List of Anomali ThreatStream Customers
Redwood City, 94063, CA,
United States
Since 2010, our global team of researchers has been studying Anomali ThreatStream customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Each quarter our research team identifies companies that have purchased Anomali ThreatStream for Threat Modeling from public (Press Releases, Customer References, Testimonials, Case Studies and Success Stories) and proprietary sources, including the customer size, industry, location, implementation status, partner involvement, LOB Key Stakeholders and related IT decision-makers contact details.
Companies using Anomali ThreatStream for Threat Modeling include: ExxonMobil, a United States based Oil, Gas and Chemicals organisation with 57900 employees and revenues of $323.91 billion, Occidental Petroleum Corporation, a United States based Oil, Gas and Chemicals organisation with 10412 employees and revenues of $21.59 billion, M&T Bank, a United States based Banking and Financial Services organisation with 22080 employees and revenues of $9.23 billion, Optiv, a United States based Professional Services organisation with 2400 employees and revenues of $1.00 billion, Entrust Datacard, a United States based Professional Services organisation with 2500 employees and revenues of $800.0 million and many others.
Contact us if you need a completed and verified list of companies using Anomali ThreatStream, including the breakdown by industry (21 Verticals), Geography (Region, Country, State, City), Company Size (Revenue, Employees, Asset) and related IT Decision Makers, Key Stakeholders, business and technology executives responsible for the IaaS software purchases.
The Anomali ThreatStream customer wins are being incorporated in our Enterprise Applications Buyer Insight and Technographics Customer Database which has over 100 data fields that detail company usage of IaaS software systems and their digital transformation initiatives. Apps Run The World wants to become your No. 1 technographic data source!
Apply Filters For Customers
| Logo | Customer | Industry | Empl. | Revenue | Country | Vendor | Application | Category | When | SI | Insight |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
Entrust Datacard | Professional Services | 2500 | $800M | United States | Anomali | Anomali ThreatStream | Threat Modeling | 2015 | n/a |
In 2015 Entrust Datacard implemented Anomali ThreatStream as an enterprise threat intelligence management platform to scale ingestion and operationalization of cyber threat intelligence. Entrust Datacard deployed Anomali ThreatStream to serve as a Threat Intelligence and Analysis Platform supporting defensive cyber operations across its security operations center and enterprise security teams.
The deployment configured Anomali ThreatStream Enterprise for core threat intelligence lifecycle capabilities, including high volume feed ingestion, normalization and enrichment, threat scoring and contextualization, centralized dashboards, and automated alerting. Configurations emphasized automation of indicator triage, tagging schemas and analyst workflow orchestration to surface highly contextualized intelligence for operational use.
Operationalization focused on embedding intelligence into security operations and incident response processes, establishing analyst queues and playbook driven workflows to accelerate movement of indicators into investigation and defense tasks. The platform was operationalized to provide actionable and highly contextualized intelligence in support of defensive cyber operations, enabling Entrust Datacard to scale CTI handling as volumes grew.
|
 |
ExxonMobil | Oil, Gas and Chemicals | 57900 | $323.9B | United States | Anomali | Anomali ThreatStream | Threat Modeling | 2021 | n/a |
In 2021 ExxonMobil integrated Anomali ThreatStream as a core element of its Threat Modeling capability to operationalize cyber threat intelligence across SOC and incident response workflows. The deployment focused on ingesting multiple CTI feeds into Anomali ThreatStream and Splunk SIEM to improve detection capabilities and supply actionable threat context to analysts.
Anomali ThreatStream served as the primary Threat Intelligence Platform, collecting, normalizing, and scoring indicators of compromise, and aligning outputs with Priority Intelligence Requirements to guide threat hunting. Analysts configured threat actor and TTP mappings consistent with the MITRE ATT&CK framework, and developed detection rules and automated playbooks in Splunk Phantom SOAR, using Python and PowerShell to integrate ThreatStream data into alerting and response pipelines.
The implementation integrated Anomali ThreatStream with SentinelOne for endpoint telemetry, Recorded Future and Maltego for enrichment and OSINT investigations, iBoss Proxy for web monitoring, Nexpose and InsightVM for vulnerability context, Palo Alto Prisma Cloud for cloud posture signals, and Nozomi Networks for ICS and OT visibility. Operational coverage spanned SOC operations, incident response teams, cloud environments including Azure and AWS, and critical ICS/OT asset monitoring, enabling cross-domain correlation of threat indicators.
Governance and process changes included formalizing Priority Intelligence Requirements, authoring threat intelligence reports after red team and incident response activities, and creating custom Splunk dashboards to visualize ThreatStream-derived indicators. The program operationalized threat detection workflows and periodic ISO 27001 aligned assessments, and it explicitly improved detection capabilities, streamlined SOC operations, and supplied actionable intelligence for remediation and response as part of ExxonMobil security operations.
|
 |
M&T Bank | Banking and Financial Services | 22080 | $9.2B | United States | Anomali | Anomali ThreatStream | Threat Modeling | 2018 | n/a |
In 2018, M&T Bank implemented Anomali ThreatStream as a Threat Intelligence and Analysis Platform. The deployment centralized threat research and analysis by ingesting and correlating telemetry and indicator data from multiple sources, explicitly including Anomali ThreatStream, Spamhaus, DNSLytics, Cisco Talos, VirusTotal and other commercial and open source intelligence feeds, to identify cyber threats and anomalies for the bank's security teams.
Anomali ThreatStream was used to operationalize standard threat intelligence workflows, including indicator of compromise ingestion, enrichment, correlation and analyst investigation. The implementation emphasized feed orchestration, threat scoring and tagging, and structured analyst workflows for research and hunting, supporting enterprise security operations and the bank's threat intelligence function. Governance activities focused on feed curation and the intelligence lifecycle, with analysts using the platform to consolidate external threat data and surface actionable anomalies for detection and response.
|
 |
|
Oil, Gas and Chemicals | 10412 | $21.6B | United States | Anomali | Anomali ThreatStream | Threat Modeling | 2022 | n/a |
|
|
|
|
Government | 1108 | $301M | United States | Anomali | Anomali ThreatStream | Threat Modeling | 2022 | n/a |
|
|
|
|
Professional Services | 2400 | $1.0B | United States | Anomali | Anomali ThreatStream | Threat Modeling | 2017 | n/a |
|
Buyer Intent: Companies Evaluating Anomali ThreatStream
- British Society of Interventional Radiology (BSIR), a United Kingdom based Non Profit organization with 10 Employees
Discover Software Buyers actively Evaluating Enterprise Applications
| Logo | Company | Industry | Employees | Revenue | Country | Evaluated | ||
|---|---|---|---|---|---|---|---|---|
| No data found | ||||||||