6. Dashboard

Updated 2 weeks ago by TruSTAR

The Dashboard highlights the most current trends, insights, and Intelligence Report analytics.

This feature is only available to Enterprise users. If you are a Community Plus user, please contact the TruSTAR Community Manager for a trial.

From the Dashboard, you can select an Enclave and then perform any of these actions:

  • Download Indicators from Reports that have the most relevant context.
  • Identify Reports that have the highest number of correlations with Community Reports.
  • Use Community Trends as a launch point for further investigations.

Enclave Insights

The top section of the Dashboard displays Enclave-specific insights. If you have multiple Enclaves, choose which Enclave to explore by choosing it from the Select Enclave dropdown list at the top of the Dashboard.

Each panel of the Dashboard contains specific enrichment relevant to your Enclave. You can hover over the information icons to learn more or click any item to begin a detailed investigation.

  • The Internal Enrichment panel lists Intel Reports that have the most correlations with other reports in that Enclave. This shows which of your cases have recurring context.
  • The Community Enrichment panel lists Intel Reports that has the most correlations with Intel Reports in the TruSTAR Community so that you can quickly see which reports have the most context with publicly shared threat data.
  • The Relevant IOCs panel lists Indicators that have the most correlations in this Enclave.

Report Submissions

This area displays reporting activity for both you and the selected Enclave. You can also view the Intel Report submission breakdown by how the information was submited, such as WebApp, email ingest, or API integrations.

The Community Trends area displays trending information from the TruSTAR Community in three different ways.

  • Trending IOCs shows the top five Indicators reported most frequently.
  • Trending Malware shows the top five malware families reported most often.
  • Trending Vulnerabilities shows the top five CVEs reported.

Time Range

For each section of the Dashboard, you can select the time range to use. The default time range is three days.

How Did We Do?