Stellar Cyber, the leading security operations platform for MSSPs, announced today it has extended its market reach in Latin America by adding Coeficiente Comunicaciones, a leading Mexican internet service provider serving more than 30 major cities, to its rapidly-growing customer list. Through this relationship with Stellar Cyber, Coeficiente becomes the first ISP in Mexico with AI-powered cybersecurity protection embedded in its backbone.

Samuel Jones, VP of product management, Stellar Cyber, discusses how SIEMs were supposed to be the ultimate security analytics platform. Still, many users feel they haven’t lived up to their promises. Now, extended detection and response (XDR) promises to be the ultimate platform. Should you adopt XDR? What does it mean for your SIEM? Security information and event management (SIEMs) collect data from security logs and in doing so are supposed to identify blind spots, reduce noise and alert fatigue, and simplify detection and response to complex cyberattacks. However, SIEMs have not lived up to these promises. Now, the new idea is extended detection and response. What are its advantages, and should it coexist with or replace a SIEM? This article explores the current cybersecurity landscape, how SIEM fits into that landscape, and how XDR platforms can significantly improve security incident visibility, analysis and response.

The technology industry loves its buzzwords, but “open” may be the most overused and abused. Depending on who you are talking to, open may mean anything from fully open source to API integrations, and the latest in a very long list of verbiage offenders is extended detection and response (XDR). XDR vendors have recently glommed on to the open label for their products and approaches, and none of their definitions of open XDR are the same.

The cyber threats are going sideways. Here I’m not talking about Sideways, the 2004 movie starring Paul Giamatti and Thomas Hayden Church that made Pinot Noir famous while the pair traveled through Santa Barbara County wine country in seven days. Rather, I’m talking about cyberattacks that work through lateral movement through your network infrastructure. No one wants to get famous because of cyberattacks which can travel inside your network in tens or even hundreds of days without being noticed.

Stellar Cyber introduces the centralized management and visibility functionality in its Open XDR platform. This new capability, named Stellar Cyber Central, accompanies Stellar Cyber’s Command Center and enables users to see potential threats and consolidate user management at multiple sites from one single console under a single license, and without having to log into those sites individually – reducing complexity, improving performance, segmenting data to comply with GDPR or other privacy requirements, and reducing the time it takes to identify security incidents.

The current model for cybersecurity is broken. It consists of acquiring and deploying a lot of stand-alone tools, each with its own console, to analyze logs or traffic and detect anomalies that could be threats. In this model, it’s up to each security analyst to communicate with other analysts to determine whether each tool’s individual detection (each of which, by itself, may look benign), can correlate with other detections from other tools to reveal a complex attack.

In the digital world we live in, businesses must never overlook the benefits of cybersecurity. Year upon year, the number of cyberattacks is reaching staggering rates across the globe. As the internet continues to promote economic growth, every business interaction has now started to use it as a platform. Along with the ever-growing opportunity, businesses have to now deal with concerns and risks around cybersecurity. Experts are advising businesses to make use of automated cybersecurity solutions to face the onslaughts from cyberattacks. Until recent times, businesses were heavily reliant on security systems that were solely focusing on creating a perimeter-based security infrastructure. However, a lot of things have changed now, and considering the power of automated security solutions, older security measures are no longer relevant.

When all vendors in a new product category use the same use case to explain their value, I become concerned. About 15 years ago, when bombs were a constant threat in many parts of the world, I heard multiple vendors of intelligent video surveillance explaining the same use case. The message was, “Say someone walks into a lobby/park/manufacturing plant carrying a briefcase/backpack. Then, they leave without it. Our smart surveillance system will alert you to that fact.” The value proposition was simple: fewer eyes-on-glass needed. Automated systems work 24/7. Save money, catch bad guys. Yet, I have never encountered a vendor who could cite a successful, real-life situation where the use case was proven. It was hypothetical, although it would have been very useful during the hours before the 2013 Boston Marathon.

