Configure Email Ingest Inbox

by Shimon Modi

Introduction

Listservs are still a common medium for exchanging intelligence and TruSTAR provides email ingest capability that can automatically process intelligence from emails into the company Enclave. 

To do this TruSTAR creates an email handle for a given company, e.g. “Acme Co., acmeco@trustar.co” which then needs to be added to the listserv distribution list. Any emails sent out are then added to the user’s Enclave with the subject line becoming the report title and the date and report content properly populated.

If you would like to use email ingestion and have not yet set it up, follow these steps:

  1. Log into your TruSTAR account
  2. Navigate to the top right and select "Settings" in the drop down menu
  3. Fill out the form under "Email Settings"


    Enclave To Submit Reports To : Name of your Enclave
    Desired Email Prefix: Name of email handle you want to use. If email handle is already taken we will contact you to request another email handle.
    Email Subject Prefix: Include all email prefixes that you want to send to TruSTAR, example below Indicators, Phishing *Please note the titles listed above must be listed in the subject line in order for email ingest to work
    Accepted Sender Emails: Add all team members that can send this information to TruSTAR 

  4. Once the request is sent, you will be notified once it has been processed and complete
You can then forward reports from listservs and any email alerts that you receive to that handle so that they can be ingested into your Enclave. 
As with all other submissions, IOCs are automatically extracted and correlated.

How Did We Do?