ANY.RUN, a provider of interactive malware analysis and threat intelligence solutions, today announced the expansion of its entry-level free plan, giving Security Operations Centers (SOCs) and Managed Security Service Providers (MSSPs) the ability to evaluate threat intelligence capabilities directly within their operational workflows.
With this update, security teams can move beyond limited trials and test how contextual threat intelligence impacts real-world processes such as alert triage, incident response, and threat hunting.
A key part of this update is the introduction of an AI-assisted search experience in Threat Intelligence Lookup. Analysts can now describe what they are looking for, while the system translates intent into structured queries using supported parameters and wildcards. This significantly reduces time spent on search syntax and accelerates the transition from alert to insight.
𝗧𝗲𝘀𝘁𝗶𝗻𝗴 𝗧𝗵𝗿𝗲𝗮𝘁 𝗜𝗻𝘁𝗲𝗹𝗹𝗶𝗴𝗲𝗻𝗰𝗲 𝗪𝗵𝗲𝗿𝗲 𝗜𝘁 𝗠𝗮𝘁𝘁𝗲𝗿𝘀
The updated free plan provides access to key capabilities required for meaningful evaluation, including:
• 20 investigations in Threat Intelligence Lookup with AI-assisted search;
• YARA search for pattern-based threat detection;
• Threat Intelligence Reports with structured insights into active campaigns.
This enables teams to assess a critical operational question: whether access to contextual, behavior-driven intelligence improves decision-making speed and accuracy in their SOC.
Also Read: CIO Influence Interview with Gihan Munasinghe, CTO of One Identity
𝗜𝗻𝘁𝗲𝗹𝗹𝗶𝗴𝗲𝗻𝗰𝗲 𝗕𝘂𝗶𝗹𝘁 𝗼𝗻 𝗥𝗲𝗮𝗹-𝗪𝗼𝗿𝗹𝗱 𝗗𝗮𝘁𝗮
ANY.RUN’s threat intelligence is powered by data from its Interactive Sandbox, where hundreds of thousands of analysts across thousands of organizations analyze suspicious files and URLs daily. Each analysis produces detailed behavioral data, including process execution, network activity, and attacker techniques.
𝗕𝗲𝘆𝗼𝗻𝗱 𝗜𝗻𝗱𝗶𝗰𝗮𝘁𝗼𝗿𝘀: 𝗔𝗜 𝗮𝗻𝗱 𝗣𝗮𝘁𝘁𝗲𝗿𝗻-𝗕𝗮𝘀𝗲𝗱 𝗗𝗲𝘁𝗲𝗰𝘁𝗶𝗼𝗻
The combination of AI-assisted search and YARA-based pattern detection allows teams to move beyond static indicators.
AI simplifies access to complex datasets, while YARA search enables identification of malware variants and relationships between threats based on behavioral and structural similarities. Together, these capabilities help analysts uncover connections that would otherwise remain hidden behind fragmented data. These improvements directly impact key performance indicators such as mean time to detect (MTTD) and mean time to respond (MTTR).
𝗦𝗰𝗮𝗹𝗶𝗻𝗴 𝗕𝗲𝘆𝗼𝗻𝗱 𝗘𝘃𝗮𝗹𝘂𝗮𝘁𝗶𝗼𝗻
For organizations ready to operationalize threat intelligence at scale, ANY.RUN offers flexible paid plans designed to support different levels of maturity and integration.
These plans provide access to a broader set of capabilities, including:
• Threat Intelligence Feeds for continuous, automated delivery of enriched indicators;
• Threat Intelligence Reports for structured analysis of campaigns and attacker behavior;
• Threat Landscape insights that map threats to industries and geographies.
Catch more CIO Insights: CIO as Orchestrator of Cross-Functional Digital Strategy
[To share your insights with us, please write to psen@itechseries.com ]
