Blog Product Update: Search and Annotate Investigations on TruSTAR

Product Update: Search and Annotate Investigations on TruSTAR

Today we are excited to announce the release of a brand new feature that will help you add information to reports and IOCs that you can refer to a later time. Plus, we’ve tweaked our algorithm to significantly enhance your Search capabilities on the platform. Read on to learn more. 

Notes: Add Your Own Analysis to a Report or IOC

This is a situation most analysts are familiar with - you have analyzed an event or threat activity and found more context that is relevant to you, but now you need to keep track of it in a way that is easily accessible later on and can be shared with other members of your team.

A number of our users asked us to address this pain point and our response is our new Notes feature. You can now add (and delete) annotations to reports and individual IOCs within our graph visualization and they will persist on the graph nodes.

As always, privacy is paramount to us, and the Notes you add will only be visible to other members of your company. In the coming months, we will be adding the capability to tag a specific user on a Note so that they can be alerted to it, similar to how the @ comment feature works when you’re editing a Word or a Google document.


Enhanced Search: Streamline Your Analysis Workflow

We've been talking to users about what they like and don’t like with our search capability and we are releasing search enhancements to address your feedback.

Here is a list of improvements to our original Search feature:

Results categorized by type. Search results will now be clearly categorized into IOC and Reports sections so that you can focus on results most relevant to you.

Better Results. We enhanced our algorithm to surface the most relevant information based on your search query. Search results now include complete and partial matches. Better results mean better, more informed decisions.

Wildcard search. You can use wildcard (*) in the search term and you will see all results that match the wildcard. Wildcard searches are not simply exact string matches, but are based on character patterns matching between the characters specified in a query and words in our database that contain the same character patterns.

Advanced Search Options. You can provide a search term in quotes “ ” to return exact matches only. You can also do multiple word search separated by SPACE and results will be ordered by the completeness of the match.

Ready to get started?

Now that you know how our new features, give it a try! Click here to get started.

TruSTAR Intel Workflows Series: Shifting from App-Centric to Data-Centric Security Operations We recently introduced API 2.O featuring TruSTAR Intel Workflows. This blog series will explain our motivations for building this feature, how it ... Read More
How to Get the Most out of Your Community Plus Toolkit TruSTAR is the Intelligence Management Platform that powers some of the largest ISAC/ISAO threat intelligence exchanges in North America.  Read More
Announcing TruSTAR Phishing Triage & New Intelligence Scoring Capabilities Today TruSTAR has launched Phishing Triage, a new suite of features designed to automatically ingest, extract, normalize, prioritize, and take action ... Read More
COVID-19 Intelligence Briefing: What Happens Next? TruSTAR recently held an intelligence briefing with leaders from IBM X-Force IRIS, BAE Systems, and Intel471 to discuss the threatscape surrounding ... Read More