Connect with us

Hi, what are you looking for?


Malware & Threats

New Anomali Tool Finds Threat Data in News, Blogs, Social Networks

Threat intelligence firm Anomali on Monday announced the launch of Lens, a new tool designed to make it easier for organizations to find and use threat data from a wide range of sources.

Threat intelligence firm Anomali on Monday announced the launch of Lens, a new tool designed to make it easier for organizations to find and use threat data from a wide range of sources.

Anomali Lens is part of the company’s Altitude solution, which also includes its flagship threat intelligence platform ThreatStream and Match, a breach detection platform that matches external threat intelligence to internal events.

Lens provides users a web browser extension designed to highlight and collect relevant threat data on the web pages they visit, including news articles, blogs, security bulletins, logs, research papers, incident response reports, and social media.

Once a page is scanned, each data element — this can include threat actor names, malware, IP addresses and CVE identifiers — is highlighted using specific colors that indicate the extent to which a threat is known.

Anomali Lens

Users can then create a threat bulletin that contains the collected data or initiate an investigation. The data is also added to ThreatStream and matched with internal network events via the Match platform. This allows organizations to check if they have been impacted by the analyzed threat and helps them defend their environments against future attacks.

Anomali Lens makes it easy to import useful data from malware analysis websites such as VxCube in order to determine if a specific piece of malware impacts the customer’s environment — and if so, to what extent.

In the case of CVEs, it can show organizations if they are affected by actively exploited or high-risk software vulnerabilities that they may have previously ignored.

Advertisement. Scroll to continue reading.

Anomali says the new tool, which is immediately available, can be highly useful to various types of users, including analysts, C-level executives — it makes it easier for them to understand if a threat impacts their organization — and even journalists.

The Anomali Lens browser extension is currently available for Chrome and Firefox, but the vendor told SecurityWeek that it’s working on rolling out native support for Windows and macOS in future releases.

The company also said it plans on adding support for mobile devices, and advanced methods for identifying attack techniques, such as URL injection and cross-site scripting (XSS).

Related: Threat Intelligence Tech Firm Anomali Raises $40 Million

Related: Multiple Chinese Groups Share the Same RTF Weaponizer

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...