LookingGlass ScoutPrime™ makes security analysts more efficient in addressing their threat landscape. By customizing how threat intelligence is viewed, scored, prioritized, and acted upon, ScoutPrime makes cyber threat discovery easier and reduces time to action.
With SCOUTPRIME™, organizations can leverage:
Normalized threat intelligence for both pre-packaged data feeds, as well as any other data feeds an organization may have.
The LookingGlass Threat Indicator Confidence (TIC) scoring system to organize responses and respond to threats faster.
Who Benefits from SCOUTPRIME™ Internet Intelligence:
Information Security Operations –
Security Operations Centers (SOC) can select and monitor network elements for new threats or changes to existing threats via the TIC score as displayed in the confidence summary. SOCs can also receive notification of the changes in risk to threat intelligence, allowing them to take appropriate action to mitigate the threats.
Third Party Monitoring –
Monitor third-party network elements for changes in associated threat intelligence and customize risk scoring for the associated threat intelligence. Organizations can then make risk-based decisions for partners and other companies that are directly or indirectly associated with them.
Features – Benefits
Threat Indicator Confidence (TIC)
Find relevant intelligence faster & reduce “alert fatigue” by ranking threats based on factors such as an organization’s environment, threat landscape,and security posture. TIC scoring is only available in ScoutPrime.
Aggregated Threat Data
Access to the largest collection of threat intelligence data gleaned from a wide variety of sources, including LookingGlass proprietary intelligence and LookingGlass Machine-Readable Threat Intelligence.
Easily collaborate and share threat data and analysis with team members or other groups within your organization. Work-space customization provides environments for repeatable analysis or investigation.
Learn about relevant incidents faster by receiving alert trigger notifications based on any expression used in the advanced search system.
Faster visualization of relationships between network entities and threat intelligence. – Rapidly pivot to related elements based on ASNs, CIDRs, FQDNs, IPs and observables.
STIX & TAXII Support
Rapidly discover new and emerging cyber threats with industry threat intelligence sharing.
RESTful API enables customers to integrate with other security analytics tools.
LookingGlass™ ScoutPrime™ enables third party risk monitors, security operations centers and threat researchers to use advanced threat scoring to make better decisions using actionable threat intelligence. By correlating global internet topology with active threat intelligence, ScoutPrime has the flexibility to support a number of use cases such as 3rd Party Risk monitoring, Security Operations, Incident Response and Threat Research. Additionally, ScoutPrime provides organizations with dynamic alerting capabilities to automate the discovery of new actionable threat intelligence and ultimately decide what action needs to be taken to mitigate the threat.