Threat intelligence analysts face a number of significant challenges:
- A single source of threat data is by definition uncorroborated. Multiple sources of threat data are needed.
- Aggregating and distilling multiple sources of threat data into something resembling threat intelligence becomes a big data problem.
- Threat intelligence feeds are delivered from the perspective of the proffering source, and the data lacks organizational context that the threat analyst requires.
LookingGlass® scoutPRIME® resolves all those challenges.
scoutPRIME aggregates over 140 threat feeds, performing all required big data operations. More importantly, scoutPRIME threat observations gleaned from the feed data, including malware, tactics, techniques and procedures, are overlaid on a continuously-updated cyber threat map: a real-time representation of the Internet’s infrastructure, connectivity and asset ownership. And scoutPRIME offers even more:
- Threat Indicator Confidence: constantly-updated scoring of threat indicators enables rapid prioritization of analytical activities
- A combination of collaboration capabilities enables teams to work together, collecting and sharing threat information even from outside the organization.
The result is a force-multiplier effect on the efficiency and productivity of any threat intelligence analyst. Learn more about scoutPRIME.