How do I contact TruSTAR?
- We try to acknowledge all questions and requests within 24 hours. If you have a technical issue or problem, email us at email@example.com.
I want to put my own data into a private enclave on TruSTAR. How do I do that?
- We’d love to talk more with you about enclave options. Send us your info at www.trustar.co/demo and our team will reach out.
What is an exchange enclave? What is a private enclave?
- Think about an enclave like a data repository. A private enclave stores your own data, whereas an exchange enclave is a place you share data with other like-minded members of a sharing group (like CSA or FS-ISAC). You can also pull feeds into TruSTAR, which are data streams you can turn on or off to enrich your analysis.
Where can I find your Rest API and Python SDK?
TruSTAR provides a robust Python REST API that can be used for automation and integration.
Source files and installation instructions can be found here: https://docs.trustar.co/
What is community data? What options do I have to release a report to the community?
- Community data is reporting that anyone on TruSTAR can access. To release a report to the community, when you create the report, hit the “Release Report to Community” button. You can also redact any proprietary information or PII before sharing.
How do I select/move multiple nodes at once?
- In order to select multiple nodes, hold the shift key down then with the mouse click and drag to select the nodes of interest. The nodes in the group will gray-out and all lines connecting to a node in the group will be white.
How do we activate our credentials?
- An activation link will be sent from firstname.lastname@example.org
Can I set up multiple admins for my company?
- Yes, you are able to set-up multiple admins for your company. The company admin will have the access to change any member of that company’s role and permissions.
How much data can I upload to the enclave and is there any upload limitations?
- There are no limitations on data in the Enclave. We do have limitations on 1,000 IOCs per event/report submitted through an internal/external feed. We have a separate API Endpoint for IOC Management where you can upload/tag/categorize 20,000 IOCs at a time if required.
How do I reset my credentials?
- If you’re trying to access TruSTAR for the first time, our emailed credentials expire after 72 hours for security reasons. If that time period has passed and you missed it, no problem-- just reach out to us at email@example.com and we’ll reset them for you.
How do I reset my password?
- Once you’ve logged into TruSTAR once, you will be able to reset your password at any time. Just go to https://station.trustar.co and click on “Forgot your password”.
What is TruSTAR’s Security Policy?
- TruSTAR is SOC II compliant and authenticates through multi-factor authentication. We encrypt all communications through transit and at rest through SSL/TLS and VPN/SSH. Data at rest is encrypted using AES-256, and we operate through a dedicated single-tenant cloud provider hosted on AWS.
Is TruSTAR STIX-compliant?
- Yes, TruSTAR is designed to work with STIX-formatted incident reports. We also ingest JSON, XML, CSV, email listservs, and other data formats for customers. Reach out to us at firstname.lastname@example.org if you have questions or feedback around data rendering.
What are TruSTAR's production environment egress / public-facing IPs?
What are TruSTAR's staging environment egress / public-facing IPs?
What encryption versions does TruSTAR support?
- The TruSTAR production environment's AWS ELB uses security policy "ELBSecurityPolicy-TLS-1-1-2017-01", which supports TLS 1.1 or greater. TruSTAR will not accept requests to connect using either TLS 1.0 or SSL.