BACK TO LIST
Quick navigation

LookingGlass Cyber Solutions

scoutTHREAT from LookingGlass

Threat Intelligence Platform (TIP) that identifies threats before impact
Website
Value Proposition

Problem

While TIPs solved the aggregation problem, the number of feeds you have doesn’t speak to their quality. TIPs collect thousands of millions of IP addresses, but without additional context around who launched an attack and why it was sent, an organization drowns in routine block and tackle. Low-level indicators consume cycles of a security organization’s energy and time. A reactive SOC simply blocks these and waits for hits against rules to take place

Solution

scoutTHREAT is a Threat Intelligence Platform (TIP) focused on helping the organization operationalize intelligence. The platform’s built-in security tradecraft allows threat analysts to link atomic indicators, such as IP addresses or hashes, to higher-level objects such as tactics, techniques or procedures (TTPs) of a threat actor, assign risk scores, and prioritize threats as they pertain to your organization. This allows for intelligencespecific knowledge management to answer why your organization is being targeted, as well as how to prevent similar future attacks.  

Features

  • Threat Modeling: Map low-level indicators to high-level objects to understand attack motives
  • Analyst Workbench: Organize analyst work with a workbench providing a workflow based on business requirements. Typical workflows divide work into area of expertise or geographical regions
  • Risk Scoring: Assign organization-specific risk to TTPs within a threat model
  • Data Consumption Model: Avoid floating indicators by parsing structured and unstructured data and linking to the original report or feed
  • Request For Information (RFI): Single location for threat analyst teams to collect and respond to RFI’s in a standardized way
  • Threat Intelligence Investigation: Search threat intelligence news within your organization’s threat intelligence repository
  • Configurable Threat Framework: Select your framework, such as MITRE ATT&CK or Lockheed Martin’s Cyber Kill Chain, to assign risk scores specific to your organization
  • RESTful API: Create your own custom rulesets or integrate other data feeds
Downloads

Video(s)