Supercharging Your Organization’s Threat Model: Anomali (Re-branded from ThreatStream)

" The Anomali mandate is to deliver innovative and effective technologies and solutions to address cyber security challenges for organizations of all sizes.”

Until recently, security groups within an organization would rely on the on-premise security solutions to harden their defenses against cyber threats. With breaches against large entertainment, retail, and healthcare corporations, it is clear that internally-focused defenses alone are not sufficient. The ability of these defenses needs to be expanded and enhanced to detect and act on threats that can potentially target your business and infrastructure. You need the threat intelligence advantage.

Anomali delivers earlier detection and identification of adversaries in your organizations network by making it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before material damage to your organization has occurred.

Anomali Product Suite
Investing in threat intelligence is fast becoming a necessity that organizations are taking seriously. The value of threat intelligence is realized every time:

• Financial losses are prevented.
• IT staffing resources are efficiently utilized.
• Informed decisions about investing infrastructure and your business are made.

The company’s product suite consists of the following:

ThreatStream 6.0- The Company offers the most comprehensive security solution for threat intelligence data for organizations of any size. The award winning ThreatStream 6.0 threat intelligence platform helps in managing the curation and lifecycle of threat intelligence.

Harmony Breach Analytics- Harmony Breach Analytics focuses the security team on the threat intelligence that’s relevant, timely and specific to an organization. It enables an intelligence-driven SOC and expands the client’s view into the breach exposure window past the limits of their SIEM.

Anomali Reports- Primarily for medium sized businesses, Anomali Reports provides the value of threat intelligence and a SIEM to those organizations that have neither. The service scans client logs looking for potential data breaches and provides a report to additional threat information.

Case Study

BBCN Bank

The Challenge – BBCN needed a way to easily investigate potentially risky IPs without having to log in to multiple security product dashboards. The bank depends on its security information and event management (SIEM) tool as the heart of its incident response program, but when the SIEM flagged a potential problem IP address the analysts needed to spend up to a half hour confirming its reputation.

The Solution – ThreatStream 6.0 offered BBCN a way to sync its actionable intelligence with the organization’s SIEM tool and provide analysis with minimal effort. The company’s solution resulted in benefits such as Reduced Mean-Time-To-Know, SIEM Integration and Headcount Savings.

Clientage
ThreatStream 6.0 targets the enterprise. It generally works with the CISO of large enterprises who are looking for cyber security tools to protect their organization.
Anomali has over 100 customers in the Fortune 10, 100, 500, and 1000 in sectors such as financial services, energy, education, healthcare, and technology.

Client Testimonials
“We needed threat intelligence fed directly into our SIEM with very low false positives, wide threat coverage, and built-in attribution. ThreatStream was the only service we tested that checked every box.” – Director of Security Fortune 100 Financial

“ThreatStream has revolutionized the way we evaluate external risk factors. We are able to apply it across our organization and customers.” – Security Manager Global 500 Telecommunications

Knowing the Key Executives

Hugh Njemanze, Chief Executive Officer
Hugh has an illustrious 30-year career in the enterprise software industry. Hugh co-founded ArcSight in May 2000 and served as CTO as well as Executive Vice President of Research and Development. He led product development, information technology deployment, and product research at ArcSight, and expanded these responsibilities to lead all engineering and R&D efforts for HP’s Enterprise Security Products group, the organization that ArcSight became part of post-acquisition. Hugh was recently an advisor and entrepreneur at investment firm, Kleiner Perkins Caufield & Byers (KPCB). Prior to joining ArcSight, he worked as the CTO at Verity, where he led product development, and before that he was at Apple in software engineering, where he was one of the key architects behind the Data Access Language (DAL). Hugh is a CISSP and holds a B.S. in computer science from Purdue University. He was also honored with the Northern California Ernst & Young LLP Entrepreneur of The Year award in 2010.

Nancy Bush, Chief Financial Officer
Nancy brings over 25 years of financial and operational management expertise in the dynamic technology industry. Her background in successfully scaling multiple Silicon Valley-based high-technology companies includes rapidly growing companies within the security and SAAS industry. Nancy was the acting CFO and Vice President of Finance at Fortinet and VP of Finance at ArcSight. She has also served as the Vice President of Finance at Adaptive Insights, Packeteer and Maxtor and held Senior Director of Finance positions at Terayon and SGI. Nancy holds a bachelor’s degree in Business Administration from the University of Georgia.

Colby DeRodeff, Chief Strategy Officer
Colby has spent his career working with global organizations guiding best practices and empowering the use of security and fraud products across government, finance, e-commerce, and healthcare industries. In this capacity he has been exposed to countless security, fraud and organizational challenges giving him a unique perspective on today’s threat landscape. Colby has held senior leadership positions with both ArcSight, and Silver Tail Systems and played an instrumental role in the successful IPO of ArcSight as well as the acquisition of both companies by HP and RSA / EMC respectively. Recognized as an expert in the field of IT security, Colby’s primary areas of focus are fraud, insider threat, the convergence of physical and logical security, as well as enterprise security and information management. Colby is a well-respected industry spokesperson and a published author of “The Convergence of Physical and Logical Security.”

“Through trust, collaboration, and communication, we strive to implement intelligence driven solutions to achieve the vision of a more secure world.”