February 18, 2021

Anomali, Microsoft Partnership Automates Enterprise Threat Detection and Response Operations

Integration Between Azure Sentinel and Anomali Match Consolidates Security Solutions and Data Silos to Unify Key Enterprise Security Process

REDWOOD CITY, Calif. — Feb. 18, 2021 — Anomali, the leader in intelligence-driven cybersecurity solutions, today announced that Anomali Match is now integrated with Microsoft Azure Sentinel. By bridging the gap between these two leading security solutions, Anomali and Microsoft have created an automated solution that significantly enhances and speeds joint customers’ threat detection, alerting, and response capabilities.

Azure Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyze large volumes of data across an enterprise—fast. Azure Sentinel aggregates data from all sources, including users, applications, servers, and devices running on-premises or in any cloud, letting you reason over millions of records in a few seconds. Anomali Match is a high-performance threat detection and response solution. It continuously correlates all collected security event and log data against millions of globally observed indicators of compromise (IOCs) to expose previously unknown adversaries that have already penetrated networks. Match retrospective analysis capabilities stretch back as far as five years.

With this integration, Microsoft and Anomali have created a bi-directional data flow that allows users to easily export Azure Sentinel logs into Match for correlation with Anomali global intelligence. Combining IOC matching at massive scale together with other innovative techniques provides the precision detection needed to investigate and prioritize matched threats for ingestion back into Azure Sentinel, where Security Operation Center (SOC) analyst teams can then triage.

“Most enterprises have dozens of cybersecurity tools deployed and access to mass volumes of related information. Despite this, many continue to fall victim to attackers who have figured out how to slip through holes that disparate systems and siloed data leave open,” said Mark Alba, Anomali Chief Product Officer. “Azure Sentinel and Anomali have bridged a gap that allows our joint customers to consolidate essential security technologies, providing them with the information and capabilities needed to identify and mitigate threats that are impacting their networks.”

“To remain protected, organizations need visibility over what’s going on across their infrastructures, which are expanding rapidly due to things like cloud adoption, growing remote workforces, and increasing levels of mobile connections,” said Jason Wescott, Principal PM Manager, Azure Sentinel. “With Match enabled, enterprises will gain access to threat intelligence that will allow them to know more about what they are up against and then take smarter steps to further reduce risk.”

Twitter: https://twitter.com/Anomali

LinkedIn: https://www.linkedin.com/company/anomali/

Blog: https://www.anomali.com/blog

About Anomali
Anomali is the leader in intelligence-driven cybersecurity. More than 1,500 public and private sector organizations rely on Anomali to see and detect threats more quickly, reduce the risk of security breaches, and improve security operations productivity. Anomali solutions serve customers around the world in nearly every major industry vertical, including many of the Global 2000. As an early threat intelligence innovator, Anomali was founded in 2013 and is backed by leading venture firms including GV, Paladin Capital Group, In-Q-Tel, Institutional Venture Partners, and General Catalyst. Learn more at www.anomali.com.

News Contact
Joe Franscella
news@anomali.com

__wf_reserved_heredar