CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Lookingglass Enhances Threat Intelligence Monitoring and Management Solution

Lookingglass Cyber Solutions, a provider of cyber threat intelligence management solutions, recently added new workflow and data integration enhancements to its flagship product, ScoutVision.

Lookingglass Cyber Solutions, a provider of cyber threat intelligence management solutions, recently added new workflow and data integration enhancements to its flagship product, ScoutVision.

ScoutVision, Lookingglass’ Cyber Threat Intelligence Monitoring and Management Platform, connects, collects and processes cyber threat indicators and intelligence and provides security teams a “workspace” to research, manage and monitor cyber activity and infrastructure that affect enterprise risk.

Lookingglass Cyber Solutions

The latest version of ScoutVision (v4.3) offers broader capability, scale and system wide integration improving the overall collection, exploitation and workflow, the company said.

The new features are designed to help organizations leverage threat intelligence and assist security teams in managing threat intelligence more efficiently.

Key features and enhancements to ScoutVision include:

System Wide

New Cyber Heads up Display (CyberHUD) Behavior – Provides a “watchlist” style, alerting interface. New indicators added into a monitored network space will be highlighted for the user. Users will also be able to “clear” the watchlist as they vet and address the events that caused an alert situation.

Communications Page Redesign – Simplified and new paging and sorting functions of telemetry and log data to assist users with reduction and prioritization.

Advertisement. Scroll to continue reading.

Bulk import – Users can now bulk import and tag thousands of IP addresses directly via the user interface (UI). This allows users who wish to tag large sets but do not want to do command line scripting to quickly import data sets they have in other systems/formats.

Analyst Workspace

Streamlined User Interface (UI) – Updated look and feel adapted to user’s task focused workflow to make it easy to navigate across network elements.

Scalable Collection & Exploitation Architecture – The new architecture enables faster database writes and includes supports metadata for collection sources.

Historical Timestamps – Provides 90-days of historical indicators associated with specific network entities to track threat activity and observe changes that occur over time.

Premium Indicator Sources – New data relationships enable expanded integration with trusted industry threat sources available through a single analyst workspace.

Collaboration – Improved project import/export functionality enables sharing of information between Lookingglass customers.

Expanded Tagging

Domains – Users can directly associate tags to fully qualified domain names (FQDNs) directly via the UI.

Indicator and Tag History – The system displays a minimum of 90-days of indicators and/or user tags associated with a network element over time.

Unannounced Classless Inter-Domain Routing (CIDRs) Ranges – Users can tag unannounced CIDR ranges to monitor for threat data aggregated for unannounced IP address space.

ScoutVision is deployed as an appliance and can be extended into existing security systems and information through a comprehensive API.

“Our latest release was driven by our customers’ input and necessary architecture changes to support our future roadmap,” said Chris Coleman, Lookingglass president and chief executive officer. “These improvements to our intelligence processing architecture, data persistence and intelligence navigator bring effective and efficient threat data and threat intelligence management and monitoring to our clients.”

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.