FireEye iSight

Updated 4 days ago by Elvis Hovor

This document explains how to set up and use FireEye iSight with TruSTAR Station.

FireEye iSIGHT Threat Intelligence is a proactive, forward-looking means of qualifying threats poised to disrupt your business based on the intents, tools and tactics of the attacker. This high-fidelity, comprehensive intelligence delivers visibility beyond the typical attack lifecycle, adding context and priority to global threats before, during and after an attack.

  • Time to Install: 10 minutes
  • Type of Feed: Automatic updates
  • Update Frequency: 15 minutes
  • Intel Type: Premium

Requirements

  • A subscription to iSight intelligence.
  • iSight public key (API ID)
  • iSight private key (API Secret)
TruSTAR Admin rights are required to activate this Premium Intel feed.

Getting Started

  1. Log into TruSTAR Station.
  2. Click the Marketplace icon on the left side icon list.
  3. Choose Closed Sources.
  4. Click Subscribe on the iSight Partners box.
  5. Enter your API key and API Secret key, then click Save Credentials & Request Subscription.

TruSTAR will validate and enable the iSight integration within 48 hours. You will receive an email from us informing you as soon as it is enabled.

TruSTAR Report Mapping

Field 

Explanation

Report Title

Report title Example: 21-52014

External ID

reportID Example: 21-52014

External URL

reportLink Example: https://api.isightpartners.com/report/21-52014

Report Body

Full json response from iSight

Time Begun

publishDate Example: 1408463264

Tags

None

Known Issues

No reported issues.

Please reach out to support@trustar.co if you have issues with this integration.


How Did We Do?