Most IT organizations have deployed multiple traditional security products and services from multiple vendors—yet they remain vulnerable Enterprises are seeking to optimize their existing investments in critical WAF infrastructure in ways that further reduce risk, increase productivity, and accelerate response times

Few emerging cybersecurity market segments are garnering more attention than XDR. Here, