By TruSTAR
One benefit of IT-ISAC membership is free access to TruSTAR’s Intelligence Management Platform. The TruSTAR platform operationalizes internal and external data sources through an ecosystem of partner integrations to help security teams make better decisions faster.
Through TruSTAR, IT-ISAC members can:
● Leverage intelligence across emails, alerts, and cases to speed detection and investigative response times.
● Operationalize external data sources with leading SIEM, Case Management, and Orchestration integrations.
● Facilitate intelligence exchange and collaboration with the IT-ISAC and its partners, all in one platform.
This platform can be applied to one or multiple use cases within your organization, such as:
● Detect - Optimize detection workflows for better accuracy by automatically sending malicious indicators into member SIEM tools. Members can customize data ingest preferences based on indicator type, tags, and age of indicator to cut down on data volume exchanged between tools.
● Triage - Sort user-reported suspicious emails according to Priority Score to accelerate triage. Save precious investigation cycles by automatically enriching alerts with internal and external intelligence sources, with the option to automate next steps.
● Investigate - TruSTAR displays enrichment data in members’ preferred workflow environment. They can click through to the TruSTAR Web App when more link analysis is needed.
● Orchestrate and Disseminate - Operationalize intelligence to the tools and peers most essential to individualized workflows. TruSTAR is an extensible platform with RESTful APIs, allowing teams to customize workflows and integrate with the tools they care about most.
Community Plus Toolkit
The TruSTAR Community Plus offering helps member teams operationalize IT-ISAC intelligence into investigations. Analysts can simultaneously query OSINT and IT-ISAC intelligence to get immediate correlations on investigations for better visibility into attack vectors and techniques associated with malware families.
With TruSTAR’s Community Plus Toolkit, members can submit an unlimited number of IOCs or reports directly to the platform. TruSTAR automatically ingests, normalizes, extracts, and correlates datasets so that analysts can easily investigate and disseminate known-bad incidents to relevant teams and tools.
Phishing Triage
TruSTAR is currently running a 60-day trial offer for IT-ISAC members to the Enterprise Phishing Triage feature suite, which includes Priority Scoring and automation. Learn more here.
TruSTAR’s Phishing Triage solution is designed for skilled security analysts seeking to remove manual, time-consuming tasks associated with the traditional triage process for user-reported suspicious emails.
TruSTAR automatically ingests suspicious emails and enriches them with normalized scores from 15+ of your intelligence sources to create a Priority Score, helping analysts surface the most relevant events for automated or human-in-the-loop investigation workflows.
Get Started: Begin Submitting Data to the Platform
TruSTAR users report saving 4 hours on investigations per week when they use TruSTAR to enrich investigation data.
The easiest way to get started is to set up automated data ingest via our Enclave Inbox feature. Forward user-reported suspicious phishing emails into TruSTAR to get added enrichment. Emails are automatically ingested, normalized, and correlated with existing intelligence.
To learn more about what TruSTAR can do for you, reach out to TruSTAR Community Manager Tyler Bent at Tbent@trustar.co. Members can also request a free 30 day trial of TruSTAR Enterprise here. IT-ISAC members should contact membership@it-isac.org to learn how their company can leverage TruSTAR as part of their membership.
Comments