Power Up HP ArcSight With The Best Threat Intelligence Platform

Boost your SIEM’s performance and enable your analysts to be more effective with the most comprehensive threat intelligence platform available in the market today.

LookingGlass solutions are uniquely architected to discover, understand, manage and mitigate threats both inside and outside an organization’s infrastructure. LookingGlass Cyber Solutions delivers the most extensive sources of threat data available out of the box along with continuous monitoring and assessment of global Internet intelligence risks and activities for the ultimate threat visibility and understanding.

Turbo Charge Your SIEM Here are just a few ways LookingGlass solutions can power up your SIEM:

1) Threat IntelligenceLookingGlass ScoutVision generates, sources and delivers the most extensive sources of threat data available—over 140 sources in all including LookingGlass VirusTracker, the largest global botnet monitoring system in the world. Use the open API to add even more of your own threat sources. LookingGlass removes the burden of having to make sense of various threat feeds, timing, content and formats by gathering, ingesting, aggregating, normalizing, enriching, analyzing and prioritizing threat data to turn it into actionable threat intelligence. 2) Internet IntelligenceLookingGlass ScoutVision global Internet intelligence capabilities enable organizations to identify and track global Internet ownership, peer relationships and route changes which gives customers unique insight into how corporate networks may be attacked through its public facing attack surface. Now, using ScoutInterXect, organizations can correlate what’s happening with network traffic inside their perimeter and threats outside their network. Essentially, it gives an understanding of how your network is interacting with threats on the Internet.

3) Dynamic Threat DefenseLookingGlass enables security analysts to simply or automatically mitigate risks. Either directly from LookingGlass or via the SIEM, LookingGlass devices can be alerted to take action such as Block, Re-Direct, Sink-Hole, or Rate Limit based on information that is detected in the system. This advanced capability speeds the time to defense against threats as well as increases analyst efficiencies.

4) HP ArcSight IntegrationLookingGlass integrates right out of the box with HP ArcSight by leveraging the Common Event Format (CEF). This integrated approach allows ArcSight users to incorporate the power of LookingGlass directly into their SIEM infrastructure leveraging the rules and processes that are part of their existing workflow.

Power Up HP ArcSight With The Best Threat Intelligence Platform

Threat Intelligence SolutionsAs part of the LookingGlass dynamic threat defense solution set, select LookingGlass threat intelligence products include:

LookingGlass ScoutVision™ The ScoutVision foundation is a continuously updated cyber threat map—a real-time representation of the Internet’s infrastructure, connectivity, and asset ownership combined with threat observations including malware, TTPs and actors. Only ScoutVision delivers true Internet intelligence on global IP and DNS registrations, autonomous systems, and routing activity. ScoutVision then aggregates LookingGlass proprietary threat intelligence, including the world’s largest bot-net sensor network, and fuses it with over a hundred threat data feeds from open source and commercial providers. The result is a comprehensive threat intelligence management system, complete with API’s and applications for integrating with other security platforms, including internal network and threat telemetry. ScoutVision provides unmatched context for understanding cyber threats and risks—revealing spatial, temporal, ownership, and indicator relationships both historically and in near real-time.

LookingGlass VirusTracker®, included in ScoutVision or available separately, is the largest global botnet monitoring system in the world to deliver threat data on new and existing malware infections and a blacklist of known malicious domains. LookingGlass ScoutInterXect™ScoutInterXect is an add on capability to ScoutVision which correlates historical and real-time customer specific network telemetry with global threat intelligence for complete visibility into how your network is interacting with Internet based threats and threat actors. ScoutInterXect ingests NetFlow data and correlates enterprise traffic with threat intelligence. The result is enhanced visibility for security forensics and faster incident response actions.

LookingGlass DNS Defender®

DNS Defender is a DNS protocol specific firewall and DNS DDoS protection appliance. With ScoutVision threat intelligence integration, DNS Defender is transformed into a DNS dynamic threat defense system for protecting against advanced malware C2 control traffic, corporate spear-phishing attacks, and websites hosting drive by download malware.

Learn MoreLookingGlass Cyber Solutions is the leader in threat intelligence and dynamic threat defense. LookingGlass empowers customers with Big Data analytics and robust on premise or hosted solutions that provide rich actionable insights and tools to confidently enable effective security decisions and efficient security operations at every stage of the threat lifecycle.

For more information, visit lgscout.com.

© 2015 LookingGlass Cyber Solutions, Inc. All Rights Reserved

LookingGlass Cyber Solutions, the leader in threat intelligence and dynamic threat defense, enhances security operations through verified multi-source threat information fused with real-time Internet intelligence. LookingGlass delivers threat intelligence analysis, management, and mitigation systems that empower customers with comprehensive risk insights to confidently enable effective security decisions and efficient security operations.

For more information, visit www.lgscout.comor call 888.SCOUT.93

Incident Response • Correlation of network telemetry and threat

intelligence to prioritize security events • Ad hoc and scheduled reports enable

insight for security stakeholders

2Threat Intelligence Analysis

• Multi-source, Internet intelligence based attack surface visibility

•ConfigurableTICscoringdeliversindustryand organizational relevance

• Connect your security infrastructure to threat intelligence with simple to use API’s

1Third-Party Risk Monitoring

• Dynamic risk mitigation with proactive and continuous monitoring of CIKR sectors, ecosystem partners and your supply chain

• Dramatic risk reduction with 360º view including peer relationships, M&A targets, alliances, and vendor relationships

3