Cyjax

Updated 1 month ago by TruSTAR

This article explains how to set up the the Cyjax premium intelligence source in the TruSTAR platform.

Cyjax specializes in threat intelligence, focusing on the cyber, physical and political areas.

  • Time to install: 10 minutes
  • Source Type: Premium Intelligence
  • Update Type: Query-based

Observables Supported

  • Domain
  • URL
  • CVE
  • Emails
  • IPv4
  • IPv6
  • FileHash-MD5
  • FileHash-SHA1
  • FileHash-SHA256

Requirements

  • A paid subscription to CYJAX
  • Cyjax API Key
TruSTAR Admin rights are required to activate this premium intelligence source.

Getting Started

  1. Log into the TruSTAR Web App.
  2. Click the Marketplace icon on the left side icon list.
  3. Click Premium Intel to view the sources available.
  4. Click Subscribe on the Cyjax box. This opens a dialog box.
  5. Enter your Cyjax API key, then click Save Credentials & Request Subscription.

TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.

TruSTAR Report Mapping

The information retrieved from this intelligence source is stored in the Cyjax Enclave using this format.

Field 

Explanation

Title

Cyjax report title

Content

Severity of Report [Low, Med, High, Critical]

External ID

map to https://cymon.co/report/incident/view?id=<id>

Value

Observable

Type

One of the supported Observable types

Maliciousness Score

Mapped to Report Level Severity score

relatedObservables

None

Tags

[handling_condition:<colour>]

tags

Known Issues

No reported issues.

Please contact support@trustar.co if you have issues with this integration.


How Did We Do?