If you click on the name of a listed Threat from the left panel, an Element Details page will load providing you with details about the Threat.
According to the National Institute of Standards and Technology (NIST), a Threat is any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
scoutPRIME retrieves Threat information from a number of sources or data feeds, to provide you with elements that may carry this type of risk.
Here is what each of the sections on Threat Details page provides:
System Information - This section provides information about the Threat, including what systems it affects, description, information on detection, mitigation, and more.
Threat Properties - Based on your research and analysis, you may determine that a Threat represents greater or less risk to your organization. When this happens, you can adjust the current TIC score properties individually for the source, criticality, or classifications. For step-by-step instructions to do this, click here.
Associated Collections - This section contains information on which of your collections contains the element impacted by the Threat. If a number exists in parenthesis next to the section title, it indicates how many collections in your system (all Workspaces) carry the same risky element.
Hashes - If a malicious file (e.g., malware, spyware, a worm, trojan, etc.) is associated with the element, it will list its hash here. You can look up the hash on a website such as VirusTotal to tell you what the malicious file is and what it does.
Notes - Here you can view notes others or you have created about this Threat. You can also add a new one by clicking the + (plus sign) icon on the section's top right corner.
Related Content