7.1 Use Cases: Detect
Goals
- Optimize detection workflows for better accuracy.
- Automate matching of high-scoring indicators into a SIEM tool to create more efficiency.
- Customize data ingest preferences to reduce false positive rate.

Workflow
- Sources: Send internal event data to TruSTAR and use Premium Intelligences and Open sources to normalize, score, and prioritize
- Transformations: Prepare, and prioritize data to identify malicious Indicators.
- Destinations: Send indicators and Intel Reports back to detection tool to reduce false positive rates.
Related Link: Overview: TruSTAR Apps for Detection tools