true
Blog New Context Panel Helps Analysts Prioritize Reports Faster Using Trusted Intelligence Sources

New Context Panel Helps Analysts Prioritize Reports Faster Using Trusted Intelligence Sources

TruSTAR_ContextPanel_9-30-19

Introducing the New Context Panel

Reducing friction in the analyst workflow is central to how we evolve our product. Today TruSTAR has released a new user interface to help analysts triage and act on the insights coming from your most trusted TruSTAR Marketplace intelligence sources.

Today’s release is primarily focused on understanding context from commercial intelligence sources like CrowdStrike, Digital Shadows, Intel471 and others by converting machine readable JSON files into an analyst-friendly presentation. This context is organized using the digital equivalent of baseball cards, which makes it easier to scan vital details, like confidence scores, and pivot to linked intelligence sources.

Why Make the Change?

A few trends made us consider updating our current user experience and interface:

  • Growing Number of Intelligence Providers & Volume of Data- Analysts are relying on a larger number of intelligence sources in their decision making. Plus, the variety of information and context provided by intelligence providers is continuing to increase. 
  • Opaque Scoring Methodologies - Many intel platforms today offer custom scoring systems layered on top of confidence and risk scores provided by intelligence sources. This adds unnecessary subjectivity to the prioritization and triage process.

We know that enrichment from commercial intelligence providers is vital to accelerating analysis and workflow, but we also acknowledge that analysts often have to read through large volumes of information in order to extract relevant context. This new baseball card layout, featuring new colors, icons, and fonts has been designed to simplify the presentation of intelligence and context so that it’s easier to action off of important elements in reports.

What’s New

The entire Context Panel has been redesigned to follow the information card design paradigm

Below we’ve listed the highlights:

  • Quick Context for Faster Triage - On the front of the card, you'll see a summary table of details like risk/confidence score, kill chain, date last seen, etc. You can also view the full report content just like the earlier version. 
  • Pull-Through Scoring - TruSTAR pulls through the original confidence and risk scores from intelligence sources to offer a more objective view for prioritization. 
  • Extracted Indicators for Link Analysis - Each extracted indicator is now displayed with a self-contained card. When you flip the card, it will show all other sources that also have that indicator sighting.

Screen Shot 2019-09-30 at 12.56.46 AM

Learn More

For a more detailed rundown please visit our Knowledge Base article

We will continue making updates to our user experience, and we welcome your questions and feedback on improvements. Please don’t hesitate to send us a quick note at support@trustar.co or visit our Customer Support Portal.

IBM & City of Los Angeles Select TruSTAR to Build Security Tool for Local Businesses On Tuesday, at the 2019 LA Cyber Lab Summit, The City of Los Angeles announced their business partnership with IBM Security and TruSTAR to help local ... Read More
Ingest Intelligence Faster With the New TruSTAR Google Chrome Extension If you’re an intelligence analyst, you’re probably spending a lot of time searching and scraping the internet for threat intelligence to speed ... Read More
Enrich Your Data With Independent Threat Intelligence Research TruSTAR is a product built by analysts, for analysts. Back in our SOC days, we checked-in with influencers in our field whenever we had an indicator ... Read More