scoutthreat Key Features
Automated threat indicator and entity extraction scoutTHREAT offers automatic extraction of key attack indicators from both structured and unstructured threat intelligence for rapid correlation and processing, freeing up your analysts from sorting through troves of data to hone in on the most relevant threat intelligence.
Flexible, collaborative workbenches Organize analyst tasks with customized workbenches based on mission or business requirements, such as an area of expertise (e.g., malware) or a geographic area (e.g., Russia desk).
Automated processing of threat intelligence and customized alerting Enable faster response with automated processing of new intelligence based on thematic criteria and information most relevant to your organization and customized tipping and queueing to your analysts to prioritize items for investigation, mitigation, or threat hunting.
Standards-based data collection and storage, with interoperability in mind Leverage the efficiency of your analysts and scoutTHREAT’s RESTful API and STIX data formatting for quick integration of data ingestion or dissemination of information across your teams and technologies.
Configurable threat framework and data marking Model threat actors and threat intel using cyber frameworks relevant to your organization. scoutTHREAT natively enables you to model threat actor data and capabilities via the MITRE ATT&CK framework, the Lockheed Martin Cyber Kill Chain, NIST Cybersecurity Framework, and more. You can also apply industry Traffic Light Protocol (TLP) procedures to ensure protection of sensitive/proprietary information.
Risk prioritization based on your organization’s security controls Apply intelligence outputs of adversarial risk to your organization’s security controls to better understand your risks, prioritize mitigations, and communicate effectively with decision-makers on potential impact to business objectives.