Skip to main content

Writing Effective Queries

Be Specific

Instead of vague questions, provide specific details for better results. ❌ Poor: 
Tell me about malware
✅ Good: 
What are the TTPs of the Emotet malware family?

Include Context

Provide relevant context about your environment or use case. ❌ Poor: 
How do I secure my API?
✅ Good: 
How do I implement OAuth 2.0 authentication for a Node.js REST API?

Use Follow-Up Questions

Take advantage of conversation history to refine your investigation. Initial query: 
What is ransomware?
Follow-up: 
What are the most common ransomware families in 2024?
Further refinement: 
How do I detect LockBit ransomware activity?

Optimizing Your Research

Use Natural Language

TruSec understands conversational queries - no need for keyword stuffing. ✅ Natural: 
I'm seeing traffic from 192.0.2.1 in my logs. Is this IP known to be malicious?
Build on previous answers to go deeper into topics. 
Q1: "What is the MITRE ATT&CK framework?"
Q2: "How does the Emotet malware map to ATT&CK techniques?"
Q3: "What detection rules exist for these specific techniques?"

Request Specific Formats

Ask for information in the format you need. 
"Provide a step-by-step incident response plan for ransomware"
"List the OWASP Top 10 with brief descriptions"
"Give me a comparison table of bcrypt vs Argon2"

Leveraging TruSec’s Capabilities

For Threat Investigation

  1. Start broad - Ask general questions about the threat
  2. Narrow down - Request specific IOCs, TTPs, or detection rules
  3. Get actionable - Ask for mitigation strategies and response procedures
Example workflow: 
1. "Tell me about the Qakbot malware family"
2. "What IOCs should I look for to detect Qakbot?"
3. "What are the recommended detection rules for Qakbot?"
4. "How do I remediate a Qakbot infection?"

For Vulnerability Research

  1. Understand the vulnerability - Get detailed technical explanations
  2. See examples - Request code examples in your language
  3. Learn prevention - Ask for secure coding practices
  4. Test effectively - Get guidance on validation and testing
Example workflow: 
1. "Explain CSRF vulnerabilities"
2. "Show me a CSRF exploit example in a React application"
3. "How do I implement CSRF protection in Express.js?"
4. "How do I test my application for CSRF vulnerabilities?"

For Compliance Research

  1. Understand requirements - Ask about specific regulations
  2. Map controls - Request control mapping to your framework
  3. Implementation guidance - Get step-by-step implementation help
  4. Audit preparation - Learn what auditors expect