FAQs

Updated 1 month ago by Sachit Soni

Basics

How do I contact TruSTAR?
I want to put my own data into a private enclave on TruSTAR. How do I do that?
  • We’d love to talk more with you about enclave options. Send us your info at www.trustar.co/demo and our team will reach out.
What is an exchange enclave? What is a private enclave?
  • Think about an enclave like a data repository. A private enclave stores your own data, whereas an exchange enclave is a place you share data with other like-minded members of a sharing group (like CSA or FS-ISAC). You can also pull feeds into TruSTAR, which are data streams you can turn on or off to enrich your analysis.
Where can I find your Rest API and Python SDK?
  • TruSTAR provides a robust Python REST API that can be used for automation and integration.

    Source files and installation instructions can be found here: https://docs.trustar.co/

What is community data? What options do I have to release a report to the community?
  • Community data is reporting that anyone on TruSTAR can access. To release a report to the community, when you create the report, hit the “Release Report to Community” button. You can also redact any proprietary information or PII before sharing.
How do we activate our credentials?
Can I set up multiple admins for my company?
  • Yes, you are able to set-up multiple admins for your company. The company admin will have the access to change any member of that company’s role and permissions.
How much data can I upload to the enclave and is there any upload limitations?
  • There are no limitations on data in the Enclave. We do have limitations on 500 IOCs per event/report submitted through an internal/external feed. We have a separate API Endpoint for IOC Management where you can upload/tag/categorize 10,000 IOCs at a time if required.

Credentials

How do I reset my credentials?
  • If you’re trying to access TruSTAR for the first time, our emailed credentials expire after 72 hours for security reasons. If that time period has passed and you missed it, no problem-- just reach out to us at support@trustar.co and we’ll reset them for you.
How do I reset my password?
  • Once you’ve logged into TruSTAR once, you will be able to reset your password at any time. Just go to https://station.trustar.co and click on “Forgot your password”.

Security

What is TruSTAR’s Security Policy?
  • TruSTAR is SOC II compliant and authenticates through multi-factor authentication. We encrypt all communications through transit and at rest through SSL/TLS and VPN/SSH. Data at rest is encrypted using AES-256, and we operate through a dedicated single-tenant cloud provider hosted on AWS.
Is TruSTAR STIX-compliant?
  • Yes, TruSTAR is designed to work with STIX-formatted incident reports. We also ingest JSON, XML, CSV, email listservs, and other data formats for customers. Reach out to us at support@trustar.co if you have questions or feedback around data rendering.
What are TruSTAR's production environment egress / public-facing IPs?
  • 34.193.4.124
  • 34.225.9.69
What are TruSTAR's staging environment egress / public-facing IPs?
  • 52.21.139.207
  • 52.201.148.208
What encryption versions does TruSTAR support?
  • The TruSTAR production environment's AWS ELB uses security policy "ELBSecurityPolicy-TLS-1-1-2017-01", which supports TLS 1.1 or greater.  TruSTAR will not accept requests to connect using either TLS 1.0 or SSL.  

    How Did We Do?