Joe Sandbox

Updated 9 months ago by TruSTAR

This document explains how to set up the Joe Sandbox premium intelligence source in the TruSTAR platform.

Joe Sandbox executes files and URLs fully automated in a controlled environment and monitors the behavior of applications and the operating system for suspicious activities and compiles it in an extensive analysis report.

  • Source Type: Premium Intel
  • Update Type: Feed-based
  • Update Frequency: 15 minutes
  • Parser: Yes
  • Time to Install: 10 minutes

Observables Supported


  • Registered customer of Joe Security
  • Joe Sandbox Cloud API key
TruSTAR Admin rights are required to activate this Premium Intelligence feed.

Getting Started

  1. Log into the TruSTAR Web App.
  2. Click the Marketplace icon on the left side navigation bar.
  3. Choose Premium Intel.
  4. Click Subscribe in the Joe Sandbox icon.
  5. Enter your Joe Sandbox API key, then click Save Credentials & Request Subscription.

TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.

Known Issues

None reported.

Please contact us at our Customer Service portal if you have issues with this integration.

How Did We Do?