Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Lookingglass Enhances Threat Intelligence Monitoring and Management Solution

Lookingglass Cyber Solutions, a provider of cyber threat intelligence management solutions, recently added new workflow and data integration enhancements to its flagship product, ScoutVision.

Lookingglass Cyber Solutions, a provider of cyber threat intelligence management solutions, recently added new workflow and data integration enhancements to its flagship product, ScoutVision.

ScoutVision, Lookingglass’ Cyber Threat Intelligence Monitoring and Management Platform, connects, collects and processes cyber threat indicators and intelligence and provides security teams a “workspace” to research, manage and monitor cyber activity and infrastructure that affect enterprise risk.

Lookingglass Cyber Solutions

The latest version of ScoutVision (v4.3) offers broader capability, scale and system wide integration improving the overall collection, exploitation and workflow, the company said.

The new features are designed to help organizations leverage threat intelligence and assist security teams in managing threat intelligence more efficiently.

Key features and enhancements to ScoutVision include:

System Wide

New Cyber Heads up Display (CyberHUD) Behavior – Provides a “watchlist” style, alerting interface. New indicators added into a monitored network space will be highlighted for the user. Users will also be able to “clear” the watchlist as they vet and address the events that caused an alert situation.

Communications Page Redesign – Simplified and new paging and sorting functions of telemetry and log data to assist users with reduction and prioritization.

Bulk import – Users can now bulk import and tag thousands of IP addresses directly via the user interface (UI). This allows users who wish to tag large sets but do not want to do command line scripting to quickly import data sets they have in other systems/formats.

Analyst Workspace

Streamlined User Interface (UI) – Updated look and feel adapted to user’s task focused workflow to make it easy to navigate across network elements.

Scalable Collection & Exploitation Architecture – The new architecture enables faster database writes and includes supports metadata for collection sources.

Historical Timestamps – Provides 90-days of historical indicators associated with specific network entities to track threat activity and observe changes that occur over time.

Premium Indicator Sources – New data relationships enable expanded integration with trusted industry threat sources available through a single analyst workspace.

Collaboration – Improved project import/export functionality enables sharing of information between Lookingglass customers.

Expanded Tagging

Domains – Users can directly associate tags to fully qualified domain names (FQDNs) directly via the UI.

Indicator and Tag History – The system displays a minimum of 90-days of indicators and/or user tags associated with a network element over time.

Unannounced Classless Inter-Domain Routing (CIDRs) Ranges – Users can tag unannounced CIDR ranges to monitor for threat data aggregated for unannounced IP address space.

ScoutVision is deployed as an appliance and can be extended into existing security systems and information through a comprehensive API.

“Our latest release was driven by our customers’ input and necessary architecture changes to support our future roadmap,” said Chris Coleman, Lookingglass president and chief executive officer. “These improvements to our intelligence processing architecture, data persistence and intelligence navigator bring effective and efficient threat data and threat intelligence management and monitoring to our clients.”

Written By

Click to comment

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Threat Intelligence

How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers.

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Cybercrime

Cybercriminals earned significantly less from ransomware attacks in 2022 compared to 2021 as victims are increasingly refusing to pay ransom demands.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).