Updated 1 month ago by TruSTAR

This document explains how to set up the Flashpoint premium intelligence source in the TruSTAR platform.

Flashpoint provides rapid, safe, extensive access to illicit communities including closed, invite-only, and password-protected sources, as well as paste sites, technical data, stolen credentials, and social media sites exploited by threat actors.

  • Source Type: Premium Intelligence
  • Update Type: Feed-based
  • Update Frequency: 15 minutes
  • Time to Install: 10 minutes

Observables Supported


  • A subscription to Flashpoint
  • Flashpoint API Key
TruSTAR Admin rights are required to activate this intelligence source.

Getting Started

  1. Log into the TruSTAR Web App.
  2. Click the Marketplace icon on the left side icon list.
  3. Choose Closed Sources.
  4. Click Subscribe on the Flashpoint box.
  5. Enter your Flashpoint API key and click Save Credentials & Request Subscription.

TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.

TruSTAR Report Mapping

The information retrieved from this intelligence source is stored in the Flashpoint Enclave using this format.



Report Title

Title of individual item under data field of json response

Example: Lessons in .......

External ID

Id of individual item under data field of json response

Example: yhVToqq6T-2wjIP5E8WArA

Report Body

Individual item of data field of json response. If there is a link available for CSV data, it will be appended with a response with ‘csv_data’ key in original json response

Time Begun

Posted_at of individual item under data field of response

Example: 2018-11-29T20:18:32+00:00


Tags field of response if available. Tags greater than 32 characters will be ignored.


[“Cybersecurity & Internet Governance”, “Entertainment”, “Hospitality & Gaming”, “Manuals”, “Intelligence Report”, “Fraud”, “Cybercrime”, “Cyber Threats”, “Media & Telecom”, “Technology & Internet”].


platform_url field of individual item

Example: https://fp.tools/home/intelligence/reports/report/yhVTAxxxxxx#detail

Known Issues

No reported issues.

Please contact support@trustar.co if you have issues with this integration.

How Did We Do?