Stellar Cyber has integrated its Threat Intelligence Platform (TIP) into its Open XDR platform, according to a prepared statement. In doing so, Open XDR eliminates the need for Stellar Cyber customers to subscribe to and manage third-party threat intelligence feeds. Open XDR users can leverage TIP to automatically collect and aggregate feeds from multiple sources into a single consolidated threat intelligence resource. This enhances Open XDR’s threat detection, investigation, hunting and response capabilities.

Stellar Cyber integrated third-party threat intelligence feeds into its extended detection and response (XDR) platform, which the security vendor says means customers don’t have to subscribe to and manage third-party feeds. The move natively integrates Stellar Cyber’s Threat Intelligence Platform (TIP) with its Open XDR platform.

How many times have you hoped that a magic genie would somehow appear and grant three wishes? If the wishes were for your SIEM or security operations team, what would that be (and what kind of security certifications would you require of your genie)? The most common wish I encounter is for a security team that delivers a new level of effectiveness. The other two wishes are usually greater efficiency—the idea of being able to do more with less—and being able to hire qualified and experienced candidates for positions that have remained unfilled for long periods of time. (Enterprising and budget-savvy CISOs may substitute one of these for wishing for an additional three wishes, if that is permissible.)

Most IT organizations have deployed multiple traditional security products and services from multiple vendors—yet they remain vulnerable Enterprises are seeking to optimize their existing investments in critical WAF infrastructure in ways that further reduce risk, increase productivity, and accelerate response times

Few emerging cybersecurity market segments are garnering more attention than XDR. Here, Omdia highlights its recent research on XDR. Extended Detection and Response (XDR) technology is quickly taking the enterprise cybersecurity industry by storm. The term XDR, first coined in 2018 by Omdia Principal Analyst Rik Turner, is defined by Omdia as a single, stand-alone solution that offers integrated threat detection and response capabilities.

The Cyber Kill Chain and MITRE ATT&CK are popular reference frameworks to analyze breaches, but amid the rise of XDR, we may need a new one. If you work in information security, you will be aware of Lockheed Martin's Cyber Kill Chain and/or the MITRE ATT&CK Framework. Both are attempts to create a common language in which to describe the various stages of an attack, and the tactics utilized by the attackers.

Security problems are essentially data problems. For threat detection, investigation and forensic analysis, one would ideally like to collect as much data as possible and store it as long as needed. But having a SIEM or XDR system that sucks up every packet or every log entry creates an ongoing demand for more storage, which can be expensive over the long term whether you’re using on-site resources or the cloud. Another issue is that searches or queries on huge volume of data can take a long time when a quick response may be critical for stopping an attack.

Stellar Cyber announced that its open and highly flexible approach to the long-term storage of large volumes of security data eases concerns about storage complexity and costs seen in legacy SIEMs or some proprietary XDR solutions used by security operations centers. Cybersecurity is essentially a data problem, with best practices necessitating capturing and retaining all available data to properly evaluate potential threats and keep an audit trail for future investigations.

Almost since the beginning of network security, vendors and practitioners have wrestled with choices between going deep and going broad for their security solutions. Mostly, the choice varies between predominantly one or the other. Going deep typically means careful monitoring and analysis of certain types of threats or behaviors at the cost of not examining a much broader range of activity. Solutions that are broader may lack the clarity and fidelity to make fast, accurate alerting. They also may miss important indicators.

Technology has always been - and continues to be – a field dominated by men. However, women have always played a crucial role in tech. The stories of some of these pioneers and current leaders have only recently gained widespread attention. But if women are half of the population why does their tech representation fail to reflect this? The problems that women in tech face can explain a lot of the disparities in not just representation, but pay and other issues. We assembled a panel of current tech leaders to discuss the history of women in tech, and the path forward.

The recently disclosed breach of FireEye should give everyone pause over both the importance and difficulty of security. This high-profile breach left the vendor with a black eye and some serious questions. The disclosure almost immediately had every security vendor writing blogs and articles about the importance of this or that in accordance to what they sell and market. Opportunity strikes!

