Frequently Asked Questions
How does Truss help businesses?
Truss allows organizations to automatically update their SIEM and EDR tools to detect the latest security events or vulnerability disclosures in real time! Allowing organizations to respond to alerts, activate security teams, and notify leadership as soon as a malicious operation occurs.
Want to learn more:
https://truss-security.com/blog/introducing-truss
What is a Security RPC?
A Security RPC (Remote Procedure Call) is an Application Programming Interface (API) that is designed specifically for defenders to query Truss' stored security data. APIs allow quick access to all of Truss' comprehensive security data and protections making it easy to find what you're looking for!
Where does the CTI in Truss come from?
The Cyber Threat Intelligence (CTI) that powers Truss comes directly from a global set of researchers. These researchers are paid directly by the consumers of the CTI, a process that incentivizes researchers to continually develop and produce new CTI datasets.
Learn more about how Truss leverages CTI?
https://truss-security.com/blog/making-cyber-threat-intelligence-actionable
What is the Truss Cyber Immune System?
Using the human immune system as an analogy, the Cyber Immune System (Truss) is essentially the white blood cell of the digital body or network. When a pathogen (malware, ransomware, adware, C2 network) enters the body, individual cells (or researchers, victims) identify the pathogen and build antigens (IOC indicators) to defend against that threat. These antigens are then transported throughout the body giving other white blood cells (SOCs, Threat Hunters, etc) the keys to identify and defeat the pathogen.
Truss offers the ability to provide a global communication pathway to transmit IOCs between researchers and defenders (SOC analysts, Threat Hunters, etc) in real time. Once a researcher posts their IOCs for a given threat, it is globally available and can be implemented.
What are Web3 Intents?
Within Truss, an Intent is synonymous with a Request. Organizations will submit a Truss Intent when they are requesting a particular type of security intelligence. Be that a list of IOCs for the latest ransomware variant, or a new dashboard for their SIEM/EDR application. Their intent is to collect a relevant set of information or data. Truss facilitates this request by finding the sources who can fulfill the request.
"When you express an intent, you simply define the outcome you want, not the process to get there." - Emperor
What is Decentralized Security Intelligence
A place where thousands of researchers across the globe post their security data, detection rules, threat actor IOCs, dashboard templates, and alert frameworks. Once posted on the marketplace, organizations are able to purchase this data directly from the researcher and implement that protection in their own environment.
Learn more at:
https://truss-security.com/blog/flexible-intelligence
How will Truss put security data into your security tools?
The security data available within Truss is ingested into security tools via that tool's API functionality. A Truss Agent designed for that specific security tool is available within the Truss Marketplace. Using this Agent will pull the given security data (CTI, Rule, IOC, dashboard, or report template) from Truss and ingest that security product into the security tool.
Users will have the ability to customize and tailor the agent to function optimally with their own security tool instance.
Why does Truss leverage blockchain technology?
Blockchain technology maintains several characteristics that benefit security operations. Key among them are the features of Transparency, Immutability, and Consensus.
Transparency is key for Truss operations as Cyber Threat Intelligence (CTI) requires the trust of both consumers and producers. Transparency in the supply chain development of CTI is required to establish trust and confidence that the produced product is validated, stateful, and secure.
In much the same way, Truss requires that each security product is Immutable, meaning that the security data has not been altered or manipulated from its original state. This helps both consumers and producers of the data ensure they are dealing with accurate data.
Finally, Consensus. Blockchains allow any interested party to investigate, validate, and arrive at the consensus that every operation is accurate and unaltered. Consensus is critical in facilitating trust, especially when dealing with the highly sensitive security data handled by Truss and its consumers.
Is the Truss Token a Crypto Currency?
The Truss Token is considered a Utility Token and does not represent a cost value nor is it used to purchase security products on the Truss Marketplace. The utility functionality of the Truss Token is designed to ensure the continued functionality, stability, and tokenenomic payment structure of Truss.