TruSTAR Basics

Updated 2 weeks ago by Sachit Soni

How do I contact TruSTAR?

We try to acknowledge all questions and requests within 24 hours. If you have a technical issue or problem, please go to the TruSTAR Customer Service portal https://trustar.atlassian.net/servicedesk/customer/portals.  You can also email us at support@trustar.co.

What is an exchange enclave? What is a private enclave?

Think of an enclave as a data repository. A private enclave stores your own data, whereas an exchange enclave is a place you share data with other like-minded members of a sharing group (like CSA or FS-ISAC).

What is the TruSTAR Community?

The TruSTAR Community is accessible to anyone who has access to the TruSTAR platform. The TruSTAR Community consists of reports that accessible to everyone. Generally reports in the Community are redacted to protect sensitive information and these reports are meant to provide intelligence for everyone to utilize. 

TruSTAR users can submit reports directly to the Community or release a report from their Enclave to the Community. To release a report to the Community, when you create the report, hit the “Release Report to Community” button. You can also redact any proprietary information or personally identifiable information (PII) before sharing with the Community.

What is community data? What options do I have to release a report to the community?

Community data is reporting that anyone on TruSTAR can access. To release a report to the community, when you create the report, hit the “Release Report to Community” button. You can also redact any proprietary information or PII before sharing.

Are there any upload limitations for enclaves?

There are no limitations on data in an enclave.

TruSTAR does have a limit of 500 IOCs per event/report submitted through an internal/external feed. TruSTAR has a separate API Endpoint for IOC Management where you can upload/tag/categorize 10,000 IOCs at a time if required.


How Did We Do?