Indicators Supported by TruSTAR
The TruSTAR platform supports the identification of the following Indicators:
- IPV4
- IPV6
- CIDR BLOCK
- URL (Domains are currently categorized as URL's)
- MD5
- SHA1
- SHA256
- BITCOIN ADDRESSES
- SOFTWARE (file names are currently treated as Software)
- EMAIL ADDRESS
- REGISTRY KEY
- CVE (based on NIST's CVE standard)
- MALWARE
- THREAT ACTOR
- PHONE NUMBERS
TruSTAR can automatically extract strings that conform to the Indicator types listed here and then correlate them with existing data.