Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Lookingglass Enhances Threat Intelligence Monitoring and Management Solution

Lookingglass Cyber Solutions, a provider of cyber threat intelligence management solutions, recently added new workflow and data integration enhancements to its flagship product, ScoutVision.

Lookingglass Cyber Solutions, a provider of cyber threat intelligence management solutions, recently added new workflow and data integration enhancements to its flagship product, ScoutVision.

ScoutVision, Lookingglass’ Cyber Threat Intelligence Monitoring and Management Platform, connects, collects and processes cyber threat indicators and intelligence and provides security teams a “workspace” to research, manage and monitor cyber activity and infrastructure that affect enterprise risk.

Lookingglass Cyber Solutions

The latest version of ScoutVision (v4.3) offers broader capability, scale and system wide integration improving the overall collection, exploitation and workflow, the company said.

The new features are designed to help organizations leverage threat intelligence and assist security teams in managing threat intelligence more efficiently.

Key features and enhancements to ScoutVision include:

System Wide

New Cyber Heads up Display (CyberHUD) Behavior – Provides a “watchlist” style, alerting interface. New indicators added into a monitored network space will be highlighted for the user. Users will also be able to “clear” the watchlist as they vet and address the events that caused an alert situation.

Communications Page Redesign – Simplified and new paging and sorting functions of telemetry and log data to assist users with reduction and prioritization.

Advertisement. Scroll to continue reading.

Bulk import – Users can now bulk import and tag thousands of IP addresses directly via the user interface (UI). This allows users who wish to tag large sets but do not want to do command line scripting to quickly import data sets they have in other systems/formats.

Analyst Workspace

Streamlined User Interface (UI) – Updated look and feel adapted to user’s task focused workflow to make it easy to navigate across network elements.

Scalable Collection & Exploitation Architecture – The new architecture enables faster database writes and includes supports metadata for collection sources.

Historical Timestamps – Provides 90-days of historical indicators associated with specific network entities to track threat activity and observe changes that occur over time.

Premium Indicator Sources – New data relationships enable expanded integration with trusted industry threat sources available through a single analyst workspace.

Collaboration – Improved project import/export functionality enables sharing of information between Lookingglass customers.

Expanded Tagging

Domains – Users can directly associate tags to fully qualified domain names (FQDNs) directly via the UI.

Indicator and Tag History – The system displays a minimum of 90-days of indicators and/or user tags associated with a network element over time.

Unannounced Classless Inter-Domain Routing (CIDRs) Ranges – Users can tag unannounced CIDR ranges to monitor for threat data aggregated for unannounced IP address space.

ScoutVision is deployed as an appliance and can be extended into existing security systems and information through a comprehensive API.

“Our latest release was driven by our customers’ input and necessary architecture changes to support our future roadmap,” said Chris Coleman, Lookingglass president and chief executive officer. “These improvements to our intelligence processing architecture, data persistence and intelligence navigator bring effective and efficient threat data and threat intelligence management and monitoring to our clients.”

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...