Workflow Apps
Case Management
Orchestration
Demisto
User Guide: TruSTAR for Demisto
Creating a Demisto Playbook
Indicator Retrieval in Demisto
Indicator Searches in Demisto
Listing TruSTAR Enclaves in Demisto
Phishing Triage Commands for Demisto
Report Commands in Demisto
Report Searches in Demisto
User Guide: TruSTAR for Demisto
Whitelisting with Demisto
FAQ: TruSTAR for Demisto
Install: TruSTAR for Demisto
Overview: Demisto
Phantom Cyber
SIEM
TAXII Applications
Anomali ThreatStream
LogRhythm
Palo Alto MineMeld
TAXII Client Basics
TAXII FAQ
TruSTAR TAXII Server
Other
Threat Intelligence Platform
TruSTAR Web App
UI Walkthrough
Dashboard
Enclaves
Filter and Refine Panel
Indicators
MITRE ATT&CK Framework
Main Screen
Marketplace
Navigation Bar
Reports
Searching
TruSTAR Community Chat
UI Walkthrough
Using Notes
Reports
Copying a Report
Emailing a Report
Exporting Report Data
Moving a Report
Overview: Reports
Redacting Data from a Report
Reports Graph View
Reports List View
Reports Panel
Submitting a Report
Tagging a Report
Updating a Report
Indicators
Deleting Indicators
Exporting Indicators
IOC Graph View
IOC List View
Overview: Indicators
Tagging Indicators
Threat Actors
Uploading Indicators
Whitelisting Indicators
Phishing Triage
Overview: Phishing Triage
Phishing Triage API
Phishing Triage Python SDK
Phishing Workflow in the TruSTAR Web App
Using Phishing Triage with Orchestration Tools
Using Phishing Triage with SIEM Tools
Using Phishing Triage with a TAXII Client
User Settings
Admin Features
Scripted Extensions
Enclave Scripts
Automated Sharing Between Enclaves
Script: Correlations Between Enclaves
Script: Deleting Reports
Script: Domain-level URL Filtering
Script: Exporting Indicators
Script: Moving Data Between Enclaves
Scripts: Uploading Data
Managed Connectors
ArcSight: Upload Events to TruSTAR
Azure Sentinel: Import Indicators from TruSTAR
Crowdstrike Falcon: Import Indicators from TruSTAR
Cybereason: Import Indicators from TruSTAR
MISP: Import Reports or Indicators from TruSTAR
Overview: Managed Connectors
Proofpoint: URL Decoder
SecureWorks: Send Indicators to TruSTAR
Splunk Enterprise: Import Indicators from TruSTAR
Splunk Phantom: Enrich Notable Events
Report Correlation Email
Vetting and Tagging Indicators
Intelligence Sources
Digital Risk/ATO
Endpoint
Cisco AMP Threat Grid
Cisco AMP Threat Grid Indicator Query
Crowdstrike Falcon Detect
Crowdstrike Falcon Intelligence
Crowdstrike Falcon Reports
Threat Intelligence
Dragos WorldView
FireEye iSight
IBM X-Force
IBM X-Force IRIS
Intel 471 Adversary Intelligence
Intel 471 Alerts
Intel 471 Malware Intelligence
Recorded Future Hash Intelligence
Recorded Future IP Intelligence
Recorded Future URL Intelligence
Recorded Future Vulnerability Intelligence
VirusTotal
urlscan
Trusted Community
Other
AWS GuardDuty
Alienvault OTX Pulse
Cybersource
Facebook Threat Exchange
Farsight Security
Hybrid Analysis
Joe Sandbox
MISP
TAXII Client
Technical Info
Intel Feeds Source URLs
OSINT Sources Tech Specs
Premium Intel Sources Tech Specs
RSS Open Sources Tech Specs
COVID-19 OSINT Community Enclave
How Intelligence Sources are Updated
Intro to Intelligence Sources
Technology
Partner Resources
Integration Functions
Enrich Indicators in TruSTAR
Enrich Reports in TruSTAR
Filter Indicators from TruSTAR
Get Phishing Indicators
Ingest Indicators from TruSTAR
Redact a Report in TruSTAR
Share a Report
Submit Indicators to TruSTAR
Submit Report to TruSTAR
Triage Phishing Submissions
Whitelist Indicators
Case Management Integrations
Overview: Partner Resources
SIEM Integrations
SOAR Integrations
TruSTAR Configuration Requirements
FAQs
TruSTAR Policies
Applications Integrations FAQ
Clearing browser cookies and caches
Contacting TruSTAR Support
Entity Extraction FAQ
Finding Enclave IDs
Finding Report IDs
Finding Your API Keys
Indicators Supported by TruSTAR
Intelligence Sources FAQ
Login FAQ
Request to Archive Premium Intel Source
Security FAQ
Uploading Indicators FAQ
What is the TruSTAR Community?
