Team Cymru is excited to share our accomplishments in delivering new features and improvements in Pure Signal™ Scout.
Thank you to our customers from Team Cymru and the Scout Product Management team!
2024 has been a transformative year for Team Cymru's Pure Signal™ Scout, marked by groundbreaking advancements that reinforce our commitment to empowering security teams worldwide.
Firstly, thank you to our Scout user base for the many contributions and feedback throughout the year to refine Scout into the product you love using everyday. On behalf of Team Cymru, I really appreciate the connections and can be contacted anytime:
Kyle Contorno, Senior Product Manager | Pure Signal™ Scout
So, what have we achieved this year? A lot! From introducing GenAI-powered insights and seamless integrations with industry-leading platforms, to delivering innovative features like refined search and communications Sankey visualizations, our development team has been busy! Scout has evolved to meet the ever-growing demands of you, the analysts and researchers who rely on Team Cymru for trusted and immediate insights.
These enhancements demonstrate our dedication to enabling you to make faster, more confident decisions while ensuring Scout remains the trusted tool for organizations aiming to stay ahead of threats. Let's dive into the highlights of Scout's journey this year!
What has changed in Scout?
In 2024, Scout received a number of new features and improvements. Here is an overview of some important changes in Scout since the beginning of 2024:
April 2024
May 2024
June 2024
July 2024
August 2024
October 2024
November 2024
To see a full list of everything that has changed in Scout, refer to our Changelog and Scout Documentation. You can also find additional training content in Scout Academy or watch our video series available on our YouTube Channel.
Scout receives a major UI Update
The Scout team has implemented a number of improvements to the Scout UI with a brand new design this year! Our new product design includes improved timeline visualizations, a new design language and improved insights.
Release of Scout Insight
Team Cymru announced the release of Scout Insight in our Blog Post: Enhancing SOC Security: Introducing Pure Signal™ Scout Insight. Scout Insight is a new edition of Scout that offers a streamlined threat intelligence solution tailored for SOC teams, offering immediate, actionable insights without the complexity of data overload. Scout Insight condenses Team Cymru’s unmatched Pure Signal data into intuitive summaries with tags and context, enabling faster, more confident decisions. With Scout Insight, you can now triage alerts more efficiently and with the right prioritization. Designed for accessibility, Scout Insight empowers users of all experience levels.
To learn more about Scout Insight, read our Press Release.
Communications Sankey Visualization
The communications Sankey Visualization offers a new visualization of the communication between IP addresses and peers. Apply a filter to fine tune the Sankey diagram and better identify patterns.
To learn more about the Communications Sankey Visualization feature, visit our Documentation.
New Integration: Splunk
Team Cymru is excited to offer an integration between Scout and Splunk. By presenting threat data in an accessible format and providing contextual information, SOC analysts can gain an immediate understanding of cyber threats without training. They can also create summary reports directly from within the tool for internal sharing and escalation.
To learn more about the Scout integration with Splunk, read our post on How the New Splunk App for Scout Can Enrich and Accelerate Your Investigations.
New Feature: Refined Search
In June 2024, Team Cymru released a new feature: refined search. Refined searches allow users to pivot from an initial search to carry over context and content allowing for a narrowed down or “refined” search. This feature enables users to apply more precise filters to fine-tune data across various datasets, enhancing efficiency while maintaining access to rich, contextual insights.
To learn more about this feature, visit our IP Details Documentation and reference the Pivoting Options section.
New Experimental Feature: AI Insights
The Scout Product team announced the launch of a new experimental feature, AI Insights in August 2024.
AI Insights offers Scout users the ability to generate Insight summaries powered by GenAI.
This feature is available to toggle for all Scout Insight trial users in the Experimental page within Scout and can be enabled for your organization by request at support@cymru.com.
AI Insights: What you need to know
To Opt-in to this new feature, Scout Insight Trial users and Scout Community users can navigate to the Experimental tab within Scout and enable this experimental feature.
All other Scout Insight and Scout Ultimate users can request access to this Experimental feature by contacting support@cymru.com.
Where to enable after your organization has opted in.
Navigate to the Experimental tab
How to enable the feature after your organization has opted in.
Once you agree to the terms, you can enable AI Insights for your profile.
Toggling AI Insights
To toggle on/off this feature, users in orgs opted in can enable or disable the feature from Account Settings
Using AI Insights.
When searching for an IP, click the “AI Insights” button to generate an Insights Summary. In addition to the Overview, you can view a more detailed overview with a final summary.
To learn more about our Experimental AI Insights, visit our AI Insights Documentation.
New Integration: Palo Alto Networks Cortex
Team Cymru announced the arrival of our Scout integration with Palo Alto Networks Cortex in October 2024. This plugin enriches XSOAR with comprehensive IP address and domain insights to:
Enable SOC, Threat Intel, Vulnerability and GRC teams to handle larger volumes of work and do more with fewer resources.
Correlate between IP addresses and compromised hosts to uncover more attack indications.
Access NetFlow communications, WHOIS information, Passive DNS (PDNS), X509 certificates, and fingerprinting details for enrichment and incident response.
Support IPv4 and IPv6 address queries.
Provide real-time threat intelligence and help identify and mitigate potential security threats.
Leverage powerful workflows and automation to orchestrate across silos and streamline and accelerate response.
To learn more about our Cortex integration, read our post.
New Feature: Recon Pivoting
Recon users are now able to pivot from a Scout search into Recon for seamless transitioning during investigations. Recon pivoting makes it easier than ever for users to take full advantage of Team Cymru’s Pure Signal Data Ocean.
To learn more about this feature, see our Documentation.
API Improvements: Move from Local and Peer format to Client and Server
Upon popular request, the Scout API has received an update to support Client and Server format. Support for client-server formatting enhances analytical capabilities by inferring and displaying client-server relationships, replacing the traditional "local" and "peer" labels. This transformation provides more intuitive and actionable insights into IP communications, enabling users to better understand network interactions and streamline threat investigations.
To learn more about this change, read more in our Documentation.