TruSTAR Insights Feature
We are excited to launch the TruSTAR Insights feature designed to give you a quick look at incident reports and indicators that are trending in the platform. The TruSTAR platform is powered by a graph database and this allows us to quickly discover correlation trends between incident reports and indicators of compromise. The Insights feature is designed to provide an overview of these trends so you can be better informed and start taking proactive mitigation measures.
Reports Overview — At the top of the Insights panel you will see the total number of reports submitted to the Community and to your Enclaves. You can select the time window, and this will be applied to all data shown on the Insights panel.
Most Correlated Reports — This panel shows the top 5 reports with the most number of correlations among all community reports. You can quickly identify incident reports, and type of incidents, that are trending in TruSTAR. When you click on a specific report it will take you to the graph visualization for that report.
Most Correlated Indicators — This panel shows the top 5 IoC’s with the most number of correlations among all community reports. You can quickly identify the specific IoC and indicator type that are trending. When you click on an IoC it will take you to a list view of all reports that contain that IoC.
Frequently Observed CVE’s — We calculate the most frequently occurring CVE’s among submitted community reports and show them here. This is useful to identify which vulnerabilities are getting exploited most often, and ensure that your systems are patched to mitigate them.
Let us know what you think of the Insights feature and other analytics that you would like to see. As always, reach out to us on support@trustar.co or Slack us on TruSTAR-users channel.
