `includeInheritedProps` mode (if version >= 0.11.0 is used), which has to be explicitly enabled by creating a new instance of `object-path` and settin...
CVE-2020-15261
PUBLISHED: 2020-10-19
On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges. Since Veyon users (both students and teachers) usually don't have administr...
CVE-2020-6084
PUBLISHED: 2020-10-19
An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malic...
CVE-2020-6085
PUBLISHED: 2020-10-19
An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malic...
CVE-2020-10746
PUBLISHED: 2020-10-19
A flaw was found in Infinispan version 10, where it permits local access to controls via both REST and HotRod APIs. This flaw allows a user authenticated to the local machine to perform all operations on the caches, including the creation, update, deletion, and shutdown of the entire server.