How do I contact TruSTAR?
- We try to acknowledge all questions and requests within 24 hours. If you have a technical issue or problem, please go to the TruSTAR Customer Service portal https://trustar.atlassian.net/servicedesk/customer/portals. You can also email us at firstname.lastname@example.org.
I want to put my own data into a private enclave on TruSTAR. How do I do that?
- We’d love to talk more with you about enclave options. Send us your info at www.trustar.co/demo and our team will reach out.
What is an exchange enclave? What is a private enclave?
- Think about an enclave like a data repository. A private enclave stores your own data, whereas an exchange enclave is a place you share data with other like-minded members of a sharing group (like CSA or FS-ISAC). You can also pull feeds into TruSTAR, which are data streams you can turn on or off to enrich your analysis.
Where can I find your Rest API and Python SDK?
TruSTAR provides a robust Python REST API that can be used for automation and integration.
Source files and installation instructions can be found here: https://docs.trustar.co/
What is community data? What options do I have to release a report to the community?
- Community data is reporting that anyone on TruSTAR can access. To release a report to the community, when you create the report, hit the “Release Report to Community” button. You can also redact any proprietary information or PII before sharing.
How do we activate our credentials?
- An activation link will be sent from email@example.com
Can I set up multiple admins for my company?
- Yes, you are able to set-up multiple admins for your company. The company admin will have the access to change any member of that company’s role and permissions.
How much data can I upload to the enclave and is there any upload limitations?
- There are no limitations on data in the Enclave. We do have limitations on 500 IOCs per event/report submitted through an internal/external feed. We have a separate API Endpoint for IOC Management where you can upload/tag/categorize 10,000 IOCs at a time if required.
How do I reset my credentials?
- If you’re trying to access TruSTAR for the first time, our emailed credentials expire after 72 hours for security reasons. If that time period has passed and you missed it, no problem-- just reach out to us at firstname.lastname@example.org and we’ll reset them for you.
How do I reset my password?
- Once you’ve logged into TruSTAR once, you will be able to reset your password at any time. Just go to https://station.trustar.co and click on “Forgot your password”.
What is TruSTAR’s Security Policy?
- TruSTAR is SOC II compliant and authenticates through multi-factor authentication. We encrypt all communications through transit and at rest through SSL/TLS and VPN/SSH. Data at rest is encrypted using AES-256, and we operate through a dedicated single-tenant cloud provider hosted on AWS.
Is TruSTAR STIX-compliant?
- Yes, TruSTAR is designed to work with STIX-formatted incident reports. We also ingest JSON, XML, CSV, email listservs, and other data formats for customers. Reach out to us at email@example.com if you have questions or feedback around data rendering.
What are TruSTAR's ELB public-facing IPs?
If you connect to TruSTAR Station through a proxy, your proxy must allow outbound connections to those two IP addresses. All connection attempts to "station.trustar.co" and "api.trustar.co" will resolve to one of those two IP addresses.
What encryption versions does TruSTAR support?
- The TruSTAR production environment's AWS ELB uses security policy "ELBSecurityPolicy-TLS-1-1-2017-01", which supports TLS 1.1 or greater. TruSTAR will not accept requests to connect using either TLS 1.0 or SSL. Users' proxies must be equipped to use TLS 1.1 or greater.