scoutPRIME - Key Terms
Written by Benjamin Dewey
Updated over a week ago

Key Term



An Autonomous System Number (ASN) consists of blocks of IP addresses that are administered by a single organization but may be made up of several operators.

ASN Examples:

  • AS15169 (Google)

  • AS7233 (Yahoo)

  • AS30083 (GoDaddy)


In scoutPRIME, associations are the relationships between risks and elements.

(Search for the definition of "risk" and "element" on this table).

CIDRv4 or v6

Blocks of IP (v4 and v6) addresses assigned to networks.




  • 2002::1234:abcd:ffff:c0a8:101/64


A collection is a set of elements that defines the attack surface of an organization, entity, or system, along with any additional information that may be available.

Common Vulnerabilities and Exposures (CVE)

A CVE is a known vulnerability or security flaw that has been assigned a number by a CVE Numbering Authority (CAN) such as Red Hat, IBM, Cisco, Oracle, Microsoft or MITRE.

The master list of CVEs is maintained by MITRE corporation at the following URL:


  • CVE-2019-0011

  • CVE-2020-0210

  • CVE-2021-3456


A website address.







An element is an online asset owned or registered to an "Owner" (see definition on this page). In scoutPRIME, threats and vulnerabilities are not elements, but can be viewed in the Element Details page.

Element Examples:

  • IPv4 or v6 addresses

  • ASNs

  • CIDRv4 or v6 blocks

  • FQDNs

  • Domains

  • DNS Records

  • Security Certificates


A fully qualified domain name (FQDN) is the complete domain name for a specific computer, or host, on the internet. The FQDN consists of two parts: the hostname (e.g., "www") and the domain name (e.g.,


IPv4 or v6

A unique address that is used to identify computers or nodes on the internet.

IPv4 Examples:




IPv6 Examples:

  • 2001:4860:4860::8888

  • 2001:4860:4860::8844

  • 2803:9090:2222::0000


Owners or registrants of one or more domains, ASNs, CIDRs, FQDNs, or IP address blocks.


  • Comcast

  • Google

  • GoDaddy

  • IBM


An automated process of discovery that uncovers ASNs, CIDRs, FQDNs and IP addresses belonging to a specified owner.


In scoutPRIME, a risk is a threat and/or vulnerability.

(Search for the definition of "threat" and "vulnerability" on this table).


A circumstance, individual(s), or event that adversely impacts network operations and assets.


  • A hacker(s)

  • Malware

  • A data breach

  • Brute force attacks

  • Buffer overflows

  • Ransomware

  • Unpatched software

The Threat Indicator Confidence score (TIC) indicates the potential risk of a given threat. TIC is calculated via a complex proprietary algorithm. TICs are calculated in the background, usually taking a few minutes to an hour.


Software library outdated or compromised. A vulnerability is listed by its CVE number.

(Search for the definition of "CVE" on this table).

Did this answer your question?