7.1 Use Cases: Detect

Updated 9 months ago by TruSTAR

Goals

  • Optimize detection workflows for better accuracy. 
  • Automate matching of high-scoring indicators into a SIEM tool to create more efficiency. 
  • Customize data ingest preferences to reduce false positive rate.

Workflow

  • Sources: Send internal event data to TruSTAR and use Premium Intelligences and Open sources to normalize, score, and prioritize
  • Transformations: Prepare, and prioritize data to identify malicious Indicators.
  • Destinations: Send indicators and Intel Reports back to detection tool to reduce false positive rates. 

Related Link: Overview: TruSTAR Apps for Detection tools


How Did We Do?