Blog Ingest Intelligence Faster With the New TruSTAR Google Chrome Extension

Ingest Intelligence Faster With the New TruSTAR Google Chrome Extension

If you’re an intelligence analyst, you’re probably spending a lot of time searching and scraping the internet for threat intelligence to speed investigations and response. From searching Twitter and Pastebin for IOCs, to customizing Startme pages, we know high-fidelity intelligence is hard to find.

At TruSTAR, our mission is to help analyst teams ingest and normalize intelligence data into your workflow as quickly and seamlessly as possible. Today we’re proud to roll out new enhancements to our Google Chrome Extension.

What is the TruSTAR Google Chrome Extension?

Our Google Chrome Extension allows analysts to select any text in your Chrome browser and send it as a report into TruSTAR’s intelligence management platform, helping you triage investigations, collect intelligence for enrichment, and build cases for investigations faster.

How can I use the Google Chrome Extension in my investigation workflow?

Here are three ways security analysts are using the extension today.

Triage With Confidence- The first step of triaging an incident is verifying if your observable is good or bad. You can now verify maliciousness with an Enrichment Preview. Right-click an observable and see IOC correlations and enrichment along with any additional intelligence you’ve already collected within TruSTAR.

Highlight an IOC or malware name on your browser and right-click  to check for enrichment on TruSTAR.

Collect Intelligence - Maybe you or a threat intelligence teammate is responsible for curating relevant intelligence from third-party sources. Our tool helps you easily highlight and ingest IOCs en masse, without all the tab sprawl and copy/paste with our Report and IOC Ingest feature. Submit observables by highlighting indicators directly in your browser, whether it’s from Pastebin, Twitter, or a website. When you submit reports using the TruSTAR Chrome Extension, you can also add the same tags you use in TruSTAR. (i.e. tag IOCs according to a campaign, Enclave, etc.)

Highlight text and right-click to create a new report.

Build A Case - Our Chrome Extension allows you to easily pull multiple IOCs into a single report on TruSTAR, enabling you to build a case outside of your normal channels and correlate it with existing data. (For example, maybe you don’t want to build a case inside ServiceNow quite yet because you’re still finalizing your data and analysis.) From there, TruSTAR helps you operationalize your intelligence across your technology stack via SIEM, Case Management, and Orchestration integrations.

What’s changed?

Our Google Chrome Extension previously only solved the Triage use case. We are excited to add Intelligence Collection and Report Creation to our Chrome Extension use cases to help you deliver the enrichment that you need to speed through investigations with confidence.

Read to get started?

Download the TruSTAR app on Google Chrome Marketplace today.

Download Google Chrome Extension

For more detailed installation and usage instructions, visit the TruSTAR Knowledge Base.

Improved Submission Workflow on TruSTAR Improved Submission Workflow on TruSTAR One of TruSTAR’s key differentiators is the ability to extract and normalize indicators from structured or ... Read More
TruSTAR Announces New MITRE ATT&CK Framework Feature ABOUT MITRE ATT&CK on TruSTAR Read More
New Context Panel Helps Analysts Prioritize Reports Faster Using Trusted Intelligence Sources Introducing the New Context Panel Reducing friction in the analyst workflow is central to how we evolve our product. Today TruSTAR has released a new ... Read More
IBM & City of Los Angeles Select TruSTAR to Build Security Tool for Local Businesses On Tuesday, at the 2019 LA Cyber Lab Summit, The City of Los Angeles announced their business partnership with IBM Security and TruSTAR to help local ... Read More