LookingGlass, with its roots in the U.S. Intelligence community, realized that there were advanced approaches to conducting cyber defenses that needed to be adopted by the corporate mainstream. One of these approaches was to effectively leverage Internet intelligence to gain situational awareness of an organization, government, or country. “We have expanded upon the capabilities of our genesis and have sought to add additional capabilities that focus on addressing the total cyber intelligence life cycle,” mentions Coleman.
With the firm’s revolutionary approach to combat threats, LookingGlass’ ScoutVision platform addresses the customers’ need to manage vast amounts of threat information and intelligence collected on a global scale, while correlating back Internet assets. The platform enables incident response, visibility into third party risks, and increased threat and situational awareness of an organizations’ overall public footprint. ScoutVision is also leveraged by customers to share threat information and intelligence as well as enrich traditional security operations and technologies by incorporating threat as a contextual element.
The company’s portfolio is focused to deliver critical sources of threat information to its products and customers. Cyveillance Infection Records (CyIR) is one of those sources in the LookingGlass portfolio.CyIR collects information on a global scale about hosts that have been infected by botnets. This information can be used by customers to track infected hosts on their networks as well as risk originating from their partner networks.
Threat intelligence doesn’t just augment and strengthen existing security assets, it offers the ability for enterprises to become more proactive in their risk and security posture
In addition, the company’s ScoutInterXect solution focuses on further correlation of threat information and intelligence with internal network communications. This capability not only can minimize the damage of a breach but also aid incident responders in quickly scoping a breach across the enterprise.
Organizational risk introduced by third parties is a substantial concern to many corporations. LookingGlass’ Scout product line gives customers ways to gain better visibility into the risks that their third-party vendors pose. Traditionally, a vendor assessment was performed on a periodic basis that indicated potential areas of weakness or vulnerabilities that could translate to an inherited risk. With ScoutVision, the customer is able to augment the previous approach with threat information and intelligence associated with the third-party internet infrastructure to gain visibility in a near real-time fashion.
“Enterprise risk and security operations are seeking a tighter coupling and more automated and integrated processes within the overall security technology investment portfolio with the focus on enabling more efficiency and effectiveness of their highly valued experienced staff. Threat intelligence doesn’t just augment and strengthen existing security assets, it offers the ability for enterprises to become more proactive in their risk and security posture. This critical information can be used to address risk across the organization to include brand, physical security and cyber protection,” concludes Coleman.