Technical Solution Brief:

TruSTAR Demisto Workflow Application

Demisto-Reversed-Logo-768x237

Download Datasheet

Reduce Playbook Complexity With TruSTAR & Demisto

TruSTAR is now compatible with Demisto Server v5 or higher. TruSTAR’s Demisto application helps security professionals fuse and enrich intelligence sources before they are sent to Demisto. This key step normalizes and prepares intelligence for orchestration, significantly reducing playbook complexity. As a result, Demisto playbooks are easier to set-up and more resilient.

Demisto-5StepWorkflow

Pull Through Full Context & Enrichment

Capture full context from a single API endpoint with TruSTAR metadata commands.

  • Tagging - Normalize tagging across Intelligence Sources and ISAC/ISAO data for end-to-end context.
  • Notes & Annotations - Pull through complete notes and annotations from Sources and Apps.
  • MITRE ATT&CK Framework - Leverage tagging to track MITRE ATT&CK TTPs.
Demisto_Before-After

Application Benefits

Icon_Simplify

Simplify Playbook Commands

Ingest intelligence from a single API endpoint to reduce playbook redundancy. Customize data ingest and dissemination settings across your full dataset.

Icon_Data-Prep

Prepare Data

TruSTAR abstracts away the programming of data normalization and preparation, making it easier to automate actions off of highly-scored events or indicators. Automatically ingest, extract, enrich, normalize, prioritize, and take action on observables based on sources.

Icon_Automate

Streamline Automation

Map and normalize intelligence in TruSTAR before triggering playbooks. Leverage Priority Scores and Normalized Indicator Scores to automate intelligence vetting.

Download Datasheet

Fill out the form below to receive our Demisto datasheet download.