The fast integration of cybersecurity threat intelligence into enterprise risk management is essential for securing business operations and critical functions. It enables your team to prioritize security improvements, efficiently allocate resources, and align with business objectives. It enables your team to broadly respond to shifts in attacker techniques as well as to thwart specific attacks.
Map low-level indicators to high-level objects, adding context and correlation to adversary attack motives.
Score your threat model to highlight your high-priority risks.
Address your security weaknesses based on your highest priorities.
Features & Functionalities
Interoperability — Data model based on the STIX data format for ingesting or disseminating information, as well as a RESTFUL API that allows quick integration.
Selectors & Workbenches — “Analyst Desks” that automatically process new intelligence based on thematic criteria to reduce noise and alert analysts to new intelligence requiring assessment. This maximizes your teams productivity.
Access Controls and Data Marking — natively supports a data handling model using the industry Traffic Light Protocol (TLP) procedures to ensure protection of sensitive/proprietary threat information.
Secure and Compliant — a secure platform allowing permissioned and entitled individuals access to specific case details based on pre-defined roles which also satisfies privacy concerns.
Threat Indicator and Entity Extraction — Extract key attack indicators, allowing for rapid correlation and processing. Pushing these indicators directly to security devices and controls rapidly and automatically help stop attacks in real time.
scoutTHREAT’s Goldman Sachs Legacy
By using an attack frame work built upon the approaches of the cyber kill-chain and Mitre ATT&CK, Goldman Sachs analysts can asses adversaries versus the effectiveness of enterprise security controls to prioritize defensive actions in response. However, the amount of intelligence coming from all sources can be overwhelming – analysts can spend too much time reading reports to determine what is most relevant to them, and miss critical ones that should be immediately actioned.
Thus, the precursor to scoutTHREAT was created, enabling analysts to ingest intelligence and indicators in an efficient and automated way so that they had time to do what they were hired for – model cybersecurity threats, quantify their risk to the firm – and above all take decisive and timely action.