Source Integration with Anomali ThreatStream

June 15, 2020

Loginsoft, a leading provider of cyber engineering services for Threat Intel Platform Companies has built the expertise in integrating with Anomali, a leading provider of intelligence-driven cybersecurity solutions.

There are ever growing cyber product companies creating products with multiple API endpoints as threat data sources and proprietary feeds. Feeds alone aren't enough; they also need a way to turn information into actionable intelligence through a technology partner. This is where Loginsoft has built the integration to ingest their source into Anomali using Anomali SDK.

Anomali ThreatStream aggregates and organizes sources from multiple trusted partners, providing diverse threat intelligence within their platform.

Loginsoft's MiTRA Threat Feeds are outcome of its threat hunting research by deploying honeypots for a specific component or an emerging threat from which we analyze the attack patterns, payloads and the threat actors behind it. This curated metadata will be transformed into an actionable Threat Intelligence either to detect or prevent the attacks.

Loginsoft has integrated their threat feed with Anomali Preferred Partner Store (APP Store), which is an unique cyber security marketplace providing instant access to a growing catalog of threat intelligence providers, integration partners and threat analysis tools.

INTEGRATION HIGHLIGHTS:

Entity Types supported by Anomali Enrichments SDK: Domain, IP, Hash, Email, URL, Phrase, Autonomous System Numbers, DNS Name Server Records

Here's a look inside Anomali's ThreatSteam as Context based Enrichment for Domain entity.

Anomali’s ThreatSteam as Context based Enrichment

Here's a look inside Anomali's ThreatSteam for Domain entity as TableWidget for different endpoints:

WhoIs API endpoint

Anomali’s ThreatSteam for Domain entity - WhoIs API endpoint

Passive DNS API endpoint

Anomali’s ThreatSteam for Domain entity - Passive DNS API endpoint

Malware API endpoint

Anomali’s ThreatSteam for Domain entity - Malware API endpoint

Get notified

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

BLOGS AND RESOURCES

Latest Articles

RansomHub Revealed: Threats, Tools, and Tactics

December 9, 2024

The Rise of INTERLOCK Ransomware

November 13, 2024

Fortifying the Cloud: A Guide to Securing Vulnerable Cloud Environments

October 23, 2024