Dragos WorldView

Updated 5 months ago by Sachit Soni

This document explains how to setup and use the Dragos WorldView premium intelligence source with the TruSTAR Web App.

The Dragos threat intelligence source, WorldView, provides actionable insights, analyses, alerts, and reports illuminating malicious activity and relevant recommendations.

  • Source Type: Premium Intel
  • Update Type: Feed-based
  • Update Frequency: 6 Hours
  • Time to install: 10 minutes

Data Types

The integration pulls the following observables:

  • SHA1
  • SHA256
  • Software
  • MD5
  • IP Address
  • URL


  • A subscription to Dragos WorldView
  • Dragos WorldView API Key and API Secret

Getting Started

  1. Login into the TruSTAR Web App.
  2. Click the Marketplace icon on the Navigation Bar.
  3. Choose Premium Intel.
  4. Click Subscribe to Dragos.
  5. Enter your Dragos API Key and API Secret and then click Save Credentials & Request Subscription.

TruSTAR will validate and enable the iSight integration within 48 hours. You will receive an email from us informing you as soon as it is enabled.

TruSTAR Report Mapping



Report Title

Dragos: IOC-Type + IOC -Value

External ID

Dragos UUID taken from indicator

Report Body

Indicator JSON response with Product JSON response embedded on the ‘products’ field.

These responses are taken from:

Dragos Indicator Endpoint + Dragos Product Endpoint





Client Type

Python SDK

Client MetaTag


Known Issues

No reported issues.

Please contact support@trustar.co if you have issues with this integration.

How Did We Do?