Skip to main content

Anomali ThreatStream

anomali-threatstream

Version: 1.2
Updated: Jun 27, 2023

Anomali ThreatStream (previously known as ThreatStream Optic) is Threat Intelligence Management that automates the collection and processing of raw data, filters out the noise, and transforms it into relevant, actionable threat intelligence for security teams. This integration allows you to pull threat intelligence from the ThreatStream platform, import observables into ThreatStream, manage threat model entities and investigations, and so on.

  • Search Into Observables (Enrichment) - To retrieve threat intelligence from ThreatStream.
  • Add Observable (Containment) - To import structured threat data (observables) into ThreatStream, without requiring approval of the imported data through the ThreatStream UI.
  • Update Observable Tags (Containment) - Enables you to add observable tags in bulk.

Configure Anomali ThreatStream in Automation Service and Cloud SOAR​

Before you can use the integration, you must configure it so that the vendor can communicate with Sumo Logic. For general guidance, see Configure Authentication for Integrations.

Change Log​

  • November 10, 2022 - First upload
  • June 26, 2023 (v1.1) - Updated the integration with Environmental Variables
  • June 27, 2023 (v1.2) - Removed leading/trailing spaces
Edit this page
Last updated on by John Pipkin (Sumo Logic)
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2025 by Sumo Logic, Inc.