Internal information, such as cases, reports, or emails can contain data about an event on a network or device. TruSTAR can ingest those items and extract useful information, called Indicators. These Indicators can be URLs, hashes, or email addresses, among onther items.
Related Link: Indicator types supported by TruSTAR
TruSTAR enriches these Indicators iwth additional intelligence and then scores them to provide deeper context. These enriched Indicators help you determine if there is harmful activity on a network, such as a security breach or other suspicious incident.
In the TruSTAR Web App, you view Indicators through the Indicators Panel on the main screen.
To dive into Indicators, jump to Overview: Indicators.