An Integrated TIP for Simplified and Efficient Security Operations
Cybersecurity platforms are only as intelligent as the data provided to them, and every security organization wants to leverage as much data as possible. This typically includes subscribing to one or more threat intelligence feeds from third-party organizations. As an open platform with a mission to integrate all important security data and tools, Stellar Cyber’s Open XDR platform eliminates the need for our customers to subscribe to third-party threat intelligence feeds with additional complexity and cost because it automatically integrates our own Threat Intelligence Platform (TIP) into its architecture.
Stellar Cyber’s TIP adds multi-source, bi-directional threat intelligence feeds to our Open XDR Platform. As shown in the diagram above, TIP is a cloud-based platform that automatically collects and aggregates feeds from many different sources into a single consolidated resource of threat intelligence. TIP sources include commercial and non-commercial threat intelligence from organizations such as Proofpoint, DHS, OTX, Openphish and PhishBank, from internal research, or shared by other deployments
Once the feeds are curated, our TIP normalizes and prioritizes them before it distributes them to all of the Open XDR platforms deployed by end users from enterprises, government agencies and MSSP partners, as shown in the diagram below.
Here are some of the benefits of our TIP:
- Efficiency – You don’t have to manage another set of third-party tools, so your analysts can be more efficient – our threat intelligence feeds are distributed directly from our cloud TIP to your instance of our Open XDR platform without any administrative overhead. Open XDR automatically enriches the data during its ingestion in real-time to create the right context for the data. This amplifies our threat detection, threat investigation, threat-hunting and remediation capabilities.
- No Cost – You don’t have to subscribe to third-party threat intelligence feeds in many cases because we already provide them for you within our Open XDR platform.
- Openness – While we natively provide most popular threat intelligence feeds at no cost, The Open XDR platform can also directly take in third-party feeds to meet your specific needs. For example, non-US customers may want to subscribe to local, country-specific feeds, and these can be tied into your instance of the Open XDR platform with ease through standard protocols like STIX/TAXII.
- Evolving Threat Intelligence – Our TIP delivers bi-directional feeds to grow smarter over time. We not only send feeds down to our analytical engine, but any customer can send new threats up to our TIP for the benefit of all Stellar Cyber customers. In addition, we will continually add new threat intelligence feeds over time to improve our platform’s capabilities. As a detection platform, Stellar Cyber finds new threats that haven’t been published yet, so it is continually upgrading the TIP with the latest detected threats.
- Safe Threat Inspection – Our TIP incorporates a sandbox for zero-day malware and advanced persistent threat analysis, so our users can safely inspect suspicious files without fear of damage to their infrastructure.
Maybe the best thing about our TIP is that it’s already there. You don’t have to ask for it or activate it – it’s at work in the Stellar Cyber platform transparently, efficiently making your analysts smarter and more effective against all threats.