Threat Intelligence Platform
- Aggregate feeds from 3rd party, ISAC, open source, etc.
- Normalise, de-dupe, enrich feed data
- Integrate IOCs with SIEMs, FW, endpoints, or via API
- Two-way sharing and trusted circles for vetted collaboration.
Threat Hunting & Forensic Search
- Identify active threats in your network
- Search IOCs against 365 days historical data
- Expand IOCs to find associated indicators, actors, TTPs, etc.
- Understand threat actors and campaigns, not just IPs/domains.
Your free STIX/TAXII solution
- Direct access to any STIX/TAXII feeds
- Simple on-premise install
- Powerful search capability
- Explore IOCs in STAXX online portal.
Latest ThreatStream capabilities
This investigations tool enables you to form complete pictures of attacks by connecting the dots between related IOCs and threat model entities in ThreatStream. You can assign investigations to users or workgroups in your organization, create tasks to further investigations, and add analysis to intelligence. Key capabilities include:
- Create and centrally manage threat investigations
- Collect indicators, actors, campaigns, TTPs, signatures, sandbox examples
- Assign tasks to specific analysts - integrated analyst workflow
- Perform analysis using Kill Chain, Diamond Model or STIX
- Optionally share investigations publicly or with trusted circles.
This is a great time to give ThreatStream a try. Click here to request your account.
To trial our solutions, please go to: https://www.anomali.com/free-trials. There you can choose the solution that's right for you and use it for free.