Anomali - Experts & Thought Leaders

Anomali, the globally renowned company in intelligence-driven cyber security solutions, has announced that its Board of Directors has appointed industry veteran, Ahmed Rubaie as the company’s new Chief Executive Officer (CEO) and as a Board Member, effective from March 1, 2021. Ahmed Rubaie will succeed Hugh Njemanze, who worked closely with the board to help drive this change. Njemanze will remain with the company in the capacity of President and as a member of the Board of Directors. Cyber threat intelligence innovations Njemanze will continue to drive the company’s leadership position as an innovator in the cyber security market Hugh Njemanze became the Chief Executive Officer of Anomali, back in June 2014. Since then, he has led the company to rise as a recognised player in the security market through the introduction of new cyber threat intelligence and threat detection innovations. Njemanze successfully guided the company through the extraordinary circumstances and challenges of the past year, and will now begin the new CEO on-boarding process, with the company well-positioned to continue to grow and drive value. He will continue to drive the company’s leadership position as an innovator in the cyber security market. Global technology leadership expert Ahmed Rubaie, a highly-respected Chief Executive Officer and industry veteran, has more than three decades of global technology leadership experience. In his prior roles, Rubaie has driven strategic expansion and diversification of businesses across markets, industries and customers, steering delivery of leading and differentiated solutions. Rubaie has overseen the successful execution of growth transformation, including at Ariba, where he helped the company emerge from the 2008 recession to become the second most valuable Software-as-a-Service (SaaS) company by 2012. At Sitecore, a global company in context marketing management software, Rubaie helped them succeed in a rapid growth transformation, while getting the company ready for the public markets. Active in the cyber security space Ahmed Rubaie has also been active in the cyber security space, including in private investments and board work. Rubaie holds a B.A. degree in Economics from Albion College and a J.D. degree from the University of Detroit - Mercy Law School. He also serves as an Adjunct Professor at the Santa Clara University - Leavey School of Business, where he teaches the subject of Contemporary Business Issues. “Together with Hugh Njemanze, the board worked to bring in a new Chief Executive Officer to drive the next phase of growth for the company. Ahmed is a proven technology leader with a distinguished track record of innovation, talent development, and a deep knowledge of operational execution. He is very customer centric and quite passionate about our space. He will continue a values-based cultural leadership approach with a focus on growing the Anomali threat intelligence and detection portfolio,” said Anomali Board Member, Dr. Steve Herrod. Driving strategy to expand product portfolio The board is confident that Ahmed will ensure execution of Anomali’s strategy to extend its product leadership position" Dr. Steve Herrod, who also served as the Managing Director of General Catalyst, a venture capital and investment firm, adds “After thoughtful consideration, the board, together with Hugh Njemanze, concluded that now is the right time to make this leadership change and draw on Ahmed’s strategic and operational expertise to lead Anomali through this critical period of transformative growth.” Steve further said, “The board is confident that Ahmed, together with the rest of the leadership team, will ensure execution of Anomali’s strategy to extend its product leadership position and to deliver on new innovations that will make intelligence-driven threat detection an effective part of every organisation’s security strategy.” Innovation in extended detection and response solution “I am thrilled to join and lead Anomali forward at this important time for the company, and our industry,” said Anomali’s new Chief Executive Officer (CEO), Ahmed Rubaie, adding “Anomali has been at the forefront of threat intelligence and I look forward to extending this position going forward. I have tremendous admiration for the company’s recent contributions to the global cyber security effort and am particularly excited about our differentiated innovation in the extended detection and response solution space.” Ahmed Rubaie adds, “I believe Anomali has significant potential to continue to reshape the future of threat intelligence and detection and look forward to working with the incredibly talented global team to accelerate innovation and create value for our global customers and partners.” Robust threat intelligence platform firm Under his leadership, Anomali grew from a single product vendor into a robust threat intelligence platform company" “The board and I deeply appreciate Hugh Njemanze for his leadership and significant contributions,” continued Anomali’s Independent Board Member, Tom Reilly, who is also the former Chief Executive Officer (CEO) of ArcSight (Micro Focus) and Cloudera. Tom Reilly adds, “Under his leadership, Anomali grew from a single product vendor into a robust threat intelligence platform company. Hugh has been instrumental in energising the company’s culture to drive better execution of our product roadmap, placing Anomali in a strong strategic and financial position. We thank him for his ongoing guidance as he works with Ahmed and the leadership team to extend our innovative product offerings and market leadership.” Product strategy innovator “I am excited to welcome Ahmed to the Anomali team. We are at a scale and period of growth where his operational skills will bring tremendous value to the company,” said Anomali’s President, Hugh Njemanze. Hugh Njemanze adds, “I am excited to focus on my passion of industry direction, product strategy, and engaging with our valuable customers and partners. We will make a great team.”

