SCOUTINTERXECT™

PAGE 1© 2017 LookingGlass™ Cyber Solutions. All rights reserved.

SCOUTINTERXECT™

Extend ScoutVision™ to Hunt Threats Within Your Network Walls

ScoutInterXect Analysts hunt internal threats, which are identified by gathering nfdump data. These threats can be organized by IP addresses, ports, or other network parameters.

Why Add-On ScoutInterXect?• Understand the threats that have made it inside your firewalls• Gain enhanced inward visibility for security forensics and

outward visibility for better preparedness• Enable faster incident response to threats in your environment• Obtain a more complete, holistic view of possible threats

LookingGlass ScoutInterXect™ is a plug-in for ScoutVision™ that enables analysts to hunt threats within their own environment and see how these might be interacting with threats outside their firewalls. By fusing the context of enterprise network traffic with global network and threat intelligence reporting, ScoutInterXect provides enhanced visibility, enterprise capability, and priority. Analysts can also further operationalize data for incident response and digital forensics.

LOOKINGGLASS SCOUTINTERXECT HARDWARE SPECIFICATIONSSI-1000 SI-2000 SI-3000

Performance (Flows/Second) 3,000 5,000 12,000

Depth 23.5 Inches / 597mm 24.8 Inches / 630mm

Power 180 – 240V, 60–50Hz, 750W 100-240V, 50-60Hz, 920W 100-240V, 50-60Hz, 920W

Memory 256GB RAM 256GB RAM 512GB RAM

Storage 2.4TB Storage 4.8TB Storage 6.4TB Storage

LOOKINGGLASS SCOUTVISION™ ARCHITECTURE

© 2017 LookingGlass™ Cyber Solutions Inc.

CORE INTELLIGENCEPROCESSORNORMALIZEDAGGREGATED CORRELATED CLASSIFIED

SCOUTINTERXECT

SCOUTVISION SECURITY ANALYSTS

NETWORK DEVICES

API

NETWORKFLOW RECORDS

INTERNETTHREAT DATA

DISTRIBUTION

COLLECTION

SCOUTINTERXECT™

PAGE 2© 2017 LookingGlass™ Cyber Solutions. All rights reserved.

ABOUT LOOKINGGLASS CYBER SOLUTIONS

LookingGlass Cyber Solutions delivers unified threat protection against sophisticated cyber attacks to global enterprises and government agencies by operationalizing threat intelligence across its end-to-end portfolio. Scalable threat intelligence platforms and network-based threat response products consume our machine-readable data feeds to provide comprehensive threat-driven security. Augmenting the solutions portfolio is a worldwide team

of security analysts who continuously enrich our data feeds and provide customers unprecedented understanding and response capability into cyber, physical and 3rd party risks. Prioritized, relevant and timely insights enable customers to take action on threat intelligence across the different stages of the attack life cycle. Learn more at https://www.lookingglasscyber.com/.

Know More. Risk Less.

Core Intelligence Processor (CIP) • Automatically gathers and distributes all publicly accessible threat data feeds, as well as

LookingGlass Machine-Readable Threat Intelligence.

FEATURES BENEFITS

LookingGlass Threat Intelligence Analysis team • Receive already analyzed and scored raw data that incorporates threat specific information

and provides a common set of classification and scoring information.

Active Forensic Reporting • Intuitive report structure that describes key activities in network investigations. These include tag and

directional traffic activity aggregates that are arranged by least or most active for a given timespan.

Focused Threat Correlation • Fuse and report context specific to your network operations with unmatched threat intelligence

management capabilities.

• Run ad hoc and daily reports across user-defined line of businesses, market sectors, and network

topology, including: country, ASN, CIDR, IP, and FQDN.

Features & Benefits of ScoutVision when Deployed with ScoutInterXect

Intelligence Filtering • Prioritize and maximize intelligence retention through filter correlations based on specific threat

intelligence and indicators.

Modular Ingest • Add new network communication information via open standard interfaces. Current version

supports NetFlow v1, v5, v7, and v9 and IPFIX via open standard interfaces.

Collaborative Investigations • Increase efficiency by using shareable links that provide fast access to specific research and reports.