Lookingglass Cyber Solutions, a provider of cyber threat intelligence management solutions, has released a new solution designed to help organizations correlate threat intelligence feeds with network telemetry in order to generate actionable threat reports across businesses globally.
The new offering, ScoutInterXect, complements the company’s ScoutVision Threat Intelligence Management Platform, which is designed to help customers maximize the value and efficiency of threat intelligence.
“With the release of ScoutInterXect, security practitioners can further operationalize the insight ScoutVision provides by correlating recent and historical network telemetry with ScoutVision’s global threat information. ScoutInterXect leverages open standards and commercial netflow to provide telemetry-based threat reports across businesses, vertical markets and global network domains.”
ScoutInterXect leverages open standards and commercial netflow to provide telemetry-based threat reports to security operations and threat intelligence teams. These reports help security teams characterize the level of risk they face and help them understand networks within their ecosystem are at risk and could be leveraged as attack launch or entry points, the company explained.
Key features of ScoutInterXect include:
• Focused Threat Correlation – Allows users to run ad hoc and daily reports that help identify risk correlated across user defined business entities, market sectors and network topologies
• Active and Forensic Reporting – Provides analysts and security operations personnel visibility to both active and historical telemetry and threat correlation enabling greater context to support mitigation decisions
• Modular Ingest – Provides the ability to add new network communication information via open standard interface
• Intelligence Filtering – Filters correlation based on specific threat intelligence and indicators and assists in prioritization and maximizing retention
ScoutInterXect provides performance tiers aligned with increasing levels of investigations and threat incident responses to meet multiple organizational needs, ranging from an entry level platform that supports approximately 30 days of retention at 3,000 correlated flows per second, through a “performance level” that can handle roughly 30 days of retention at 12,000 correlated flows per second.
“Our ScoutVision Threat Intelligence Management Platform solves a critical use case for our customers, providing them with visibility and decision support across their threat and risk operations,” said Allan Thomson, Chief Technology Officer at Lookingglass. “With the release of ScoutInterXect, security practitioners can further operationalize the insight ScoutVision provides by correlating recent and historical network telemetry with ScoutVision’s global threat information.”
