Intel 471 Alerts

Updated 1 year ago by TruSTAR

This document describes how to set up the Intel 471 Alerts Watchlist premium intelligence source in the TruSTAR platform.

Intel 471's Alert Watchlist leverages adversary intelligence and underground capabilities to provide timely data and context on malware and adversary infrastructure. Intel 471 is focused on infiltrating and maintaining access to premium intel where threat actors collaborate, communicate and plan cyber attacks.

  • Source Type: Premium Intel
  • Update Type: Feed-based
  • Update Frequency: 15 minutes
  • Time to Install: 10 minutes

Observables Supported


  • A subscription to Intel 471 Alerts
  • Alerts API ID (Intel 471 portal login email)
  • Alerts API Key
    TruSTAR Admin rights are required to activate this Premium Intelligence feed.

Getting Started

  1. Log into the TruSTAR Web App.
  2. Click the Marketplace icon on the left side icon list.
  3. Choose Premium intel.
  4. Click Subscribe on the Intel 471 Alerts box.
  5. Enter the information requested and click Save Credentials & Request Subscription.

TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.

Known Issues

No reported issues.

Please contact if you have issues with this integration.

How Did We Do?