NetLab 360 DGA Feeds

Updated 3 weeks ago by TruSTAR

This article explains how to set up the NetLab 360 DGA Feeds open source intelligence in the TruSTAR platform.

This self-curating feed monitors malicious networks to observe current criminal activity and collect relevant Domain information, producing high-confidence data with very low false positives.

  • Source Type: Open Source
  • Update Type: Feed-based
  • Update Frequency: 10 minutes
  • Time to install: 10 minutes

Observables Supported

  • Domain

Requirements

TruSTAR Admin rights are required to activate this intelligence source.

Getting Started

  1. Log into the TruSTAR Web App.
  2. Click the Marketplace icon on the left side icon list.
  3. Click Open Source to view the feeds available.
  4. Click Subscribe on the NetLab 360 DGA Feeds box.

TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.

TruSTAR Report Mapping

The information retrieved from this intelligence source is stored in the NetLab 360 DGA Feeds Enclave using this format.

Field 

Explanation

Title

Netlab - IOC / DGA Family / Date

content.indicators.value

Indicator value

content.indicators.tags

DGAfamily

externalURL

None

Known Issues

No reported issues.

Please contact support@trustar.co if you have issues with this integration.


How Did We Do?