This document explains how to set up the Flashpoint premium intelligence source in the TruSTAR platform.
Flashpoint provides rapid, safe, extensive access to illicit communities including closed, invite-only, and password-protected sources, as well as paste sites, technical data, stolen credentials, and social media sites exploited by threat actors.
- Source Type: Premium Intelligence
- Update Type: Feed-based
- Update Frequency: 15 minutes
- Time to Install: 10 minutes
- A subscription to Flashpoint
- Flashpoint API Key
- Log into the TruSTAR Web App.
- Click the Marketplace icon on the left side icon list.
- Choose Closed Sources.
- Click Subscribe on the Flashpoint box.
- Enter your Flashpoint API key and click Save Credentials & Request Subscription.
TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.
TruSTAR Report Mapping
The information retrieved from this intelligence source is stored in the Flashpoint Enclave using this format.
Title of individual item under data field of json response
Example: Lessons in .......
Id of individual item under data field of json response
Individual item of data field of json response. If there is a link available for CSV data, it will be appended with a response with ‘csv_data’ key in original json response
Posted_at of individual item under data field of response
Tags field of response if available. Tags greater than 32 characters will be ignored.
[“Cybersecurity & Internet Governance”, “Entertainment”, “Hospitality & Gaming”, “Manuals”, “Intelligence Report”, “Fraud”, “Cybercrime”, “Cyber Threats”, “Media & Telecom”, “Technology & Internet”].
platform_url field of individual item
No reported issues.