While the term XDR has become pervasive, the technology and market remain a work in progress with lots of innovation and market confusion. Given all the hype around extended detection and response (XDR) technology, it's worth starting this article by defining the term "XDR." XDR is an integrated suite of security products spanning hybrid IT architectures (such as LAN, WAN, infrastructure-as-a-service, data centers, etc.) designed to interoperate and coordinate on threat prevention, detection, and response. XDR unifies control points, security telemetry, analytics, and operations into one enterprise system.

On December 13, 2020, multiple vendors such as FireEye and Microsoft reported emerging threats from a nation-state threat actor who compromised SolarWinds, and trojanized SolarWinds Orion business software updates in order to distribute backdoor malware called SUNBURST. Because of the popularity of SolarWinds, the attacks have affected multiple government agencies and many Fortune 500 companies. It also appeared in the recent CISA Emergency Directive 20-01.

The noise is real. Of that, we can agree. It started way back in history – whoops, wrong topic (shout out to all of you who know that lyric). Basic packet captures – the final arbiter of proof, started all this and has continued nonstop until this very day. Every security analyst worth his/her salt asks for the packet captures. Why do we have all this data? Do we need it all? With IOT today, my toaster can tell me how many toast points I have burned since 2019. Do we care? Should we care? To be honest, I’m not sure I want folks to know I struggle getting my toast just right :).

Stellar Cyber, the only intelligent next-gen security operations platform powered by Open XDR, announced today that it has won an Internet Telephony Cybersecurity Excellence Award. Any company running a network could be a target for a hacker to try to produce Ransomware, get free service, gather other people’s information or cause irreparable disruption to the target company. Small and mid-sized security teams, in particular, struggle to assemble the right tools to give them insight into these complex attacks, but AI and machine learning technology can make a big difference.

I’ll begin by making a bold statement: Stellar Cyber is a beast. For you who may be thinking, “he’s about to demolish this product”, I’m sorry to disappoint you. Today’s enterprises are beasts. Combinations of centralized, distributed private cloud and public cloud networks, and the cybercriminals who attack them are even bigger beasts and it takes one to manage one.

Albert Zhichun Li, Ph.D., is Chief Security Scientist at Stellar Cyber. He has over 15 years of experience in cybersecurity research. Much has been touted about the intelligent SOC, particularly from security vendors hawking their latest wares. It's a familiar high-tech chorus, the idea of next-generation products and their next-generation capabilities that will eventually be supplanted by a generation beyond that. Reactions vary to the idea of an intelligent SOC. There is some level of taking offense by hardworking security professionals currently staffing a SOC. "Wait a minute, are you telling me that our SOC is not intelligent?"

Changming Liu, CEO and Co-Founder of Stellar Cyber, did us the honor of sitting down for an interview with Aviva Zacks of Safety Detectives. He told her how his company is riding the XDR wave. Safety Detectives: What motivated you to start Stellar Cyber?

If you are wanting to accelerate your steps towards offering managed security, you have a few options, including build or partner. Today’s episode discusses some of the pros and cons of both the build and partner methods. MSP Zone Guest: Brian Stoner, Stellar Cyber Program Highlights What are some of the common MSSP challenges? Should MSPs build or partner? Has Work From Home disrupted the legacy managed security deliverable? What is a SOC? Is it just a NOC with a SIEM?

The historical definition of network security is to use a firewall to screen users coming into the network, but as IT technology and security technology have evolved, the definition is much broader now. Today, network security is everything a company does to ensure the security of its networks and everything connected to them. This includes the network, the cloud (or clouds), endpoints, servers, users and applications

On the surface, having lots of data becomes less of a problem with AI-driven security, as ML usually requires lots of data to train the model and learn the patterns. On the contrary, not enough data is obviously a problem as the less data, the less accurate and thus the less useful the ML model becomes. However, as time went by, researchers gradually realized that having the right data was far more important. Too much data without the right information is just a waste of computing power for ML as well as a waste of storage space. Earlier UEBA vendors with solutions based on logs from SIEM tools learned this hard lesson: the SIEM might have collected lots of logs, but only a few of them contain the right information related to user behaviors. So, although data-driven security builds a great foundation for AI-driven security, in order to build scalable and accurate AI-driven security, the right data is far more important.

