AI Investigator: Natural Language Threat Hunting at Machine Speed
Ask. Investigate. Act.
AI Investigator empowers your analysts to query your security data in plain English — no special syntax, no slow pivoting. Investigations that used to take hours now take minutes.
The Future of AI-powered Threat Investigation Is Here
AI Investigator, part of Stellar Cyber’s Open XDR Platform, is a powerful early-access feature designed for analysts who want deeper insights without deeper complexity.
With AI Investigator, your team can:
Ask security questions using natural language
Analysts can interact with the platform just like they would a teammate—no need for complex syntax or query logic.
Automatically generate and run structured queries
AI Investigator translates plain English into precise, executable security queries—fast, accurate, and tailored to intent.
Investigate across data from on-prem and cloud sources
Break down silos with seamless access to telemetry from across your hybrid infrastructure—all in one unified view.
Accelerate MTTI with AI-powered investigation flows
Get step-by-step insights with suggested next steps, enriched context, and automated pivots—cutting investigation time from hours to minutes.
Powerful Simplicity for Security Analysts
Using AI Investigator feels like chatting with a teammate — only faster, smarter, and always available.
Human Language In, Structured Search Out
Enter prompts like:
Show me all failed login attempts in the last 48 hours.
Using AI Investigator feels like chatting with a teammate — only faster, smarter, and always available.
Full Visibility, Instant Access
Network traffic
Sysmon and Windows Event Logs
Microsoft
Entra ID sign-ins
Office 365
Audit Trails
EDR alerts from SentinelOne, Sophos, Trend Micro
Firewall logs
and more
Built for Real-World Investigations
Prompt
“Show me all outbound traffic from internal hosts in the last 7 days.”
Follow-Up
“Which of these hit
known malicious IPs?”
Drill Down
“Who sent traffic
to 173.118.163.197?”
Smart Querying Tips for Maximum Value
Be Specific
Ask for “successful Windows logins,” not just “logins.”
Use Follow-Ups Clearly
Start with “Following up on that...” for best results.
Avoid Ambiguity
Always name the user or IP explicitly (e.g., “Show activity for jsmith@...”)
Start Simple
Then layer on filters and refinement.
Your Data Stays Secure
No PII Sent
Only query structure and schema are sent to the AI model.
Data Stays Local
All security records remain inside your Stellar Cyber environment.
Anonymized Learning
Prompts and query structures are used to improve performance — without tying data to users or tenants.
Ready to See It in Action?
What Customers & Analysts Say.
"Sportscar Performance XDR for a Family Sedan Budget!"
"The platform’s AI delivers a complete view of security events across our clients’ global infrastructure under one pane of glass"
"Stellar Cyber delivers built-in Network Detection & Response (NDR), Next Gen SIEM and Automated Response"
“Stellar Cyber is the most
cost-effective way to adopt
AI and XDR”
"Users can enhance their favorite EDR tools with full integration into an XDR platform, obtaining greater visibility."
"Stellar Cyber reduced our analysis expenses and enabled us to kill threats far more quickly."
