Team Cymru, a cybersecurity company, has launched a new tool called Pure Signal Scout that aims to enhance the capabilities of security operations centers (SOCs) in detecting external threats and analyzing malicious infrastructure. The tool is being touted as the fastest in the market and is expected to save analysts’ time by providing quick answers to complicated queries.
According to Josh Picolet, the team leader of Team Cymru’s S2 Threat Research, Pure Signal Scout has drastically improved their efficiency as they are now able to achieve in one working day what used to take several days. This includes determining the importance of an IP address in a threat investigation. The speed of the tool is attributed to its cloud-based nature, which eliminates the need for multiple data services and solutions. It also eradicates the need for creating custom scripts to combine different threat feeds and data sources.
The benefits of Pure Signal Scout go beyond just saving time. The tool enables analysts of all experience levels to uncover previously unseen activities, providing companies with valuable insights to identify and counteract threats. Before the launch of Scout, only experienced analysts from Fortune 50 organizations had access to products that utilized external threat telemetry, such as NetFlow and PDNS, which provide visibility beyond their own networks.
By using Pure Signal Scout, analysts gain access to Team Cymru’s Pure Signal threat intelligence. This allows them to visualize cyber adversary infrastructure and network activity, not only during a cyberattack but also before and after it. The tool offers an intuitive interface and API integrations, making it suitable for various use cases. Analysts can merge the results obtained from internal logs, SIEM solutions, and data tools, enabling a more comprehensive understanding of the threat landscape.
One of the notable features of Scout is its API, which supports automation through integration with tools like analyst notebook Maltego, as well as SIEM tools like QRadar and Splunk. This enables organizations to create their own threat intelligence and build workflows that align with their specific security objectives.
To assist customers in using the tool effectively, Scout provides 24/7 helpdesk support. It is available globally on a subscription model with pricing based on the number of users.
In conclusion, Team Cymru’s Pure Signal Scout is poised to revolutionize security operations centers by providing fast and comprehensive threat insights. With its cloud-based architecture and intuitive interface, it eliminates the need for multiple data services and custom scripts. By enabling analysts to see previously unseen activities, Scout enhances companies’ abilities to detect and respond to threats. Its API integration capabilities also empower organizations to create their own threat intelligence, thereby customizing their security workflows. With 24/7 support, Pure Signal Scout is ready to assist customers worldwide in bolstering their cybersecurity defenses.