Threat Intelligence Analysis and Management

LookingGlass™ ScoutVision™ enables security incident responders, third-party risk monitors, and threat intelligence analysts to transform threat data into action.

ScoutVision is a revolutionary new approach to identifying, classifying and pre-empting cyber security threats targeting commercial companies, critical infrastructure, and government organizations. ScoutVision is a Threat Intelligence Analysis and Management system built on a high availability, low latency, distributed architecture specifically suited for processing unstructured intelligence feeds and performing big data analytics.
ScoutVision in Three Minutes

ScoutVision in Three Minutes

Every day ScoutVision automates the complex task of extracting threat indicators from over 140 data feeds and leverages big data technology to transform that data into a normalized format purpose built to identify threat relationships and correlate multiple pieces of information delivering complete cyber-threat situational awareness. Threat information is managed and presented over a continuously updated global Internet topology map that tracks the ownership, interactions, and changes to your public Internet footprint. This network centric approach to threat intelligence ensures that ScoutVision always delivers relevant information about any publicly facing network element even when no threat indicators have been observed. This is critically important against a backdrop of advanced tactics, techniques, procedures, newly observed domains associated with command and control (C2) servers and route hijacking that redirects Internet traffic to unauthorized destinations.

Click and Learn About ScoutVision

The ScoutVision architecture
ScoutVision provides
Fully multi-tenant
LookingGlass ScoutInterXect


One System: Many Benefits

ScoutVision™ use cases deliver effective counters against malicious actors targeting your network and those of your partners


  • Multi-source, Internet Intelligence based visibility into threats targeting Internet-facing infrastructure
  • Connect your security infrastructure to threat intelligence with a simple to use API

  • Enhance preparation with a contextual map of visible assets
  • Accelerate containment, eradication and recovery by zeroing in on infected hosts
  • Confidence to propose new defenses and procedural changes

  • Dynamic risk mitigation with proactive and continuous monitoring of CIKR sectors, ecosystem partners and your supply chain
  • Dramatic risk reduction with 360° view including peer relationships, M&A targets, alliances and vendor relationships

  • Resolves operational challenge of security appliance rule provisioning and management with comprehensive historical threat context including Indicators of Compromise such as destination IP address and port and user agent

Next Steps