Observables Supported by TruSTAR

Updated 1 week ago by Elvis Hovor

The TruSTAR platform supports the identification of the following observables:

  • IPV4
  • IPV6
  • CIDR BLOCK
  • URL (Domains are currently categorized as URL's)
  • MD5
  • SHA1
  • SHA256
  • BITCOIN ADDRESSES
  • SOFTWARE (file names are currently treated as Software)
  • EMAIL ADDRESS
  • REGISTRY KEY
  • PHONE NUMBERS
  • CVE (based on NIST's CVE standard)
  • MALWARE
  • THREAT ACTOR

TruSTAR can automatically extract strings that conform to the observable types listed here and then correlate them with existing data.


How Did We Do?