FAQs

Updated 2 weeks ago by Sachit Soni

Basics

How do I contact TruSTAR?
  • We try to acknowledge all questions and requests within 24 hours. If you have a technical issue or problem, email us at support@trustar.co.
I want to put my own data into a private enclave on TruSTAR. How do I do that?
  • We’d love to talk more with you about enclave options. Send us your info at www.trustar.co/demo and our team will reach out.
What is an exchange enclave? What is a private enclave?
  • Think about an enclave like a data repository. A private enclave stores your own data, whereas an exchange enclave is a place you share data with other like-minded members of a sharing group (like CSA or FS-ISAC). You can also pull feeds into TruSTAR, which are data streams you can turn on or off to enrich your analysis.
Where can I find your Rest API and Python SDK?
  • TruSTAR provides a robust Python REST API that can be used for automation and integration.

    Source files and installation instructions can be found here: https://docs.trustar.co/

What is community data? What options do I have to release a report to the community?
  • Community data is reporting that anyone on TruSTAR can access. To release a report to the community, when you create the report, hit the “Release Report to Community” button. You can also redact any proprietary information or PII before sharing.
How do I select/move multiple nodes at once?
  • In order to select multiple nodes, hold the shift key down then with the mouse click and drag to select the nodes of interest. The nodes in the group will gray-out and all lines connecting to a node in the group will be white.
How do we activate our credentials?
Can I set up multiple admins for my company?
  • Yes, you are able to set-up multiple admins for your company. The company admin will have the access to change any member of that company’s role and permissions.
How much data can I upload to the enclave and is there any upload limitations?
  • There are no limitations on data in the Enclave. We do have limitations on 1,000 IOCs per event/report submitted through an internal/external feed. We have a separate API Endpoint for IOC Management where you can upload/tag/categorize 20,000 IOCs at a time if required.

Credentials

How do I reset my credentials?
  • If you’re trying to access TruSTAR for the first time, our emailed credentials expire after 72 hours for security reasons. If that time period has passed and you missed it, no problem-- just reach out to us at support@trustar.co and we’ll reset them for you.
How do I reset my password?
  • Once you’ve logged into TruSTAR once, you will be able to reset your password at any time. Just go to https://station.trustar.co and click on “Forgot your password”.

Security

What is TruSTAR’s Security Policy?
  • TruSTAR is SOC II compliant and authenticates through multi-factor authentication. We encrypt all communications through transit and at rest through SSL/TLS and VPN/SSH. Data at rest is encrypted using AES-256, and we operate through a dedicated single-tenant cloud provider hosted on AWS.
Is TruSTAR STIX-compliant?
  • Yes, TruSTAR is designed to work with STIX-formatted incident reports. We also ingest JSON, XML, CSV, email listservs, and other data formats for customers. Reach out to us at support@trustar.co if you have questions or feedback around data rendering.
What are TruSTAR's production environment egress / public-facing IPs?
  • 34.193.4.124
  • 34.225.9.69
What are TruSTAR's staging environment egress / public-facing IPs?
  • 52.21.139.207
  • 52.201.148.208
What encryption versions does TruSTAR support?
  • The TruSTAR production environment's AWS ELB uses security policy "ELBSecurityPolicy-TLS-1-1-2017-01", which supports TLS 1.1 or greater.  TruSTAR will not accept requests to connect using either TLS 1.0 or SSL.  

    How Did We Do?