Anomali Launches ThreatStream Next-Gen to Accelerate Threat Response Workflows
Anomali has unveiled ThreatStream Next-Gen, a new platform designed to accelerate threat response by automating intelligence-driven decision-making across security workflows.
Anomali has officially launched ThreatStream Next-Gen, a platform designed to accelerate threat response by integrating intelligence directly into security workflows. According to the company, the platform has been validated in 50 enterprise deployments to speed up investigations by 300 times compared to traditional security methods Help Net Security.
The platform shifts the focus of security operations from simple detection to active decision-making. By embedding intelligence across data analysis and response workflows, ThreatStream Next-Gen provides security teams with immediate context regarding attackers and active campaigns. This approach aims to address the critical bottleneck in modern Security Operations Centers (SOCs), where analysts often spend hours manually curating intelligence and stitching together disparate data points to validate alerts Help Net Security.
ThreatStream Next-Gen introduces five core capabilities designed to maintain data fidelity from initial production to final action. These include Priority Intelligence Requirements (PIRs), which automate recurring intelligence monitoring, and a Command Center that offers a live, prioritized view of threats to reduce alert noise. Additionally, the platform features an Intelligence Search tool that leverages AI-generated context to link indicators, threat models, and campaigns, effectively compressing investigations that previously took hours into just minutes Help Net Security.
To further streamline operations, the platform includes integrated Case Management to keep response workflows synchronized and a Reporting module that automatically translates technical findings into stakeholder-ready outputs. Anomali CEO Ahmed Rubaie stated that the platform is designed to counter attackers who often exploit identity and behavior within hours, noting that the system is built to support the company’s ongoing innovation in agentic AI Help Net Security.
The launch reflects a broader industry trend toward automating the "decisioning layer" of cybersecurity. As threat actors continue to increase the speed of their operations, organizations are moving away from manual, siloed analysis toward integrated platforms that prioritize actionable intelligence. By owning the transition between raw intelligence and defensive action, Anomali aims to provide security teams with the ability to respond to threats at a speed that matches the current landscape of rapid, identity-focused attacks Help Net Security.