August Product Update Stellar Cyber continually works to ensure the products we deliver not only meet but exceed the needs of our customers. As hockey legend Wayne Gretsky famously said, “I skate to where the puck is going to be, not where it has been” we also work hard to anticipate the future needs of […]
August Product Update Read More »
Stellar Cyber’s new sensors eliminate blind spots in your, or your customers’, distributed environments without breaking the bank. As the past two years have taught us, businesses can function in any number of situations, even when all their employees are working remotely. However, now that we slowly return to business as usual, organizations are realizing
Our new normal challenges the economic viability of traditional cybersecurity thinking. Read More »
A year has passed since the Colonial Pipeline Ransomware attack that caused Colonial Pipeline to stop service for five days. This attack created a huge fuel shortage for eastern and southern states, and forced Colonial Pipeline to pay a hefty $4.4 million ransom. Ransomware attacks have continued unabated since then, with the most recent ones
One Year Later: Lessons from the Colonial Pipeline Ransomware Attack Read More »
As an MSSP, being proactive in your approach to cybersecurity is a best practice. Ensuring that your customers are doing their part to update and patch their systems is critical. If you can integrate your asset management with your SOC/XDR platform there are huge gains to be realized. Scanning all your customer environments is the
In detection and response, bidirectional integrations between security products, let alone unidirectional integrations, are not enough. There needs to be true cohesion amongst the entire security stack; otherwise, security operators are left with piles of data and endless API endpoints to figure out how to wire together. This is more important with Endpoint Detection &
Mastering EDR – Industry’s First Universal EDR Read More »
1. Introduction In the past several days, a serious Log4j vulnerability (CVE-2021-44228, CVE-2021-45046) has nearly led to a perfect storm in the Internet world. As a widely used Java logging utility with an easily exploitable vulnerability, Log4j has no doubt made IT professionals and companies nervous and many questions have been raised – What is
Stellar Cyber: Log4j Vulnerability and Exploitation Detection Read More »
2022 Predictions By Aimei Wei Initial definitions of XDR envisioned eXtended Detection and Response – a single platform that unified detection and response across the entire security kill chain. According to Rik Turner, who coined the XDR acronym, XDR is “a single, stand-alone solution that offers integrated threat detection and response capabilities.” To meet Omdia’s
Network detection and response (NDR) has a long history, evolving out of network security and network traffic analysis (NTA). The historical definition of network security is to use a perimeter firewall and Intrusion Prevention System (IPS) to screen traffic coming into the network, but as IT technology and security technology have evolved due to modern
Why Network Detection and Response (NDR) ? See the Entire Elephant in the Room Read More »
Every security tool vendor talks about detection and response, so what makes NDR so special, and how does it relate to XDR / Open XDR? NDR is special because it focuses on the nerve center of an organization’s IT infrastructure: the network. Wireless or wired device, endpoint or server, application, user or cloud – all
NDR vs. Open XDR – What’s the difference? Read More »
Matching Resources and Business Risk with the Right Solution Gaining visibility and responding to attacks across the entire enterprise infrastructure (endpoints, servers, applications, SaaS, cloud, users, etc.) is a very tall order in today’s cybersecurity environment. Enterprises are forced to create complex security stacks consisting of SIEM, UEBA, SOAR, EDR, NDR, TIP and other tools
XDR is the rising star of new acronyms, but you might have to read a 1,000+ word long article to understand its value. Let’s try to do it briefly in about 300 words. X means to expand DR’s – Detection and Response – systems – to cover your entire attack surface, not just a portion
XDR explained in 300 words Read More »
Many MSSP’s use SIEMs and other log management/aggregation/analysis solutions for cybersecurity visibility, but is log analysis enough? We’re hearing more and more about holistic security solutions like XDR platforms that claim to cover the entire attack surface, especially because the latest pipeline attack reinforced the compound nature of today’s sophisticated multi-stage cyberattacks. The attackers admitted
The Pipeline Attack – Is Log Analysis Enough for Cybersecurity? Read More »
In every SOC environment, there are two key metrics that demonstrate efficiency and effectiveness: Mean Time to Detection (MTTD) and Mean Time to Remediation (MTTR). The risk and exposure from any cyber threat can be reduced significantly by improving these metrics. Stellar Cyber recently completed a study with its MSP and MSSP partners, to determine
XDR Delivers Significant Performance Improvement over SIEM Read More »
Cybersecurity platforms are only as intelligent as the data provided to them, and every security organization wants to leverage as much data as possible. This typically includes subscribing to one or more threat intelligence feeds from third-party organizations. As an open platform with a mission to integrate all important security data and tools, Stellar Cyber’s
An Integrated TIP for Simplified and Efficient Security Operations Read More »
Security problems are essentially data problems. For threat detection, investigation and forensic analysis, ideally one would like to collect as much data as they can and store it as long as they want. However, everything has its limitations. For example, the high long-term storage costs, the slow speed of search/query and infrastructure requirements are common
How Stellar Cyber Addresses Data Storage Pain Read More »
The cyber threats are going sideways. Here I’m not talking about Sideways, the 2004 movie starring Paul Giamatti and Thomas Hayden Church that made Pinot Noir famous while the pair traveled through Santa Barbara County wine country in seven days. Rather, I’m talking about cyberattacks that work through lateral movement through your network infrastructure. No
Cyberthreats Go Sideways Read More »
Most companies affected by the SolarWinds attack learned about it from the Department of Homeland Security. Wouldn’t it have been better for them to have learned from their MSP/MSSP before DHS came calling? With Stellar Cyber, you would have known right away. The reason this breach was so successful was that the attackers leveraged a
Was SUNBURST really a Zero-day attack? Read More »
On December 13 2020, multiple vendors such as FireEye and Microsoft reported emerging threats from a nation-state threat actor who compromised SolarWinds, and trojanized SolarWinds Orion business software updates in order to distribute backdoor malware called SUNBURST. Because of the popularity of SolarWinds, the attacks have affected multiple government agencies and many Fortune 500 companies.
SolarWinds SUNBURST Backdoor DGA and Infected Domain Analysis Read More »
