NOTE: This feature may or may not be included in your user license. Check with your administrator or contact LookingGlass Support for assistance.
Adding a threat manually on scoutPRIME is a feature that can help you keep track of any new emerging threats or intelligence items that have yet to be delivered by a data feed.
You can also use this feature for tracking threats that are unique to your organization or field.
The table below shows the types of threat classifications in the system. New classifications can be added by contacting LookingGlass Support.
Automatic Transfer System
Brand or Image Degradation
Bulletproof Hosting/rouge Hosting
Corn Chemical, Biological, Radiological, Nuclear
Collective Threat Intel
Credential Theft Botnet Operator
Credential Theft Botnet Service
Cyber Espionage Operations
Data Breach or Compromise
Degradation of Service
Disruption of Service
Electronic Payment Methods
Fast Flux Botnet Hosting
File Hash Watchlist
Legitimate Domain Registration Services
Loss of Competitive Advantage
Malicious Domain Registrars
Money Laundering Network
Organized Crime Actor
POS - ATM
Regulatory, Compliance or Legal Impact
Remote Access Trojan
Russian Business Network
State Actor or Agency
Stress Test Tool
Threat Actor Characterization
Top-level Domain Registrar
Underground Call Service
User Data Loss
User-generated Content Websites
Adding a New Threat
To add a new threat to your scoutPRIME system, you must be a user who belongs to a Group that has been granted Global Permissions to:
Contact your administrator to grant you these permissions or contact LookingGlass Support.
1. First, ensure that you belong to a Group that has the above Global Permissions enabled.
2. Click on the ellipsis (three dots), below the navigation bar on the right hand side of the Workspace Dashboard page, then select New Threat.
The New Threat page will load.
3. Next, add the threat's name. Then, enter the Criticality Score which is the same as the TIC Score. For score range information, click here.
4. You can create the Source of the threat intelligence, simply type it in the field, then select Create when you are done.
5. Next, choose the threat's Classification from the drop-down menu.
6. Add any elements associated with the threat - you can do this manually or by clicking ADD ELEMENTS. Examples of elements include:
7. You can also add Metadata and a Description of the threat. When you are finished, click Save.
8. A banner will appear at the bottom of the page to confirm that you have successfully added the new threat.
Searching for a Newly Added Threat
To search for a threat you have added manually, first, give the system a few minutes to process it. Then, type its in name in the search field and select the Associated Risks filter.
The search results page will display the threat you added manually.
You can click on the threat's name from the search results list to view it in the Element Details page.