F-ISAC

Updated 1 month ago by Elvis Hovor

This document explains how to set up and use the F-ISAC intel feed with TruSTAR Station.

Financials Information Sharing and Analysis Center Japan (F-ISAC Japan) was established so that Japan’s financial institutions are able to share and analyze cyber security information, and conduct cooperative activities to improve their safety and security. 

  • Time to Install: 10 minutes
  • Feed Type: Closed
  • Update Mechanism: Feed-based
  • Update Frequency: 15 minutes
  • API Timeout: 30 seconds

Data Types

The integration pulls the following indicators from F-ISAC:

  • IP
  • Domain
  • URL
  • MD5
  • SHA1 /SHA256

Requirements

  • Membership in F-ISAC
  • F-ISAC API key, email and password
TruSTAR Admin rights are required to activate this closed source feed.

Getting Started

  1. Log into TruSTAR Station.
  2. Click the Marketplace icon on the left side icon list.
  3. Click Closed Sources.
  4. Click Subscribe on the F-ISAC box.
  5. Click on F-ISAC logo and fill in your API key, email and password, then click Save Credentials & Request Subscription.

TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.

TruSTAR Report Mapping

Field 

Explanation

Example

Report Title

{indicator_type} {indicator_value} {message_subject}

IPv4 38.21.241.233 DoS攻撃について

External ID

Encoded value of sha256 of {Report Title}

encoded value of (752112)

Report Body

Full JSON response

Time Begiun

Created_at": posting date and time

Tags

Priority": priority (e.g. Priority: High)

Deeplink

Link to the F-ISAC report

Note: Tags longer than 32 characters will be ignored.

Client Type

PYTHON SDK

Client Meta Tag

stash_f-isac

Known Issues

No reported issues.

Please reach out to support@trustar.co if you have issues with this integration.

How Did We Do?