One Article Review
| Source |  Anomali |
|---|---|
| Identifiant | 2422683 |
| Date de publication | 2021-03-02 14:59:00 (vue: 2021-03-02 15:05:33) |
| Titre | Anomali February Product Release: Moving Beyond Tactical Intelligence |
| Texte | We are happy to announce the Anomali Product Release for February 2021. For our product and engineering teams to deliver this latest set of features and enhancements, they worked closely with our customers with a particular eye to supporting security teams in their further move beyond a reliance on tactical, technical intelligence to a holistic, threat-model-driven approach by allowing them to work with threat models like the MITRE ATT&CK framework inside Anomali ThreatStream easily and productively. A further highlight directed at augmenting collaboration across teams and with external peers, leveraging our popular Trusted Circles capabilities, is the advent of full-featured chat within the Anomali ThreatStream threat intelligence platform, while maintaining privacy controls.
Enhancements in this latest release include:
MITRE ATT&CK Framework Integration
As a follow-up to the recent release of support for MITRE ATT&CK framework techniques, we’ve added the ability to import content from the MITRE ATT&CK Navigator tool and store your framework capabilities inside ThreatStream. Users can use the MITRE capability in ThreatStream's Investigations feature to help prioritize investigative activity and decision-making, making security teams more efficient and responsive.
Advanced Search Functionality for Threat Models
This month we’ve extended advanced search to Threat Model content in ThreatStream - providing the same flexibility and features for finding and refining content in our platform as for observable content. Users can now create advanced search queries with conditions and operators, and some additional capabilities specific to our Threat Model content, to find relevant intelligence quickly, as well as save their complex searches for future use at a click.
Collaboration via Full-Featured ThreatStream Chat
Customers now have the benefit of real-time, protected communication within ThreatStream for their internal teams and with Trusted Circle collaborators via the use of a full-featured chat client. With this built-in chat functionality, analysts can communicate and share tactical information as well as more strategic aspects of analysis and response quickly and easily with colleagues and peers at organizations that are members of common Trusted Circles--from inside the ThreatStream platform, where it can be easily shared and investigated. Most importantly, the collaboration remains anonymized and privacy is ensured.
Clone Custom Themed Dashboards
Extending the custom themed dashboards developed by the Anomali Threat Research (ATR) team and released in December, we are now offering the ability to not only access a custom themed dashboard (for COVID, Sunburst or other specific themes), but also to clone (or create a copy) of that dashboard, which you can now further customize or tailor to your specific needs and preferences. Once a dashboard is cloned a user can change, for a given widget, the saved query upon which the widget is based, as well as add their own custom widgets.
Intelligence Enrichment Inside of Investigations
We continue to refine the display of critical information to the user at the appropriate point of their research in order to ensure analysts have the right intelligence |
| Notes | |
| Envoyé | Oui |
| Condensat | 2021 ability able about access across activation activity add added addition additional administration administrative advanced advent against allowing also analysis analyst analysts announce anomali anonymized any apply approach appropriate are area aspects associated atr att&ck attacks augmenting available away based behavior benefit beyond built bulk but can capabilities capability cards change changes chat circle circles click client clone cloned closely collaboration collaborators colleagues combine common communicate communication comparison complex conclusion conditions content context continue control controls copy covid create critical custom customers customize dashboard dashboards data december decision default deliver details developed directed directly display distributed distribution domain domains driven during easily efficient effort elsewhere email emailing enabled engineering enhancement enhancements enrich enrichment enrichments ensure ensured entity excited executives extended extending external eye feature featured features february find finding finished first flexibility follow found framework from full functionality further future gain generated geo given graph greynoise happy have having help high highlight holistic identify implement import importantly improvements include include: included indicator indicators information inside integration intelligence intent internal internet investigate investigated investigation investigations investigative ja3 just key last latest leaving leveraging like list maintaining making mass members metrics mitre model models module month month’s more most move moving multiple navigate navigator needs new not notes now number observable observables offering often once only operations operators order organization organization’s organizations other output own page particular peers perform platform point popular ports posture preferences prioritize priority privacy process product productively protected provides providing queries query quickly rarely real recent recently recipients reduce refine refining regarding release release: released relevant reliance remains report reports requested research response responsive restrict restriction right same save saved saving scanning search searches security seen send set settings share shared shortening shows simplifying some specific stakeholders store strategic such summary sunburst support supporting tactical tags tailor targeted tasks team teams technical techniques them themed themes these threat threatstream threatstream's tighter time times tool trusted upload uploaded upon use user users view we’ve web well where which widget widgets will within without work worked workflow your |
| Tags | Tool Threat |
| Stories | Solardwinds Solardwinds |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.