Anomali ThreatStream

Supported OS Linux Windows Mac OS

marketplace
통합 버전1.0.4
Anomali ThreatStream - Overview
Anomali ThreatStream - Observables - 1
Anomali ThreatStream - Observables - 2
Anomali ThreatStream - Incidents
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Overview

Anomali ThreatStream’s threat intelligence management automates the collection and processing of raw data, filters out the noise, and transforms it into relevant, actionable threat intelligence for security teams.

Anomali ThreatStream supports multiple threat models including Actors, Vulnerabilities, Attack Patterns, Malware, Incidents, and more. Threat modeling is a process by which potential threats, such as structural vulnerabilities or the absence of appropriate safeguards, can be identified, enumerated, and countermeasures are prioritized.

Anomali ThreatStream also has support for Observables generating in the environment. An observable is a piece of technical information that can detect a potential threat. They are derived from all data contained in the Intelligence System (Anomali ThreatStream) but are not always contextualized.

This integration monitors Observables triggered in Anomali ThreatStream as well as events generated for the Incident Threat Model.

Data Collected

Metrics

cds.anomali.threatstream.observables.confidence
(gauge)		Confidence level of observables.
cds.anomali.threatstream.observables.retina_confidence
(gauge)		Retina confidence level of observables.

Service Checks

cds.anomali.threatstream.status

Returns CRITICAL if the user configurations are invalid or server authentication fails. Returns OK otherwise.

Statuses: ok, critical

Support

For support or feature requests, contact Crest Data through the following channels:

This application is made available through the Marketplace and is supported by a Datadog Technology Partner. Click Here to purchase this application.