Stellar Cyber unveils Jumpstart, a partner program that enables MSSPs to integrate its Open XDR extended detection & response platform into their portfolios. Stellar Cyber, an extended detection and response (XDR) platform provider, has unveiled the Jumpstart partner program for MSSPs. The partner program launch comes after Stellar Cyber earlier this year hired Cylance veteran Brian Stoner as its VP of service providers and raised $7.1 million in an expanded Series A financing round.

Brian Stoner is a high-impact channel expert and thought leader with extensive experience working with all channels but more specifically MSP and MSSP partners. Before joining Stellar Cyber he has over 15 years of cybersecurity experience with high growth start-ups like FireEye and Cylance where he led the service provider programs. He was also the Vice President of Business Development for Solutionary – one of the top MSSP partners that was acquired by NTT. Brian has several articles that have been published regarding cybersecurity and the channel. He has an MBA with Distinction from Keller Graduate School and a bachelor’s degree from Southern Illinois University – Carbondale. Learn more about Stellar Cyber at stellarcyber.ai/

Historically, security buyers evaluated products on an individual basis in which firewall vendor A would have a bakeoff against firewall vendor B, and endpoint detection and response (EDR) vendor C would be compared to EDR vendor D. Conceptually, this might make sense, because having “best of breed” everywhere should offer the best protection.

Some years ago, during the renaissance of security information and event management (SIEM), security became log crazy. The hope was that by gathering logs from networking and security devices and running them through the SIEM, security events could be astutely exposed and security teams could gain an upper hand over attackers. The enthusiasm was soon dashed when it was obvious that logs alone were not the answer. In the first place, not everything was covered by logs and security details that were being captured could be manipulated easily as an attacker attempted to cover their tracks. Second, it’s one thing to aggregate logs but another to integrate the findings to produce true intelligence, particularly that which could easily stand apart from false positives.

When most people think about cybersecurity, they think about security products, such as firewalls, virtual private networks (VPNs), anti-malware and endpoint solutions. Maybe a security information and event management (SIEM) solution comes up or the advanced means of finding internal attackers or potential breaches. Sometimes, policies and end-user training also come into consideration or even the (overworked) security team.

Managed detection & response (MDR) provider Deeptree adds Stellar Cyber security operations capabilities (SOC) to deliver end-to-end protection against cyberattacks. MSSP Deeptree has integrated Stellar Cyber security operations capabilities into its managed detection and response (MDR) platform. The Stellar Cyber integration will provide the foundation for Deeptree’s next-generation security operations center (SOC), the companies said.

The cybersecurity world loves acronyms, and XDR is among the newest ones going around. XDR, or eXtended Detection and Response, is a foundational technology that detects cyberattacks anywhere they may occur - on endpoints, in servers, in applications, by users, in the network, or in cloud or SaaS environments.

Actively participates and contributes in trusted CXO community, forum and solutions intelligence to combat the most sophisticated cyber attacks Stellar Cyber, the only cohesive intelligent security platform that provides maximum protection by piecing attacks together across the entire IT infrastructure, announced today that it has joined, as a founding member, CxO InSyte,

High-Fidelity Next-Generation SOC Solution that Finds Active Attacks and Boosts Security Team Effectiveness is Major Draw for Customers

Executives consider cyberattacks as one of the topmost business concerns, and it outranks other adversaries like brand damage, regulations, and economic uncertainty. In the prevailing cyber landscape, cyberattacks are considered to be inevitable, but security analysts suggest that these attacks can be largely prevented if the companies choose to implement robust security measures. By having a sophisticated security measure in place, we can reduce the chances of someone walking away with the company’s sensitive data.

