Posted: 15th April 2022

Product Overview

TruSTAR is an Intelligence Management Platform that helps you operationalize data across tools and teams, helping you prioritize investigations and accelerate incident response. This allows analysts to fully integrate their security technologies, teams, and processes with actionable threat intelligence resulting in reduced detection to response time and enhanced asset protection.

Challenges Overcome Through Integration

When security teams don’t collaborate and tools don’t communicate, critical gaps emerge. By making Recorded Future data available in TruStar, you’re able to:

  • Build processes to identify the most relevant threats, proactively protect your network
  • Quickly respond to incidents in a measurable way
  • Ability to layer external threat data on top of internal telemetry data.
The integration between TruStar and Recorded Future allows security responders to:
  • Detect and gain context on threats with real-time external intelligence
  • Proactively block threats before they impact the business

Integration Description

The integration between TruStar and Recorded Future allows users to bring high-fidelity threat intelligence into their workflows to reduce the MTTR (mean time to response). The integration makes use of the following Recorded Future Risk List for correlation and detection:

  • IP
  • URL
  • Hash
  • Vulnerability
These datasets contain malicious indicators that can be used for correlation against internal telemetry data.