How to Prioritize Investigations Using Enrichment

Triage with confidence:

Sometimes the hardest part of triage is knowing where to start.

In this interactive workflow demo, TruSTAR intelligence architects will teach you how to combine alerts and tickets from your SIEM and Case Management tools and prioritize them within the TruSTAR platform using new scoring and filtering features, as well as enrichment data from Premium Intelligence feeds like CrowdStrike and Digital Shadows.

This live interactive training session took place on Tuesday, January 28, 2020.

More Workflow Training Sessions:


Training: Everything You Need to Know About Phishing Triage 

Phishing emails are time-consuming to triage. Learn how to create a phishing repository using TruSTAR's email ingest feature to help your team more easily correlate known-bad entities. 

Access Now


Training: Case Management Workflow & Best Practices

When investigating and responding to alerts, security analysts need maximum context to make an informed decision on next steps as quickly as possible. Learn case management workflow best practices through TruSTAR's ServiceNow integrations.

Access Now


Splunk ES Workflow Training

Stop drinking from the SIEM alert firehose. By taking an in-depth look at TruSTAR's new Splunk ES integration, security professionals can learn how to respond to alerts faster by learning best practices on prioritizing investigations based on context and severity.

Access Now


Training: Accelerate Incident Response with TruSTAR and IBM Resilient, IBM XForce

Whether investigating and responding to a phishing email, SIEM alert, ticket, or fraudulent transaction, security analysts need as much information as possible to make informed decisions and act quickly. In this interactive workflow demo, TruSTAR and IBM intelligence architects will walk you through sample incident response workflows using the TruSTAR and IBM’s suite of tools.

This live training session will take place on Tuesday, February 11, 2020.

Register Now


New Feature Training: Announcing New Phishing Triage Tool from TruSTAR

TruSTAR's new Phishing Triage tool aggregates and normalizes scores from different intelligence sources, then can automatically send malicious IOCs back into SIEM or detection tools. Learn how to use this new feature in this live interactive training.

This live training session will take place on Tuesday, March 10, 2020.

Register Now