First of all, how are you and your family doing in these COVID-19 times? Changming Liu: We are doing fine. Tell us about you, your career, how you founded Stellar Cyber Changming Liu: I have a wealth of leadership, entrepreneurship, management skills, and technical expertise in networking, security, big data, and machine learning. Before co-founding Stellar Cyber, I was a co-founder, CTO, and Board Member at Aerohive Networks, a cloud networking provider that successfully completed an IPO in 2014.

Stellar Cyber announced a new toolkit customers can use to verify the platform’s functionality by launching a wide variety of cyberattacks against it. The Red Team toolkit is an offensive attack generator that ‘red team’ (offensive) security analysts can use to test the Stellar Cyber Open-XDR platform’s ability to defend against the latest attacks.

Toolkit adds Cyberattack Generator to help security analysts verify effectiveness of EDR, SIEM and thwart attacks over the entire cyber kill chain Stellar Cyber, the innovator of Open XDR, the only cohesive intelligent security platform that delivers maximum protection, today announced a new toolkit customers can use to verify the platform’s functionality by launching a wide variety of cyberattacks against it.

With more complex cyberattacks on the rise, and with COVID-19 adding additional challenges to protecting the enterprise, is the SIEM the go-forward core of a next-gen security operations center (SOC), or is it time to consider new ideas? We discuss daily the cybersecurity challenges with global thought leaders, but we wanted to get better insights into this challenge question to better understand the market. To that end, we contracted LeadtoMarket to perform a study with customers who have industry-leading SIEM platforms, to understand what is needed for customers to rethink their SOC practices and to consider a means to radically reduce costs and dramatically improve performance by reducing the complexity of day-to-day cybersecurity operations.

Interview With Albert Zhichun Li, Chief Scientist at Stellar Cyber - SoundCloud

Stellar Cyber: Our comprehensive security platform provides maximum protection of applications and data wherever they resideIn today’s online age, the number of threats to businesses and their customers increases every day. The largest obstacle in cybersecurity is the perpetual security risk that quickly evolves over short periods of time, leaving businesses with a widening gap in manpower and the resources needed to protect their data. In the past decades, Stellar Cyber has witnessed some significant advances in the detection and management of various cybersecurity threats, but in today’s fast-paced IT world, a new problem has arisen in the world of cybersecurity: companies are often drowning in too much information from too many tools, each of which has its own solution with its own management console.

Stellar Cyber: The only comprehensive security platform providing maximum protection of applications and data wherever they reside Every company with an online presence is subject to cyberattacks, and the challenge is to mitigate those attacks by spotting and correcting them as quickly as possible. We present to you Stellar Cyber whose top security infrastructure data collection, analysis and automated anywhere detection and response (XDR) mechanisms elevate productivity and strengthen security analysts to eliminate threats in a few minutes instead of days or weeks.

If Paul Newman’s Cool Hand Luke character were to address the security industry, his opening line would likely be: “What we have here is a failure to correlate.” Today, one of the major deficiencies affecting security is not a lack of data or even an aggregation of data, but the central problem is one of correlating data and connecting the dots to find otherwise hidden traces of attack activity.

You can use security analytics platforms to provide better visibility into your environments, detect threats and support investigations, and orchestrate a response across the environment. But to realize these benefits, you'll first have to select from a diverse set of vendors that vary by size, functionality, geography, and vertical market focus. Security and risk professionals should use this report to understand the value they can expect from a security analytics provider and to select one based on size and functionality.

During Black Hat USA 2020, Stellar Cyber Founder Aimei Wei Named a Top 100 Winner in this Prestigious Awards Category Exclusively for Women in Cybersecurity. Stellar Cyber, the only cohesive security AI/ML platform that delivers maximum protection today announced that its Founder and SVP Engineering Aimei Wei has been named a Top 100 Women in Cybersecurity for 2020 by Cyber Defense Magazine, the leading cybersecurity publication in the industry.

