F-ISAC
This document explains how to set up and use the F-ISAC premium intelligence source with the TruSTAR Web App.
Financials Information Sharing and Analysis Center Japan (F-ISAC Japan) was established so that Japan’s financial institutions are able to share and analyze cyber security information, and conduct cooperative activities to improve their safety and security.
- Source Type: Premium Intel
- Update Type: Feed-based
- Update Frequency: 15 minutes
- Time to Install: 10 minutes
Data Types
The integration pulls the following Observables from F-ISAC:
- IP
- Domain
- URL
- MD5
- SHA1 /SHA256
Requirements
- Membership in F-ISAC
- F-ISAC API key, email and password
Getting Started
- Log into the TruSTAR Web App.
- Click the Marketplace icon on the left side icon list.
- Click Premium intel.
- Click Subscribe on the F-ISAC box.
- Click on F-ISAC logo and fill in your API key, email and password, then click Save Credentials & Request Subscription.
TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.
TruSTAR Report Mapping
Field | Explanation | Example |
Report Title | {indicator_type} {indicator_value} {message_subject} | IPv4 XX.XX.241.233 DoS攻撃について |
External ID | Encoded value of sha256 of <Report Title> | encoded value of <XXXXXX> |
Report Body | Full JSON response | |
Time Begun | Created_at: posting date and time | |
Tags | Priority: value | Priority: High |
Deeplink | Link to the F-ISAC report Note: Tags longer than 32 characters will be ignored. | |
Client Type | PYTHON SDK | |
Client Meta Tag | stash_f-isac |
Known Issues
No reported issues.
Please reach out to support@trustar.co if you have issues with this integration.