Reduce Playbook Complexity With TruSTAR & Demisto
TruSTAR is now compatible with Demisto Server v5 or higher. TruSTAR’s Demisto application helps security professionals fuse and enrich intelligence sources before they are sent to Demisto. This key step normalizes and prepares intelligence for orchestration, significantly reducing playbook complexity. As a result, Demisto playbooks are easier to set-up and more resilient.
Pull Through Full Context & Enrichment
Capture full context from a single API endpoint with TruSTAR metadata commands.
- Tagging - Normalize tagging across Intelligence Sources and ISAC/ISAO data for end-to-end context.
- Notes & Annotations - Pull through complete notes and annotations from Sources and Apps.
- MITRE ATT&CK Framework - Leverage tagging to track MITRE ATT&CK TTPs.
Application Benefits
Simplify Playbook Commands
Ingest intelligence from a single API endpoint to reduce playbook redundancy. Customize data ingest and dissemination settings across your full dataset.
Prepare Data
TruSTAR abstracts away the programming of data normalization and preparation, making it easier to automate actions off of highly-scored events or indicators. Automatically ingest, extract, enrich, normalize, prioritize, and take action on observables based on sources.
Streamline Automation
Map and normalize intelligence in TruSTAR before triggering playbooks. Leverage Priority Scores and Normalized Indicator Scores to automate intelligence vetting.