Threat PlatformsscoutTHREAT™
Identify threats before impact
Cybersecurity is continuously evolving—both threat actor methods and security practitioner defense. Continuously adjusting to these evolving Tactics, Techniques, and Procedures (TTPs) is a challenge to even the most advanced security operations. Collecting high-quality intelligence is not enough—security teams must be able to contextualize, process, and put into practice the intelligence it ingests in order to protect their organization.
As the volume of intelligence increases, your organization needs a scalable cybersecurity threat management platform. Automation and higher workflow reduces the need for costly analysts and team members, without compromising the efficacy of your cybersecurity program.
Conceived by Goldman Sachs, scoutTHREAT is a Threat Intelligence Platform (TIP) that enables your cybersecurity program to identify threats before impact.
WHITE PAPER
The Power of a
Tailored Threat Model
VIDEO
scoutTHREAT
Platform
Why scoutTHREAT?
The fast integration of cybersecurity threat intelligence into enterprise risk management is essential for securing business operations and critical functions. It enables your team to prioritize security improvements, efficiently allocate resources, and align with business objectives. It enables your team to broadly respond to shifts in attacker techniques as well as to thwart specific attacks.
Threat
Modeling
Map low-level indicators to high-level objects, adding context and correlation to adversary attack motives.
Risk
Scoring
Score your threat model to highlight your high-priority risks.
Gap
Analysis
Address your security weaknesses based on your highest priorities.
Features & Functionalities
Interoperability — Data model based on the STIX data format for ingesting or disseminating information, as well as a RESTFUL API that allows quick integration.
Selectors & Workbenches — “Analyst Desks” that automatically process new intelligence based on thematic criteria to reduce noise and alert analysts to new intelligence requiring assessment. This maximizes your teams productivity.
Access Controls and Data Marking — natively supports a data handling model using the industry Traffic Light Protocol (TLP) procedures to ensure protection of sensitive/proprietary threat information.
Secure and Compliant — a secure platform allowing permissioned and entitled individuals access to specific case details based on pre-defined roles which also satisfies privacy concerns.
Threat Indicator and Entity Extraction — Extract key attack indicators, allowing for rapid correlation and processing. Pushing these indicators directly to security devices and controls rapidly and automatically help stop attacks in real time.
scoutTHREAT’s Goldman Sachs Legacy
By using an attack frame work built upon the approaches of the cyber kill-chain and Mitre ATT&CK, Goldman Sachs analysts can asses adversaries versus the effectiveness of enterprise security controls to prioritize defensive actions in response. However, the amount of intelligence coming from all sources can be overwhelming – analysts can spend too much time reading reports to determine what is most relevant to them, and miss critical ones that should be immediately actioned.
Thus, the precursor to scoutTHREAT was created, enabling analysts to ingest intelligence and indicators in an efficient and automated way so that they had time to do what they were hired for – model cybersecurity threats, quantify their risk to the firm – and above all take decisive and timely action.