Albert Zhichun Li, Ph.D., is Chief Security Scientist at Stellar Cyber. He has over 15 years of experience in cybersecurity research. Not long ago, the state of voice recognition was quite primitive, and interacting with it was painful. Call management systems using voice recognition were fraught with errors, making it difficult to navigate to a desired destination or produce the correct result. But that was then, and this is now. Voice recognition has come a long way. It's now generally effortless and even enjoyable to ask things of Alexa, Siri or Google Assistant, and call systems work reasonably well. No one can deny the progress made in voice recognition.

Opportunities for women in the cybersecurity.

It’s neither data-driven nor AI-driven cybersecurity, which you might have heard before — it’s both and more, much more. It is correlation-driven cybersecurity. It is about correlations of many detections, from very basic like NGFW to very advanced like AI-based EDR, from various data sources in a single cohesive platform. We hear about many security challenges from prospects, customers and partners — why? Because it is part of what humans do — share pain! As you may or may not know, attackers have access to the same tools as we all do. They have access to both Big Data and AI technologies for more advanced attacks.

Albert Zhichun Li, Ph.D., is Chief Security Scientist at Stellar Cyber. He has over 15 years of experience in cybersecurity research. For many companies, a data breach has become almost a way of life and business as usual. Damages — from customer loyalty and reputation to financial penalties and damage to infrastructure — while sizable, seemingly have not significantly impaired the largest enterprises.

The experts at Stellar Cyber asked their co-founder and CEO Changming Liu 7 questions about the cutting edge Open XDR Security Platform, which has gained a lot of industry attention and users.

Aimei Wei is a woman who loves to solve problems. That’s one reason she’s passionate about her role in cybersecurity. “Solving cybersecurity problems is challenging, but it’s also a fascinating industry and career,” said Wei, founder and VP of Engineering at Stellar Cyber, a provider of security solutions, software and analysis tools. “It’s like you are a detective.”

Stellar Cyber announced that CyFlare has deployed the Stellar Cyber platform as the core of its Security Operations Center (SOC) service. While many MSSPs cobble together complete solutions from a dozen or more different products and then have trouble correlating detections to stop complex attacks, Stellar Cyber’s platform is a complete solution with more than 20 natively-supported applications that present detections in an intuitive dashboard.

CyFlare, a Top 200 MSSP, has unveiled a security operations center-as-a-service (SOCaaS) offering powered by the Stellar Cyber Open-XDR cybersecurity platform, according to a prepared statement. The news comes after Stellar Cyber raised $7.1 million in an expanded Series A financing round earlier this year.

“Application-based, intelligent and open platform, Starlight is the first automated detection and response Open-XDR security platform.”

METCloud is an award winning IT Managed Service Provider. It has been built around the highest level of cyber security technologies available. It tailors its innovative services to specifically align with your organisation’s requirements, ensuring METCloud is the only cloud platform you need.

Stellar Cyber, a provider of threat detection and response technology spanning multiple domains of enterprise infrastructure, has launched a capability for cloud environments to complement the endpoint and network dimensions already addressed by its Starlight platform. It calls it cloud detection and response (CDR), a term Omdia has championed for a while. XDR covers endpoint, network, and cloud The vendor refers to Starlight as an Open-XDR platform, adopting the parlance that Omdia coined in 2018, referring to a spectrum of detection and response technologies for endpoint (EDR), network (NDR), and other areas, eventually including cloud. NDR is sometimes referred to as network traffic analysis (NTA), but Omdia sees the latter as a subset of NDR, in that traffic analysis is necessary to detect threats, but NDR adds the critically important response capability that enables organizations to also mitigate threats. NTA was developed earlier for the purpose of network performance monitoring rather than as a security function. Indeed, a number of NTA vendors, such as Gigamon, Netscout, and ExtraHop, have expanded into NDR in recent years, to align with the direction of the security market and expand their target audience from network operations to security teams.