Blog We've Made It Easier For You To Find High-Priority Indicators

We've Made It Easier For You To Find High-Priority Indicators

Today we’re announcing a major update to our IOC management feature to help security teams identify high-priority indicators while investigating incidents on our platform. Our model now accounts for threat activity context of the specific IOC. For example, was the IOC observed scanning IP addresses or part of a command and control infrastructure? Now TruSTAR’s platform can help you find the answer.

Starting today High-Priority IOCs will have a greater emphasis in TruSTAR’s graph visualizations. You will see a red halo around these IOCs to help you easily identify indicators that have the most actionable input to your analysis workflow.


How do I take advantage of these enhancements?

The ability to triage and escalate investigations quickly while maintaining accuracy is critical to your SOC workflow. Being able to identify High-Priority IOCs in our graph visualization by sight will help guide you through a more focused investigation.

When you click on a High-Priority IOC, the details panel on the left will provide you with more contextual data about the IOC, as well as the enrichment details that are used to compute the High-Priority label.


The prioritization model will also be applied to our new IOC Management feature, visible in our Explore view. This will help you easily identify High-Priority IOCs from the list and analysts interested in threat hunting can use these IOCs as a starting point.


How does the scoring model work?

IOC prioritization is determined based on our scoring model. The model makes use of several features including relationships within TruSTAR’s network of Private Enclaves, the timing of IOC relationships and how they are changing over time, as well as assessments from other intel sources on our Marketplace.

The metrics powering these scores are designed to provide you with the most accurate and timely insights available on the TruSTAR platform.  

What's next?

We will be further integrating IOC prioritization into your overall user experience by making it available on the Dashboard in the near future. To provide feedback please email us at or contact your customer success representative.

Improved Submission Workflow on TruSTAR Improved Submission Workflow on TruSTAR One of TruSTAR’s key differentiators is the ability to extract and normalize indicators from structured or ... Read More
TruSTAR Announces New MITRE ATT&CK Framework Feature ABOUT MITRE ATT&CK on TruSTAR Read More
New Context Panel Helps Analysts Prioritize Reports Faster Using Trusted Intelligence Sources Introducing the New Context Panel Reducing friction in the analyst workflow is central to how we evolve our product. Today TruSTAR has released a new ... Read More
IBM & City of Los Angeles Select TruSTAR to Build Security Tool for Local Businesses On Tuesday, at the 2019 LA Cyber Lab Summit, The City of Los Angeles announced their business partnership with IBM Security and TruSTAR to help local ... Read More