Threat IntelligenceSimplify threat intelligence workflows with Feedly & AnomaliDeliver enriched, relevant intelligence directly into ThreatStream to accelerate investigations and strengthen defenses15-sec summaryFeedly’s integration with Anomali ThreatStream simplifies and accelerates threat intelligence workflows by directly delivering highly relevant intelligence into your platform.With this no-code integration, you can:Collect relevant and enriched threat intelligence in your AI Feeds and Boards.Seamlessly ingest IoCs, CVEs, TTPs, threat actors, and malware data with context into ThreatStream.Correlate Feedly and Anomali data to enhance your investigative workflows.Streamline threat detection and response with enriched, actionable intelligence from Feedly and Anomali.Start Free TrialAnomali’s ThreatStream, a leading threat intelligence platform (TIP), empowers security teams to aggregate, analyze, and act on diverse threat intelligence data. However, irrelevant data or data without context has little value. Relying on open-source or info-sharing feeds in Anomali can introduce noise, overwhelm your analysts, cause alert fatigue, and impede investigations. Feedly now integrates seamlessly with ThreatStream to provide relevant, context-rich feeds that minimize noise, improve analyst productivity, and enable intelligence-informed defenses.Collect relevant threat intelligence in your AI Feeds and BoardsFeedly AI Feeds scour millions of open sources for relevant articles aligned to your intelligence requirements. These Feeds are fully customizable and collect articles in real-time as they are published, so you always have the latest information. The articles are then enriched, extracting entities and objects such as threat actors, IoCs, TTPs, malware, and vulnerabilities and correlated against the Feedly Threat Graph to understand relationships.Important articles can be saved to Team Boards for collaboration or reference.All this data is accessible within the Feedly UI or via the API in rich STIX-formatted JSON.A Gif showing an AI Feed, then launching into an enriched article and viewing the STIX-formatted JSON. Seamlessly ingest IoCs, CVEs, TTPs,… with context into ThreatStreamFeedly’s no-code integration with ThreatStream makes ingesting data such as IoCs, CVEs, TTPs, threat actors, and malware easy.Generate a Feedly API TokenLocate the Stream ID of your Feed or BoardCopy and add it to AnomaliOnce connected, you can specify the frequency and the data elements you want to ingest.Go into your organization’s account settings and generate a Feedly API Token.The API settings within a Feedly Threat Intelligence account. Here you can create a new API Token to integrate with other tools. Select the three “more” dots within the AI Feed or Board and choose ‘Sharing’.Feedly AI Feed “more” menu showing the Sharing option. Scroll down and copy the Stream ID.Feedly AI Feed sharing settings, including the Stream ID that can be copied and pasted into ThreatStream.Go into your ThreatStream account, select “manage” in the Feedly integration, and paste the Feedly Stream ID to begin receiving relevant intelligence with context from Feedly.Go into Anomali ThreatStream and select the Feedly integration. Then paste the Feedly Stream ID captured earlier to start receiving data from Feedly. Correlate Feedly and Anomali data to enhance your investigative workflowsAnomali empowers teams to correlate and analyze diverse threat intelligence from Feedly alongside commercial and internal data sources. The enriched, scored, and contextualized data is seamlessly integrated into ThreatStream’s workbench, enabling efficient threat investigations, report generation, and adversary tracking.Advanced workflows further enhance operations by automatically routing this actionable intelligence to SIEMs, firewalls, and EDR tools, streamlining response times and supporting faster, more informed decision-making.A malware file hash is ingested from Feedly, enriched with other sources, and assigned a confidence score.Feedly data in ThreatStream correlated with other internal and external data.Dive deeper into a threat bulletin with full context.Rich, full-content articles with relationship context ingested from Feedly into ThreatStream. Minimize noise and enrich data to accelerate threat responsesFeedly AI sharpens the focus to improve the relevance of threat feeds and enriches them with actionable contextual data. The no-code integration with Anomali ThreatStream enables teams to seamlessly ingest and process detailed, comprehensive threat intelligence so your team’s responses are quicker and your defenses are stronger.Try Feedly Threat IntelligenceThe Anomali integration is just one of many ways to automate sharing your collected and prioritized intelligence with your team and tools. Start a free trial to see how Feedly for Threat Intelligence can help you eliminate blind spots, speed up intelligence gathering and sharing, and automate your defenses.Start free trial
Source: Internet Gov forum