This document explains how to set up the AbuseIPDB premium intelligence source in the TruSTAR platform.
AbuseIPDB is a project designed to help combat the spread of hackers, spammers, and abusive activity on the internet by providing a central blacklist for IP addresses that have been associated with malicious activity online.
The integration with TruSTAR enables you to to view AbuseIPDB IP addresses as TruSTAR Reports.
- Source Type: Premium Intel
- Update Type: Query-based
- Time to install: 10 minutes
- IP addresses
- A freemium or paid subscription to AbuseIPDB
- Log into the TruSTAR Web App.
- Click the Marketplace icon on the left side Navigation Bar.
- Choose Premium Intel.
- Click Subscribe on the Abuse IPDB box.
- Enter your Abuse IPDB API key and click Save Credentials & Request Subscription.
TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.
TruSTAR Report Mapping
The information retrieved from this intelligence source is stored in the AbuseIPDB Enclave using this format.
Abuse IPDB - $IP
SHA256 Hash of “abuseipdb“ + $IP
IP4 or IP6
abuseConfidenceScore field from source
domain field from source
No reported issues.