Anomali Partner Directory
Explore our network of channel and technology alliance partners below.
Lastline
Marketplace Partner
Lastline provides breach protection products that are innovating the way companies defend against advanced malware. We deliver the visibility, context, analysis, and integrations enterprise security teams need to quickly and completely eradicate malware-based threats before a damaging and costly data breach occurs. Headquartered in Redwood City, California with offices throughout North America, Europe and Asia, Lastline’s technology is used by Global 5000 enterprises, is offered directly and through resellers and security service providers, and is integrated into leading third-party security technologies worldwide.
No items found.
Cuckoo
Marketplace Partner
Cuckoo Sandbox is a malware analysis system. In other words, you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment. Malware is the Swiss-army knife of cybercriminals and any other adversary to your corporation or organization. In these evolving times, detecting and removing malware artifacts is not enough: it's vitally important to understand how they operate in order to understand the context, the motivations and the goals of a breach, for better protecting in the future Cuckoo Sandbox is a free software that automated the task of analyzing any malicious file under Windows, OS X, Linux, and Android.
No items found.
Sqrrl
Marketplace Partner
Sqrrl is the threat hunting company that enables security analysts to discover advanced threats faster, and reduces the time and resources required to investigate them. Sqrrl’s industry-leading Threat Hunting Platform unites link analysis, advanced machine learning analytics, and multi-petabyte scalability capabilities into an integrated solution.
No items found.
Phantom Cyber
Marketplace Partner
Phantom is leading a revolution in the Security Operations Center (SOC) with the first community-powered security automation & orchestration platform. Phantom's mission is to close the security gap by enabling teams to work smarter, respond faster, and strengthen their defenses.
No items found.
IBM Resilient
Marketplace Partner
IBM Resilient’s mission is to help organizations thrive in the face of any cyberattack or business crisis. The industry’s leading Incident Response Platform (IRP) empowers security teams to analyze, respond to, and mitigate incidents faster, more intelligently, and more efficiently. The Resilient IRP is the industry’s only complete IR orchestration and automation platform, enabling teams to integrate and align people, processes, and technologies into a single incident response hub. With Resilient, security teams can have best-in-class response capabilities. IBM Resilient has more than 200 global customers, including 50 of the Fortune 500, and hundreds of partners globally.
Security System Partners
SOAR Integrations
Tanium
Marketplace Partner
Tanium gives the world’s largest enterprises and government organizations the unique power to secure, control and manage millions of endpoints across the enterprise within seconds. Serving as the “central nervous system” for enterprises, Tanium empowers security and IT operations teams to ask questions about the state of every endpoint across the enterprise in plain English, retrieve data on their current state and execute change as necessary, all within seconds. With the unprecedented speed, scale and simplicity of Tanium, organizations now have complete and accurate information on the state of endpoints at all times to more effectively protect against modern day threats and realize new levels of cost efficiency in IT operations.
Security System Partners
Endpoint Security Integrations
Snort
Marketplace Partner
Snort is an open source network intrusion prevention system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching, and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
Security System Partners
FireEye
Marketplace Partner
FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and our world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks.
Security System Partners
Endpoint Security Integrations
Check Point Software Technologies Ltd.
Marketplace Partner
Check Point Software Technologies Ltd. is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers a multilevel security architecture that defends enterprises’ cloud, network and mobile device held information, plus the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.
Security System Partners
Firewalls and Network Security Integrations
Zeek
Marketplace Partner
Zeek is a passive, open-source network traffic analyzer. It is primarily a security monitor that inspects all traffic on a link in depth for signs of suspicious activity. More generally, however, Zeek supports a wide range of traffic analysis tasks even outside of the security domain, including performance measurements and helping with trouble-shooting.
Security System Partners
Firewalls and Network Security Integrations
IBM Qradar
Marketplace Partner
IBM® QRadar® SIEM consolidates log events and network flow data from thousands of devices, endpoints and applications distributed throughout a network. It normalizes and correlates raw data to identify security offenses, and uses an advanced Sense Analytics engine to baseline normal behavior, detect anomalies, uncover advanced threats, and remove false positives. As an option, this software incorporates IBM X-Force® Threat Intelligence which supplies a list of potentially malicious IP addresses including malware hosts, spam sources and other threats. IBM QRadar SIEM can also correlate system vulnerabilities with event and network data, helping to prioritize security incidents.
Security System Partners
SIEM Integrations
Security System Partners
Red Sky Alliance
Marketplace Partner
Red Sky Alliance provides targeted cyber threat intelligence in the forms of services, feeds and reporting. Founded in 2011, Red Sky Alliance has tracked and analyzed malware, ransomware and cyber threat actor groups. Services such as their RedXray cyber threat notification service can provide daily cyber threat intelligence without installing software, hardware or require a network connection. Prices for this service begin at US$ 500.00 per month.
Threat Intelligence Feeds
ISight Partners
Marketplace Partner
FireEye iSIGHT Threat Intelligence is a proactive, forward-looking means of qualifying threats poised to disrupt your business based on the intents, tools and tactics of the attacker. Our high-fidelity, comprehensive intelligence delivers visibility beyond the typical attack lifecycle, adding context and priority to global threats before, during and after an attack. It helps mitigate risk, bolster incident response, and enhance your overall security ecosystem. Get the intel you need to predict attack and refocus your attention on what matters most to your business.
Threat Intelligence Feeds
Group-IB
Marketplace Partner
Group-IB is one of the global leaders in preventing and investigating high-tech crimes and online fraud. Since 2003, the company has been active in the field of computer forensics and information security, protecting the largest international companies against financial losses and reputation risks.
Threat Intelligence Feeds
Georgia Tech Research Institute (GTRI)
Marketplace Partner
The Georgia Tech Research Institute is a highly-regarded applied research and development organization. Each day, GTRI’s science and engineering expertise is used to solve some of the toughest problems facing government and industry across the nation and around the globe. GTRI redefines innovation by tackling customers’ most complex challenges with the right mix of expertise, creativity and practicality. Our expert scientists and engineers turn ideas into workable solutions and then put those solutions into action. GTRI has 76 active US Letters Patents, 43 pending US patent applications and 15 pending provisional applications in the United States.
Threat Intelligence Feeds