Anomali, the globally renowned company in intelligence-driven cyber security solutions, has announced that Anomali Match is now integrated with Microsoft Azure Sentinel.
By bridging the gap between these two major security solutions, Anomali and Microsoft have created an automated solution that significantly enhances and speeds joint customers’ threat detection, alerting and response capabilities.
Azure Sentinel and Anomali Match integration
Azure Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI (Artificial Intelligence) to help analyse large volumes of data across an enterprise fast. Azure Sentinel aggregates data from all sources, including users, applications, servers, and devices running on-premises or in any cloud, giving users access over millions of records in a few seconds.
Anomali Match is a high-performance threat detection and response solution. It continuously correlates all collected security event and log data against millions of globally observed indicators of compromise (IOCs) to expose previously unknown adversaries that have already penetrated networks. Match retrospective analysis capabilities stretch back as far as five years.
Bi-directional data flow
With this integration, Microsoft and Anomali have created a bi-directional data flow
With this integration, Microsoft and Anomali have created a bi-directional data flow that allows users to easily export Azure Sentinel logs into match for correlation with Anomali global intelligence.
Combining IOC matching at a massive scale together with other innovative techniques provides the precision detection needed to investigate and prioritise matched threats for ingestion back into Azure Sentinel, where Security Operation Centre (SOC) analyst teams can then triage.
Enhancing cyber and data security
“Most enterprises have dozens of cybersecurity tools deployed and access to mass volumes of related information. Despite this, many continue to fall victim to attackers who have figured out how to slip through holes that disparate systems and siloed data leave open,” said Mark Alba, Anomali Chief Product Officer.
Mark adds, “Azure Sentinel and Anomali have bridged a gap that allows our joint customers to consolidate essential security technologies, providing them with the information and capabilities needed to identify and mitigate threats that are impacting their networks.”
Cloud adoption and threat intelligence
“To remain protected, organisations need visibility over what’s going on across their infrastructures, which are expanding rapidly due to things like cloud adoption, growing remote workforces and increasing levels of mobile connections,” said Jason Wescott, Principal PM Manager, Azure Sentinel.
Jason adds, “With match enabled, enterprises will gain access to threat intelligence that will allow them to know more about what they are up against and then take smarter steps to further reduce risk.”
- Network / IP
- Electronic security systems
- Office security systems
- Office security
- Physical security
- Remote security
- Commercial security
- Perimeter security
- Security management
- Security policy
- Security devices
- Security installation
- Security access systems
- Electronic access control
- Intrusion detection
- Building security
- Facility security
- Door access control
- Security software
- Security service
- Physical Security Information Management (PSIM)
- IP security solutions
- Security communication
- Integration software
- Perimeter protection
- Cyber security
- Corporate Security
- Incident Management
- Cloud security
- Artificial intelligence (AI)
- Mobile access
- Machine Learning
- Touchless Security
