ANY.RUN Expands Detection Capabilities with AI Sigma Rules, Industry Threat Landscape & 1,700+ New Detections

DUBAI, DUBAI, UNITED ARAB EMIRATES, January 5, 2026 /EINPresswire.com/ — ANY.RUN, a leading provider of interactive malware analysis and threat intelligence solutions, announced a new set of product updates closing out December 2025, aimed at helping security operations leaders detect threats faster, reduce alert noise, and align response efforts with real business exposure.

𝐓𝐮𝐫𝐧𝐢𝐧𝐠 𝐂𝐨𝐧𝐟𝐢𝐫𝐦𝐞𝐝 𝐓𝐡𝐫𝐞𝐚𝐭𝐬 𝐢𝐧𝐭𝐨 𝐑𝐞𝐮𝐬𝐚𝐛𝐥𝐞 𝐃𝐞𝐭𝐞𝐜𝐭𝐢𝐨𝐧𝐬

The AI Sigma Rules feature in ANY.RUN’s Sandbox automatically converts confirmed sandbox detections into deployable Sigma rules. Built from observed process, file, and network activity, the rules can be exported to SIEM and SOAR platforms within seconds, enabling detections created during one investigation to be reused across future attacks.

𝐈𝐧𝐝𝐮𝐬𝐭𝐫𝐲- 𝐚𝐧𝐝 𝐑𝐞𝐠𝐢𝐨𝐧-𝐒𝐩𝐞𝐜𝐢𝐟𝐢𝐜 𝐓𝐡𝐫𝐞𝐚𝐭 𝐂𝐨𝐧𝐭𝐞𝐱𝐭 𝐟𝐨𝐫 𝐅𝐚𝐬𝐭𝐞𝐫 𝐏𝐫𝐢𝐨𝐫𝐢𝐭𝐢𝐳𝐚𝐭𝐢𝐨𝐧

ANY.RUN’s TI Lookup adds industry and geographic context to indicators, showing which sectors and regions are actively targeted and where related activity is trending. Based on live telemetry from more than 15,000 organizations, it supports faster prioritization, clearer triage, and improved MTTD by aligning threat intelligence with real exposure.

Explore how these updates support faster, more focused security operations in the full December release notes on the ANY.RUN blog.

𝐄𝐱𝐩𝐚𝐧𝐝𝐞𝐝 𝐓𝐡𝐫𝐞𝐚𝐭 𝐂𝐨𝐯𝐞𝐫𝐚𝐠𝐞 𝐰𝐢𝐭𝐡 𝟏,𝟕𝟖𝟓+ 𝐍𝐞𝐰 𝐃𝐞𝐭𝐞𝐜𝐭𝐢𝐨𝐧𝐬

In December, ANY.RUN added 1,785 new detections, including 86 behavioral signatures, 13 YARA rules, and 1,686 Suricata rules. The update improves coverage of phishing, malware, and evasive network activity while reducing false positives across complex attack chains, giving security leaders clearer visibility and faster, more confident prioritization.

𝐀𝐛𝐨𝐮𝐭 𝐀𝐍𝐘.𝐑𝐔𝐍

ANY.RUN supports security operations at more than 15,000 organizations, helping teams detect, analyze, and respond to threats faster through interactive sandboxing and real-time threat intelligence.

The solution combines live malware analysis across Windows, Linux, and Android with Threat Intelligence Lookup and Threat Intelligence Feeds, giving SOCs a single workflow to reduce noise, shorten detection and response times, and focus on threats that matter to the business.

The ANY.RUN team
ANYRUN FZCO
+1 657-366-5050
email us here
Visit us on social media:
LinkedIn
YouTube
X

Legal Disclaimer:

EIN Presswire provides this news content “as is” without warranty of any kind. We do not accept any responsibility or liability
for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this
article. If you have any complaints or copyright issues related to this article, kindly contact the author above.