scoutPRIME focuses on dynamic, global and attack
surface monitoring through passive discovery and identification from known,
unknown or unmonitored assets. It pulls structured data from more than 80 data
feeds and overlaid with indicators of compromise and risk to highlight specific
threats from external sources targeting a network.As the world becomes more interconnected
organizations simply can’t exist on their own without third parties and other
organizations toughening up their IT infrastructures. The blind trust this
creates poses a serious security concern. scoutPRIME addresses third-party
cyber risk, beginning with footprinting third-party network assets. It overlays
assets with intelligence surrounding indicators of compromise and risk and
provides 24/7 monitoring of all vendors. The Threat Indicator Confidence score
prioritizes risks to building an outside-in view of organizations.scoutPRIME monitors an extensive list of items, including phishing activity, port/cert information, CVE data, malware, viruses and more. It scans the surface web, social web, deep web and dark web 24/7.The Threat Indicator Confidence (TIC) score
provides a single value of a threat assessment. It supports cyber analysts and
operation personnel in locating the most relevant and actionable threats for
better prioritization, investigation, response and mitigation. Multivector
scoring includes source rating (level of trust), threat classification and
criticality (severity of the threat). The solution further prioritizes risks
based on the threat landscape as well as an organization’s specific risk
tolerance, environment and security posture.After searching a company, an analyst conceivably
could drop all populated information (or a selected portion) into a collection,
or grouping of network elements. Clicking on an element in Collection
Management automatically brings up the Element Details menu page, which gives
analysts the option to dig deeper into the information to figure out what actions
to take. scoutPRIME lets analysts pick and choose configurations to eliminate
false positives, which differentiates LookingGlass from other companies.scoutPRIME ingests a lot of BGP routing data, ARIN data, WhoIS information and domain/DNS information, resulting in focused asset ownership that highlights who assets belong to and continuously updating threat data every fifteen minutes. More than 87 feeds come out-of-the-box, 17 of which are proprietary feeds.It is possible to run a Vendor Score Card Report
within the platform and talk about categories of risk, breaking down elements
of risk and showing what needs to be highlighted. MSSPs can use feature to
review large networks.This is a worthy option in the threat intelligence
platform space that offers numerous customizations and monitoring capabilities for
comprehensively managing the risk posed by third parties.Starting price is $25,000. Support offerings include Standard and Premium for 24/7 phone, email and website support are included. The website does not have FAQs or a knowledgebase. Tested by: Tom Weil
Content
LookingGlass scoutPRIME 2019.2.J.46
Product title
LookingGlass scoutPRIME 2019.2.J.46
Product info
Vendor: LookingGlass Cyber Solutions, Inc.
Contact: www.lookingglasscyber.com
Product: scoutPRIME 2019.2.J.46
Price: $25,000
Strength
Analysts can pick and choose configurations to eliminate false positives.
Weakness
None that we found.
Verdict
This is a worthy option in the threat intelligence platform space, offering a lot of customizations and monitoring capabilities to comprehensively manage the risk third parties pose.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds