Threat Intelligence Solutions: A SANS Review of Anomali Threatstream�



Cyber threat data from multiple sources overwhelm today’s Security Operations Centers (SOCs) without a centralized method to aggregate it. Many organizations have immature threat intelligence programs that rely on select external threat feeds, which users struggle to analyze. A cyber threat intelligence program requires people, processes, and technology to process, exploit, and disseminate threat data. Threat intelligence is “evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets informing decisions regarding the subject's response to that menace or hazard”[1]. Threat Intelligence Platforms (TIPs) address these challenges by providing a unified solution to consolidate actionable data, automate analyst research, and integrate with security controls.

 

 

SANS had the opportunity to review the Anomali ThreatStream® product, a threat intelligence platform providing a unified solution for collecting, curating, and disseminating threat intelligence. ThreatStream rationalizes multiple threat data sources into a single high-fidelity repository by automatically normalizing, de-duplicating, removing false positives, and enriching the threat data, then associating all related threat indicators. ThreatStream applies a highly accurate machine learning algorithm for scoring indicators of compromise (IOCs). In this SANS webcast, SANS expert TJ Banasik and Erick Ingelby, Director of Product at Anomali, review ThreatStream’s key benefits, highlight complimentary Anomali products and provide a use-case performance review.

 

 

Register today to be among the first to receive the associated product review written by security expert TJ Banasik

Speaker and Presenter Information

TJ Banasik is a results-driven security leader, program manager, and cybersecurity engineer with over 20 years of experience in the most challenging government, military, and commercial environments. He holds a graduate degree in cyber intelligence studies from AMU and the CISSP-ISSEP, ISSAP, ISSMP, GCIH, GCWN, GCIA, GSEC, GCCC, GPEN certifications. TJ is a cloud security expert with extensive experience in security operations, risk management, threat intelligence, insider threat, and threat vulnerability management. Previously, he served as the Director of Security for Veritas Technologies, Senior Security Operations Center Manager for the U.S. Government Accountability Office, and Deputy Cyber Mission Force Integrations Chief for United States Army Cyber Command. TJ is currently a Senior Program Manager with Microsoft and pursuing a second graduate degree in Information Security Engineering from the Sans Technology Institute.

 

 

Erick Ingleby is the Director of Product at Anomali and brings with him over 20 years of experience in information technology with a concentration in security. He is a veteran of the United States Air Force. Erick designed innovative new products and led product teams for three successful mid to late-stage cybersecurity startups, with one successful IPO and one acquisition. At Forescout, Erick's products produced a third of the revenue in the quarters leading up to the company’s IPO. At Anomali, he leads a direct and indirect team of hundreds of resources made up of product, UX/UI, Engineering, and QA. His products generate over tens of millions in ARR and are used by some of the largest organizations in the world.

Relevant Government Agencies

DOD & Military, Other Federal Agencies, State & Local Government


    Event Type
    Webcast


    This event has no exhibitor/sponsor opportunities


    When
    Tue, Aug 11, 2020, 1:00pm - 2:00pm ET


    Cost
    Complimentary:    $ 0.00


    Website
    Click here to visit event website


    Event Sponsors

    Anomali


    Organizer
    SANS


    Contact Event Organizer



    Return to search results