Station Features
UI Walkthrough
Cases
Dashboard
Enclaves
Filter and Refine Panel
MITRE ATT&CK Framework
Main Screen
Marketplace
Navigation Bar
Searching
TruSTAR Community Chat
UI Tour (with Links)
Using Notes
Reports
Copying a Report
Emailing a Report
Exporting Report Data
Moving a Report
Overview: Reports
Redacting Data from a Report
Reports Graph View
Reports List View
Reports Panel
Submitting a Report
Tagging a Report
Updating a Report
Indicators
Deleting Indicators
Exporting Indicators
IOC Graph View
IOC List View
Overview: Indicators
Tagging Indicators
Threat Actors
Uploading Indicators
Whitelisting Indicators
Phishing Triage
Overview: Phishing Triage
Phishing Triage API
Phishing Triage Python SDK
Phishing Workflow in the TruSTAR Web App
Using Phishing Triage with Orchestration Tools
Using Phishing Triage with SIEM Tools
Using Phishing Triage with a TAXII Client
User Settings
Admin Features
Scripted Extensions
Enclave Scripts
Automated Sharing Between Enclaves
Script: Correlations Between Enclaves
Script: Deleting Reports
Script: Domain-level URL Filtering
Script: Exporting Indicators
Script: Moving Data Between Enclaves
Scripts: Uploading Data
Managed Connectors
ArcSight: Upload Events to TruSTAR
Azure Sentinel: Import Indicators from TruSTAR
Crowdstrike Falcon: Import Indicators from TruSTAR
Cybereason: Import Indicators from TruSTAR
MISP: Import Reports or Indicators from TruSTAR
Splunk Enterprise: Import Indicators from TruSTAR
Splunk Phantom: Enrich Notable Events
Report Correlation Email
Vetting and Tagging Indicators
Workflow Apps
SIEM
Other
TAXII Applications
Anomali ThreatStream
LogRhythm
Palo Alto MineMeld
TAXII Client Basics
TAXII FAQ
TruSTAR TAXII Server
Orchestration
Demisto
User Guide: TruSTAR for Demisto
Creating a Demisto Playbook
Indicator Retrieval in Demisto
Indicator Searches in Demisto
Listing TruSTAR Enclaves in Demisto
Phishing Triage Commands for Demisto
Report Commands in Demisto
Report Searches in Demisto
User Guide: TruSTAR for Demisto
Whitelisting with Demisto
FAQ: TruSTAR for Demisto
Install: TruSTAR for Demisto
Overview: Demisto
Phantom Cyber
Case Management
Intelligence Sources
Digital Risk/ATO
Endpoint
Cisco AMP Threat Grid
Cisco AMP Threat Grid Indicator Query
Crowdstrike Falcon Detect
Crowdstrike Falcon Intelligence
Crowdstrike Falcon Reports
Threat Intelligence
Dragos WorldView
FireEye iSight
IBM X-Force
IBM X-Force IRIS
Intel 471 Adversary Intelligence
Intel 471 Alerts
Intel 471 Malware Intelligence
Recorded Future Hash Intelligence
Recorded Future IP Intelligence
Recorded Future URL Intelligence
Recorded Future Vulnerability Intelligence
VirusTotal
Trusted Community
Other
AWS GuardDuty
Alienvault OTX Pulse
Cybersource
Facebook Threat Exchange
Farsight Security
Hybrid Analysis
Joe Sandbox
MISP
TAXII Client
Technical Info
Intel Feeds Source URLs
OSINT Sources Tech Specs
Premium Intel Sources Tech Specs
RSS Open Sources Tech Specs
COVID-19 OSINT Community Enclave
Intro to Intelligence Sources
Technology
FAQs
TruSTAR Policies
Applications Integrations FAQ
Clearing browser cookies and caches
Contacting TruSTAR Support
Entity Extraction FAQ
Finding Enclave IDs
Finding Report IDs
Finding Your API Keys
Intelligence Sources FAQ
Login FAQ
Observables Supported by TruSTAR
Request to Archive Premium Intel Source
Security FAQ
Uploading Observables FAQ
What is the TruSTAR Community?
Product Release
