Interactive Courses + DFIR NetWars Available During SANS Cyber Security Central in June. Save $300 thru 5/12.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Threat Intelligence Solutions: A SANS Review of Anomali ThreatStream

  • Wednesday, November 04, 2020 at 2:00 PM EST (2020-11-04 19:00:00 UTC)
  • TJ Banasik, AJ Nash


  • Anomali

You can now attend the webcast using your mobile device!



Cyber threat data from multiple sources overwhelm todays Security Operations Centers (SOCs) without a centralized method to aggregate it. Many organizations have immature threat intelligence programs that rely on select external threat feeds, which users struggle to analyze. A cyber threat intelligence program requires people, processes, and technology to process, exploit, and disseminate threat data. Threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets informing decisions regarding the subject's response to that menace or hazard[1]. Threat Intelligence Platforms (TIPs) address these challenges by providing a unified solution to consolidate actionable data, automate analyst research, and integrate with security controls.

SANS had the opportunity to review the Anomali ThreatStream® product, a threat intelligence platform providing a unified solution for collecting, curating, and disseminating threat intelligence. ThreatStream rationalizes multiple threat data sources into a single high-fidelity repository by automatically normalizing, de-duplicating, removing false positives, and enriching the threat data, then associating all related threat indicators. ThreatStream applies a highly accurate machine learning algorithm for scoring indicators of compromise (IOCs). In this SANS webcast, SANS expert TJ Banasik and AJ Nash, Sr. Director of Cyber Intelligence Strategy for Anomali, review ThreatStreams key benefits, highlight complimentary Anomali products and provide a use-case performance review.

Register today to be among the first to receive the associated product review written by security expert TJ Banasik.

[1] Gartner Research. (2013, May 16). Threat Intelligence. Retrieved March 30, 2020, from

Speaker Bios

TJ Banasik

TJ Banasik is a SANS analyst and has consulted numerous cybersecurity organizations across the government, military, and commercial sectors. A security operations expert, TJ has extensive experience in security engineering, incident response, insider threat, and threat vulnerability management. TJ has worked as senior program manager for Microsoft Azure Government and director of security operations for Veritas Technologies. He worked previously as Senior Security Operations Center Manager for the U.S. Government Accountability Office (CSRA) and Army Officer with Army Cyber Command (ARCYBER). TJ holds the GCIH, GCWN, GCIA, GCFA, GCCC, GSEC, GPEN, and CISSP-ISSEP, -ISSAP, -ISSMP certifications. He has a graduate degree in intelligence studies concentration cyber from American Military University (AMU).

AJ Nash

AJ Nash is the Sr. Director of Cyber Intelligence Strategy for Anomali. As a cyber intelligence strategist and public speaker, he is primarily focused on building cyber intelligence programs that capitalize on disparate data and information to protect personnel, facilities, data, and information systems. AJ honed his skills across 18 years of military service and defense contracting, serving in roles focused on intelligence collection, analysis, reporting, and briefing. AJ still occasionally consults within the intelligence community and maintains a Top Secret clearance with a full-scope polygraph. AJ holds a Bachelor of Science (B.S.) in Liberal Studies from Excelsior College and a Masters of Arts (M.A.) in Organizational Leadership from Gonzaga University.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.