What is an Enclave?

Updated 4 months ago by Shimon Modi

Introduction

What do Enclaves Do? 

  • Enclaves are secure data repositories used for storing, managing, and enriching sensitive events. A TruSTAR Enclave allows users to analyze and enrich investigations with trusted, relevant intelligence sources, including information shared by your partners and peers, while allowing you to maintain protective access controls.
How can Enclaves help you operationalize your external threat intel feeds? 
  • Using our enclave capability you can quickly ingest external intelligence sources, including listservs, to enrich your cases. Enclaves also let you see which intelligence sources are the most valuable to your cyber investigations.
How can Enclaves help you surface relevant intelligence within your organization? 
  • Organizations have complex access control policies that can hinder investigations. Enclaves allow you to segment duties among internal teams while surfacing relevant correlations across your entire data ecosystem. We integrate with leading SIEM, case management, and orchestration tools to allow you to quickly act upon these findings.  
How can Enclaves work with your threat intelligence sharing partners? 
  • With Enclaves, organizations can selectively share and collaborate with partners and ISACs/ISAOs. Members from different organizations can use common Enclaves to import, extract, redact, and exchange threat intelligence data into one safe environment and platform.

How Did We Do?