Skip to main content

Lookout

Lookout is Breakwater's OT threat intelligence module. Real-time CVE tracking, ICS-CERT advisories, threat actor monitoring, and risk scoring — all tailored to your deployed assets.

Features

CVE Dashboard

  • Live feed of ICS/SCADA-relevant CVEs from the National Vulnerability Database (NVD)
  • Severity filtering (Critical, High, Medium, Low)
  • Full-text search across CVE IDs, titles, and descriptions
  • Detail panel with CVSS vectors, EPSS scores, and reference links

Device-CVE Correlation

  • Automatic matching of CVEs to your Manifest inventory
  • "Your PLC has 3 critical CVEs" — actionable, not theoretical
  • Exploit availability indicators (CISA KEV integration)

Threat Actors

  • ICS/OT threat actor profiles (VOLTZITE, SANDWORM, CHERNOVITE, KAMACITE, BENTONITE)
  • TTPs (Tactics, Techniques, and Procedures) mapping
  • Attribution and campaign tracking

ICS-CERT Advisories

  • CISA ICS-CERT advisory monitoring
  • Vendor-specific filtering
  • Severity and impact assessment

Data Sources

SourceDataUpdate Frequency
NVD API v2.0CVE details, CVSS scoresEvery 6 hours
CISA KEVKnown Exploited VulnerabilitiesEvery 6 hours
EPSS APIExploit probability scoresEvery 6 hours

Integration with Other Modules

  • Manifest — CVE matches based on your device inventory
  • Forecast — Active CVEs increase risk exposure calculations
  • Channel — IDS alerts from Coastal IDS feed into Lookout (Gateway required)