Frequently Asked Questions

Truss allows organizations to automatically update their SIEM and EDR tools to detect the latest security events or vulnerability disclosures in real time! Allowing organizations to respond to alerts, activate security teams, and notify leadership as soon as a malicious operation occurs.

Want to learn more:
https://truss-security.com/blog/introducing-truss

A Security RPC (Remote Procedure Call) is an Application Programming Interface (API) that is designed specifically for defenders to query Truss' stored security data. APIs allow quick access to all of Truss' comprehensive security data and protections making it easy to find what you're looking for!

The Cyber Threat Intelligence (CTI) that powers Truss comes directly from a global set of researchers. These researchers are paid directly by the consumers of the CTI, a process that incentivizes researchers to continually develop and produce new CTI datasets.

Learn more about how Truss leverages CTI?
https://truss-security.com/blog/making-cyber-threat-intelligence-actionable

Using the human immune system as an analogy, the Cyber Immune System (Truss) is essentially the white blood cell of the digital body or network. When a pathogen (malware, ransomware, adware, C2 network) enters the body, individual cells (or researchers, victims) identify the pathogen and build antigens (IOC indicators) to defend against that threat. These antigens are then transported throughout the body giving other white blood cells (SOCs, Threat Hunters, etc) the keys to identify and defeat the pathogen.

Truss offers the ability to provide a global communication pathway to transmit IOCs between researchers and defenders (SOC analysts, Threat Hunters, etc) in real time. Once a researcher posts their IOCs for a given threat, it is globally available and can be implemented.

Within Truss, an Intent is synonymous with a Request. Organizations will submit a Truss Intent when they are requesting a particular type of security intelligence. Be that a list of IOCs for the latest ransomware variant, or a new dashboard for their SIEM/EDR application. Their intent is to collect a relevant set of information or data. Truss facilitates this request by finding the sources who can fulfill the request.

"When you express an intent, you simply define the outcome you want, not the process to get there." - Emperor

A place where thousands of researchers across the globe post their security data, detection rules, threat actor IOCs, dashboard templates, and alert frameworks. Once posted on the marketplace, organizations are able to purchase this data directly from the researcher and implement that protection in their own environment.

Learn more at:
https://truss-security.com/blog/flexible-intelligence

The security data available within Truss is ingested into security tools via that tool's API functionality. A Truss Agent designed for that specific security tool is available within the Truss Marketplace. Using this Agent will pull the given security data (CTI, Rule, IOC, dashboard, or report template) from Truss and ingest that security product into the security tool.

Users will have the ability to customize and tailor the agent to function optimally with their own security tool instance.

Blockchain technology maintains several characteristics that benefit security operations. Key among them are the features of Transparency, Immutability, and Consensus.

Transparency is key for Truss operations as Cyber Threat Intelligence (CTI) requires the trust of both consumers and producers. Transparency in the supply chain development of CTI is required to establish trust and confidence that the produced product is validated, stateful, and secure.

In much the same way, Truss requires that each security product is Immutable, meaning that the security data has not been altered or manipulated from its original state. This helps both consumers and producers of the data ensure they are dealing with accurate data.

Finally, Consensus. Blockchains allow any interested party to investigate, validate, and arrive at the consensus that every operation is accurate and unaltered. Consensus is critical in facilitating trust, especially when dealing with the highly sensitive security data handled by Truss and its consumers.

The Truss Token is considered a Utility Token and does not represent a cost value nor is it used to purchase security products on the Truss Marketplace. The utility functionality of the Truss Token is designed to ensure the continued functionality, stability, and tokenenomic payment structure of Truss.