An Intellyx BrainCandy Brief
Anomali provides an extended detection and response (or XDR) platform that monitors and indexes telemetry and user behavioral data across other threat detection, mail security and SIEM platforms, matching them with threat intelligence data and communications to thwart would-be attackers.
Given the vast volumes of data generated by users moving through an enterprise’s hybrid cloud and on-prem application estates, threat hunting is a real needle-in-the-haystack challenge. Furthermore, retaining historical data and current activity beyond 30- or 90-day thresholds is cost prohibitive in many cloud native scenarios.
Since most mid-to-large sized companies have already invested in dozens of detection and security tracking dashboards and data warehouses, Anomali looks for matching signals from within these many sources like repeat visits from bad actors, outlier data payloads and common attack sequences. Threat reports and remediation workarounds can then be shared in a library curated by a trusted group of collaborators, or the broader cybersecurity community at large.
© 2022 Intellyx LLC. At the time of writing, Anomali is not an Intellyx customer. Want to see more BrainCandy? Subscribe today. If you are a vendor seeking coverage from Intellyx, please contact us at PR@intellyx.com.