Intel 471 Malware Intelligence
This document describes how to set up and use Intel 471 Malware Intelligence with TruSTAR Station.
Malware Intelligence leverages Intel 471’s industry-leading access within the cybercriminal underground to obtain early access to malware including Trojans, RATs and Stealers, which is then analyzed and reverse-engineered malware to create actionable signatures and malware reports. Malware Intelligence was developed for seamless and automated ingestion into security tools and infrastructure.
- Time to Install: 10 minutes
- Type of Feed: Automatic updates
- Update Frequency: 15 minutes
- Intel Type: Premium
Data Types
The integration pulls all observables supported by TruSTAR.
Requirements
- A subscription to Intel 471 Malware Intelligence
- Malware Intelligence API ID
- Malware Intelligence API Key
Getting Started
- Log into TruSTAR Station.
- Click the Marketplace icon on the left side icon list.
- Choose Closed Source.
- Click Subscribe on the Intel 471 Malware Intelligence box.
- Enter the information requested and click Save Credentials & Request Subscription.
TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.
Report Mapping
Field | Explanation |
Report Title | UID Example: f155a2ffcd9d8cf61 |
External ID | UID field of response. Example: f155a2ffcd9d8cf61 |
Report Body | Individual item of json response |
Time Begun | None |
Tags | Confidence field of response. Example: [“Confidence: high”] |
Deeplink | None |
Client Type | PYTHON SDK |
Client Meta Tag | trustash |
Known Issues
No reported issues.