Anomali, the globally renowned company in intelligence-driven cyber security solutions, has announced that Anomali Match is now integrated with Microsoft Azure Sentinel. By bridging the gap between these two major security solutions, Anomali and Microsoft have created an automated solution that significantly enhances and speeds joint customers’ threat detection, alerting and response capabilities. Azure Sentinel and Anomali Match integration Azure Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI (Artificial Intelligence) to help analyse large volumes of data across an enterprise fast. Azure Sentinel aggregates data from all sources, including users, applications, servers, and devices running on-premises or in any cloud, giving users access over millions of records in a few seconds. Anomali Match is a high-performance threat detection and response solution. It continuously correlates all collected security event and log data against millions of globally observed indicators of compromise (IOCs) to expose previously unknown adversaries that have already penetrated networks. Match retrospective analysis capabilities stretch back as far as five years. Bi-directional data flow With this integration, Microsoft and Anomali have created a bi-directional data flow With this integration, Microsoft and Anomali have created a bi-directional data flow that allows users to easily export Azure Sentinel logs into match for correlation with Anomali global intelligence. Combining IOC matching at a massive scale together with other innovative techniques provides the precision detection needed to investigate and prioritise matched threats for ingestion back into Azure Sentinel, where Security Operation Centre (SOC) analyst teams can then triage. Enhancing cyber and data security “Most enterprises have dozens of cybersecurity tools deployed and access to mass volumes of related information. Despite this, many continue to fall victim to attackers who have figured out how to slip through holes that disparate systems and siloed data leave open,” said Mark Alba, Anomali Chief Product Officer. Mark adds, “Azure Sentinel and Anomali have bridged a gap that allows our joint customers to consolidate essential security technologies, providing them with the information and capabilities needed to identify and mitigate threats that are impacting their networks.” Cloud adoption and threat intelligence “To remain protected, organisations need visibility over what’s going on across their infrastructures, which are expanding rapidly due to things like cloud adoption, growing remote workforces and increasing levels of mobile connections,” said Jason Wescott, Principal PM Manager, Azure Sentinel. Jason adds, “With match enabled, enterprises will gain access to threat intelligence that will allow them to know more about what they are up against and then take smarter steps to further reduce risk.”

Siemplify, the independent provider of security orchestration, automation and response (SOAR), and Anomali, the provider of intelligence-driven cybersecurity solutions, announces a partnership that delivers an integrated best-of-breed SOAR and threat intelligence platform (TIP) solution, making intelligence-driven security operations simple and accessible to organisations of all sizes. SOAR and TIP solutions are foundational technologies for every modern security operations team looking to combat alert fatigue, embed context into security investigations, and effectively contain and respond to threats. The partnership between Siemplify and Anomali delivers a unified best-of-breed SOAR and TIP integration that enables rapid time-to-value with minimal effort. Long-standing partnership As part of the partnership, Siemplify is launching ThreatFuse, an add-on module to the Siemplify SOAR platform, powered by Anomali, which ingrains threat intelligence across the entire detection and response lifecycle. From enrichment with real-time threat indicators, through threat hunting and intelligence sharing, security analysts can validate, investigate and respond to threats with unprecedented speed and precision. ThreatFuse is generally available from Siemplify. Siemplify’s ThreatFuse offering evolved from a long-standing partnership between the two companies via the Anomali ThreatStream marketplace, as well as customer-driven integrations to power Siemplify SOAR playbooks with high-fidelity threat intelligence.  Real-time threat indicators Supporting Siemplify in its introduction of ThreatFuse was a natural evolution of our existing partnership" The Siemplify ThreatFuse dashboard used for enrichment with real-time threat indicators, through threat hunting and intelligence sharing, security analysts can validate, investigate and respond to threats with unprecedented speed and precision “Until today, organisations looking for a unified SOAR and TIP solution were forced to compromise on one or both of these critical security operations capabilities,” said Dennis Shaya, general manager and head of alliances at Siemplify. “We are thrilled to partner with Anomali to offer our customers a best-in-class TIP offering that is tightly embedded in the Siemplify SOAR platform.” “Supporting Siemplify in its introduction of ThreatFuse was a natural evolution of our existing partnership,” said Dan Maier, CMO of Anomali. “ThreatFuse offers a streamlined experience, allowing customers seeking robust TIP-SOAR integration to benefit from simplified implementation and management.” Intelligence-based investigations The unified SOAR/TIP solution accelerates time-to-value by delivering several use cases out-of-the-box to better perform: Event Triage: Aggregated threat intelligence supports event triage and decision-making by determining if an indicator is suspicious and at what severity level. Deep intelligence context is added to events, providing detailed information about associated threat actors and any known campaigns when a malicious threat is discovered. Intelligence-Driven Investigation: Contextual intelligence drives intelligence-based investigations that use associated indicators from an enriched entity to find other relevant indicators of attack. Proactive Defence: Newly discovered indicators can be used to trigger playbooks that defend networks through automatic detection and response. Filters and thresholds can be applied to limit the types of threats or entities that trigger automated response. Intelligence Sharing: False positives in an environment can be shared to make sure the data is not used in the future. ‘Trusted Circles’ enable intelligence sharing with the security community when new threat indicators are discovered. Siemplify and Anomali have planned a joint webinar on February 4 to provide more information about this partnership. Reserve spot to learn how one can combine SOAR and TIP to drive intelligence-driven security operations.