Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Lookingglass Releases Solution to Correlate Network Telemetry and Threat Intelligence

Lookingglass Cyber Solutions, a provider of cyber threat intelligence management solutions, has released a new solution designed to help organizations correlate threat intelligence feeds with network telemetry in order to generate actionable threat reports across businesses globally.

Lookingglass Cyber Solutions, a provider of cyber threat intelligence management solutions, has released a new solution designed to help organizations correlate threat intelligence feeds with network telemetry in order to generate actionable threat reports across businesses globally.

The new offering, ScoutInterXect, complements the company’s ScoutVision Threat Intelligence Management Platform, which is designed to help customers maximize the value and efficiency of threat intelligence.

Lookingglass Logo“With the release of ScoutInterXect, security practitioners can further operationalize the insight ScoutVision provides by correlating recent and historical network telemetry with ScoutVision’s global threat information. ScoutInterXect leverages open standards and commercial netflow to provide telemetry-based threat reports across businesses, vertical markets and global network domains.”

ScoutInterXect leverages open standards and commercial netflow to provide telemetry-based threat reports to security operations and threat intelligence teams. These reports help security teams characterize the level of risk they face and help them understand networks within their ecosystem are at risk and could be leveraged as attack launch or entry points, the company explained.

Key features of ScoutInterXect include:

Focused Threat Correlation – Allows users to run ad hoc and daily reports that help identify risk correlated across user defined business entities, market sectors and network topologies

Active and Forensic Reporting – Provides analysts and security operations personnel visibility to both active and historical telemetry and threat correlation enabling greater context to support mitigation decisions

Modular Ingest – 
Provides the ability to add new network communication information via open standard interface

Intelligence Filtering – 
Filters correlation based on specific threat intelligence and indicators and assists in prioritization and maximizing retention

Advertisement. Scroll to continue reading.

ScoutInterXect provides performance tiers aligned with increasing levels of investigations and threat incident responses to meet multiple organizational needs, ranging from an entry level platform that supports approximately 30 days of retention at 3,000 correlated flows per second, through a “performance level” that can handle roughly 30 days of retention at 12,000 correlated flows per second.

“Our ScoutVision Threat Intelligence Management Platform solves a critical use case for our customers, providing them with visibility and decision support across their threat and risk operations,” said Allan Thomson, Chief Technology Officer at Lookingglass. “With the release of ScoutInterXect, security practitioners can further operationalize the insight ScoutVision provides by correlating recent and historical network telemetry with ScoutVision’s global threat information.” 

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...