Blog Product Update: Search and Annotate Investigations on TruSTAR

Product Update: Search and Annotate Investigations on TruSTAR

Today we are excited to announce the release of a brand new feature that will help you add information to reports and IOCs that you can refer to a later time. Plus, we’ve tweaked our algorithm to significantly enhance your Search capabilities on the platform. Read on to learn more. 

Notes: Add Your Own Analysis to a Report or IOC

This is a situation most analysts are familiar with - you have analyzed an event or threat activity and found more context that is relevant to you, but now you need to keep track of it in a way that is easily accessible later on and can be shared with other members of your team.

A number of our users asked us to address this pain point and our response is our new Notes feature. You can now add (and delete) annotations to reports and individual IOCs within our graph visualization and they will persist on the graph nodes.

As always, privacy is paramount to us, and the Notes you add will only be visible to other members of your company. In the coming months, we will be adding the capability to tag a specific user on a Note so that they can be alerted to it, similar to how the @ comment feature works when you’re editing a Word or a Google document.


Enhanced Search: Streamline Your Analysis Workflow

We've been talking to users about what they like and don’t like with our search capability and we are releasing search enhancements to address your feedback.

Here is a list of improvements to our original Search feature:

Results categorized by type. Search results will now be clearly categorized into IOC and Reports sections so that you can focus on results most relevant to you.

Better Results. We enhanced our algorithm to surface the most relevant information based on your search query. Search results now include complete and partial matches. Better results mean better, more informed decisions.

Wildcard search. You can use wildcard (*) in the search term and you will see all results that match the wildcard. Wildcard searches are not simply exact string matches, but are based on character patterns matching between the characters specified in a query and words in our database that contain the same character patterns.

Advanced Search Options. You can provide a search term in quotes “ ” to return exact matches only. You can also do multiple word search separated by SPACE and results will be ordered by the completeness of the match.

Ready to get started?

Now that you know how our new features, give it a try! Click here to get started.

Improved Submission Workflow on TruSTAR Improved Submission Workflow on TruSTAR One of TruSTAR’s key differentiators is the ability to extract and normalize indicators from structured or ... Read More
TruSTAR Announces New MITRE ATT&CK Framework Feature ABOUT MITRE ATT&CK on TruSTAR Read More
New Context Panel Helps Analysts Prioritize Reports Faster Using Trusted Intelligence Sources Introducing the New Context Panel Reducing friction in the analyst workflow is central to how we evolve our product. Today TruSTAR has released a new ... Read More
IBM & City of Los Angeles Select TruSTAR to Build Security Tool for Local Businesses On Tuesday, at the 2019 LA Cyber Lab Summit, The City of Los Angeles announced their business partnership with IBM Security and TruSTAR to help local ... Read More