Intel 471 Malware Intelligence

Updated 5 hours ago by Elvis Hovor

This document describes how to set up and use Intel 471 Malware Intelligence with TruSTAR Station.

Malware Intelligence leverages Intel 471’s industry-leading access within the cybercriminal underground to obtain early access to malware including Trojans, RATs and Stealers, which is then analyzed and reverse-engineered malware to create actionable signatures and malware reports. Malware Intelligence was developed for seamless and automated ingestion into security tools and infrastructure.

  • Time to Install: 10 minutes
  • Type of Feed: Automatic updates
  • Update Frequency: 15 minutes
  • Intel Type: Premium

Data Types

The integration pulls all observables supported by TruSTAR.

Requirements

  • A subscription to Intel 471 Malware Intelligence
  • Malware Intelligence API ID
  • Malware Intelligence API Key
TruSTAR Admin rights are required to activate this Premium Intel feed.

Getting Started

  1. Log into TruSTAR Station.
  2. Click the Marketplace icon on the left side icon list.
  3. Choose Closed Source.
  4. Click Subscribe on the Intel 471 Malware Intelligence box.
  5. Enter the information requested and click Save Credentials & Request Subscription.

TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.

Report Mapping

Field 

Explanation

Report Title

UID Example: f155a2ffcd9d8cf61

External ID

UID field of response. Example: f155a2ffcd9d8cf61

Report Body

Individual item of json response

Time Begun

None

Tags

Confidence field of response. Example: [“Confidence: high”]

Deeplink

None

Client Type

PYTHON SDK

Client Meta Tag

trustash

Known Issues

No reported issues.

Please reach out to support@trustar.co if you have issues with this integration.


How Did We Do?