Anomali Partner Center
Browse our library of upcoming and on-demand webinars, brochures and datasheets, industry reports and white papers, case studies, and more.
Threat Intelligence Feeds
Team Cymru – Reputation Feed
Marketplace Partner
Near-real-time feed to allow subscribers to monitor for infected computers visiting their networks to identify compromised hosts as they access their networks, thus enabling them to monitor or block these infected hosts before they can cause any damage.
Threat Intelligence Feeds
Threat Intelligence Feeds
Threat Intelligence Feeds
Threat Intelligence Feeds
IPQualityScore
Marketplace Partner
IPQualityScore (IPQS) provides Anomali ThreatStream users with enterprise-grade detection for sophisticated abuse. Security analysts can easily increase awareness for high risk behavior by analyzing an IP address, domain, or email address. IPQS uses a unique data set, gathered by our proprietary honeypot network that captures advanced abuse such as residential botnets, phishing, hijacked domains, and any IOC that's been associated with abusive behavior across our partner reporting network, which analyzes over 10,000 abuse reports per second.
Threat Analysis Tools & Enrichments
Bfore.Ai
Marketplace Partner
Bfore.Ai is a leader in predictive security solutions helping organizations prevent intrusions and data exfiltration by predicting vectors of future attacks. The information is used in PreCrime™ - predictive cyber threat intelligence that enhances existing security solutions (firewalls, DNS resolvers, anti-phish filters, proxies, etc.) with foresight. Bfore.Ai’s patented AI technology combined with hyperscale observation infrastructure and modern APIs augment customers' security postures with predictions.
Threat Intelligence Feeds
SEKOIA.IO
Marketplace Partner
SEKOIA.IO CTI is a mix of exclusive SEKOIA.IO threat intelligence data coming from C2 trackers, VT trackers, honeypots and refined OSINT data. The threat intelligence provided by SEKOIA.IO is easily actionable within Anomali ThreatStream as it's highly structured in STIX 2.1, fully contextualized and built for detection purposes. SEKOIA.IO CTI subscription includes an API and a web portal access.
Threat Intelligence Feeds
Gatewatcher
Marketplace Partner
LastInfoSec, Gatewatcher’s Cyber Threat Intelligence (CTI) offering, optimizes your existing resources and helps you to see further. Compatible with all cybersecurity solutions, it immediately improves your detection by enriching it with contextual information on internal and external cyber threats specifically targeting your business.
Threat Intelligence Feeds
Mandiant
Marketplace Partner
Since 2004, Mandiant® has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.
Threat Intelligence Feeds
Anomali Premium Digital Risk Protection
Marketplace Partner
Anomali Premium Digital Risk Protection provides a feed of threat models and observables focused on digital threats to your organization and assets. Includes compromised credentials, domain registrations, suspicious apps, and more. With a dashboard and insights from the Anomali Threat Research team.
Threat Intelligence Feeds
Microsoft Azure Sentinel
Marketplace Partner
Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel allows Security Operation Center (SOC) analysts to detect actionable threats in their security posture and take actions on them. Azure Sentinel integrates with Anomali to offer first class threat intelligence in the product. You can import threat intelligence from Anomali LIMO servers using the Azure Sentinel TAXII data connector and also from Anomali ThreatStream using the Threat Intelligence Platforms data connector. Once the threat intelligence from Anomali is brought into Azure Sentinel, it can be used for threat analysis, detection, investigation and hunting.
Security System Partners
SIEM Integrations
Proofpoint
Marketplace Partner
Proofpoint is a next-generation cybersecurity company protecting people, data, and brands from advanced threats and compliance risks based on its global intelligence platform that spans email, social and mobile. Proofpoint Emerging Threats (ET) intelligence for IPs and malicious domains and its Targeted Attack Protection intelligence feed for advanced email threats are available in the ThreatStream APP Store and are based on behavior observed directly by Proofpoint ET Labs.
Threat Intelligence Feeds
SecneurX
Marketplace Partner
SecneurX’s mission is to help solve the security industry’s malware issues through network communications analysis. SecneurX leverages AI and Machine learning to automate the analysis of communications data and arrive at information, solutions, and products to identify and combat malware, including mobile malware threats, threats targeting IoT/OT infrastructure, and threats targeting organizations providing critical infrastructure.
Threat Intelligence Feeds
HYAS
Marketplace Partner
HYAS Insight’s integration with Anomali ThreatStream helps security analysts increase accuracy and speed investigations. Using exclusive data sources and non-traditional mechanisms, HYAS Insight data connects observables to billions of indicators of compromise to understand and counter adversary infrastructure. Users can find an interesting match in ThreatStream and amplify it with HYAS Insight to expand their understanding of the adversary’s infrastructure.
Threat Analysis Tools & Enrichments
GreyNoise
Marketplace Partner
GreyNoise's integration with Anomali ThreatStream helps security analysts save time by revealing which events they can ignore. GreyNoise's data is a curation of IPs that saturate security tools with noise, like mass-internet scanners and harmless business services. This unique perspective helps analysts confidently ignore irrelevant or harmless activity, creating more time to uncover and investigate true threats.
Threat Analysis Tools & Enrichments
Automate threat discovery and research
Organizations rely on Anomali to surface relevant intelligence quickly to inform cross functionally and upper management.