scoutTHREAT & TICE - v12.4.0 Release Notes
Written by Benjamin Dewey
Updated over a week ago

Release Version 12.4.0

May 6, 2022

scoutTHREAT Highlights

LookingGlass scoutTHREAT v12.4.0 includes several important enhancements and functionalities, including:

  • A completely new User Interface (UI) which includes a dashboard with three customizable intelligence data lanes for quick browsing.

  • The integration of TICE to share intelligence data to the community, as well as features for automated validation, with appropriate permissions for manual deconfliction.

  • Improved features for workflows and intelligence data management, such as checklists, workbenches, entity extraction, and more.

  • New oAuth2 Single Sign-On Authentication with LookingGlass Suite.

  • The ability to set user permissions and roles (Executive, Analyst, Senior Analyst, Administrator)

  • New enhancements to search functions, including:

    • The ability to export data via CSV with custom fields filter

    • Enabled search function for local system and on TICE. Download data from other TICE users.

    • Ability to filter criteria

  • Enhanced Request For Information (RFI) section to create and edit content.

    Enhanced Request For Information Section

  • New features for Information Reports, including:

    • Support of attachments, checklist, notes and opinions.

    • Entity Extraction on reports and attachments (IPv4 and URL).

  • Enhances to External References section to create and edit content.

  • New features for workbenches to support Checklists, Threat Queries, linked reports, and add/link RFIs.

    Improved Workbench Section

  • New functions for handling Threat Queries locally and on TICE. And, automated searches.

  • Ability to create custom checklist templates and publish them to workbenches and reports.

  • STIX 2.1 supported Intelligence Objects: Attack Pattern, Report, Identity, Campaign, Location, Infrastructure, Indicator, Malware, Threat Actor, Tool, Vulnerability, Note, Opinions, and Observables (MAC address, IPv4, IPv6, URL, etc.).

    Added Intelligence Objects

  • New scoutPRIME integration for sharing data between tools.

  • Added Threat Actor automated relationships via AILA (ML/NLP) to make an analyst's work more efficient.* New accessible and updated User Guide (HTML, PDF, Word), Release Notes, Bugs, Fixed Bugs, and API documentation.

    TICE and TICE Module Highlights

  • New User Interface (UI) with a homepage that features information on intelligence items available for validation.

  • Ability to share objects through TICE between participating tenants.* Enable anonymization so only the landlord can see the actual source of the shared data.

  • Ability for TICE to support all STIX 2.1 objects available in scoutTHREAT including, Information Reports, Threat Actors, Vulnerabilities, Malware, Location, Indicators, Tools, Attack Patterns, etc.

  • Ability for tenants to run queries on TICE data.* Ability for tenants to subscribe to TICE data.

  • Ability for tenants to use the Rule Manager for sorting through the intelligence they need.

  • Feature to enable intelligence data items from subscriptions to be automatically and manually validated.

  • Ability for tenants to push data from scoutTHREAT to TICE (Cloud/Landlord).* Integration to support threat actor intelligence data from MITRE and MISP feeds.

  • Ability for data intelligence subscriptions based on Threat Queries.

  • API integration available (OpenAPI3) for potential 3th party integrations.

  • New user documentation (as a chapter in scoutTHREAT documentation).

  • API documentation.

Known Issues

No known issues for this release.

Full scoutTHREAT User Documentation

Did this answer your question?