Blog Ingest Intelligence Faster With the New TruSTAR Google Chrome Extension

Ingest Intelligence Faster With the New TruSTAR Google Chrome Extension

If you’re an intelligence analyst, you’re probably spending a lot of time searching and scraping the internet for threat intelligence to speed investigations and response. From searching Twitter and Pastebin for IOCs, to customizing Startme pages, we know high-fidelity intelligence is hard to find.

At TruSTAR, our mission is to help analyst teams ingest and normalize intelligence data into your workflow as quickly and seamlessly as possible. Today we’re proud to roll out new enhancements to our Google Chrome Extension.

What is the TruSTAR Google Chrome Extension?

Our Google Chrome Extension allows analysts to select any text in your Chrome browser and send it as a report into TruSTAR’s intelligence management platform, helping you triage investigations, collect intelligence for enrichment, and build cases for investigations faster.

How can I use the Google Chrome Extension in my investigation workflow?

Here are three ways security analysts are using the extension today.

Triage With Confidence- The first step of triaging an incident is verifying if your observable is good or bad. You can now verify maliciousness with an Enrichment Preview. Right-click an observable and see IOC correlations and enrichment along with any additional intelligence you’ve already collected within TruSTAR.

Highlight an IOC or malware name on your browser and right-click  to check for enrichment on TruSTAR.

Collect Intelligence - Maybe you or a threat intelligence teammate is responsible for curating relevant intelligence from third-party sources. Our tool helps you easily highlight and ingest IOCs en masse, without all the tab sprawl and copy/paste with our Report and IOC Ingest feature. Submit observables by highlighting indicators directly in your browser, whether it’s from Pastebin, Twitter, or a website. When you submit reports using the TruSTAR Chrome Extension, you can also add the same tags you use in TruSTAR. (i.e. tag IOCs according to a campaign, Enclave, etc.)

Highlight text and right-click to create a new report.

Build A Case - Our Chrome Extension allows you to easily pull multiple IOCs into a single report on TruSTAR, enabling you to build a case outside of your normal channels and correlate it with existing data. (For example, maybe you don’t want to build a case inside ServiceNow quite yet because you’re still finalizing your data and analysis.) From there, TruSTAR helps you operationalize your intelligence across your technology stack via SIEM, Case Management, and Orchestration integrations.

What’s changed?

Our Google Chrome Extension previously only solved the Triage use case. We are excited to add Intelligence Collection and Report Creation to our Chrome Extension use cases to help you deliver the enrichment that you need to speed through investigations with confidence.

Read to get started?

Download the TruSTAR app on Google Chrome Marketplace today.

Download Google Chrome Extension

For more detailed installation and usage instructions, visit the TruSTAR Knowledge Base.

Enrich Your Data With Independent Threat Intelligence Research TruSTAR is a product built by analysts, for analysts. Back in our SOC days, we checked-in with influencers in our field whenever we had an indicator ... Read More
Unveiling Our New Blockchain Research Tool at Black Hat Arsenal and DEF CON Recon Village 2018 Las Vegas, Aug. 06, 2018 (GLOBE NEWSWIRE) — The data science team behind TruSTAR will be presenting the only blockchain research tool selected for ... Read More
We've Made It Easier For You To Find High-Priority Indicators Today we’re announcing a major update to our IOC management feature to help security teams identify high-priority indicators while investigating ... Read More