Anomali announced a host of new updates to its threat intelligence platform on Monday, including the addition of a detection service to halt damaging email-based phishing attacks.
Previously known as ThreatStream, Anomali provides a suite of Software-as-a-Service (SaaS) solutions that aim to pinpoint threat indicators in real-time. Anomali unveiled new additions to three of its enterprise cybersecurity platforms, STAXX, ThreatStream and Anomali Enterprise, at the RSA security technology conference held annually in San Francisco.
Anomali has introduced a phishing email indicator management system to its ThreatStream platform to help companies detect and identify phishing attempts. ThreatStream now automatically extracts indicators from known phishing emails to provide early warning for possible scams. Data can also be shared to both internal and external users for better communication and collaboration.
Phishing attacks increased by more than 270% in 2016, according to the Federal Bureau of Investigations (FBI), and recent high-profile phishing scams include the Democratic National Committee (DNC), Seagate Technology, Snapchat and Sony PlayStation. The FBI estimates that more than $3 billion has been lost to business email compromise (BEC) scams, otherwise known as whaling, and that financial losses due to email scams have risen 1300% since January 2015.
"Overwhelming numbers of malicious attacks, advanced adversaries and an overload of threat intelligence are causing organizations to miss key indicators that point out where their systems have been compromised and where breaches have occurred," states Hugh Njemanze, CEO of Anomali.
Anomali’s STAXX threat intelligence feed has also been upgraded with bidirectional indicators of compromise (IOC) sharing so users can distribute information more quickly, effectively and collaboratively to limit security breaches. IOC is forensic data that identifies network- or system-based malicious activity.
A new user interface has been added to Anomali Enterprise, the company's analytics platform for security operations and incident responders, which is now also integrated with Anomali’s Weekly Threat Briefing to keep customers up to date on the latest security threats. In addition, Anomali Enterprise has gained a Domain Generation Algorithm (DGA) that automatically identifies malware-infected hosts.