Cisco Security and Anomali

Anomali delivers earlier detection and identification of adversaries in your organization's network by making it possible to correlate tens of millions of threat indicators against a real time network activity logs and up to a year or more of forensic log data.

Product Integrations

Secure Malware Analytics: Anomali ThreatStream's API integration automatically brings in Malware Analytics premium feeds in real-time, relieving your security team from the manual work of collecting, aggregating, normalizing, and integrating threat intelligence into your security operations. Malware Analytics offers rich and accurate threat intelligence on malicious and suspicious domains (malware, suspicious, sinkhole, parked, etc.) and relevant file hashes. The ThreatStream platform enables pivoting from hashes into malware domains or vice-versa and leveraging their attribution for any matches.

Umbrella: Anomali delivers earlier detection and identification of adversaries in your organization's network by making it possible to correlate tens of millions of threat indicators against real-time network activity logs and up to a year or more of forensic log data Anomali integrates into both Cisco Umbrella and Investigate, providing end-to-end threat management. SOC teams can validate potential threats with Investigate, and mitigate confirmed threats with Umbrella, all in the ThreatStream UI.

Secure Firewall: Anomali provides a STIX formatted threat intelligence feed for customers using Firepower Management Center's Threat Intelligence Director (TID) to rapidly update detection against new and complex threats.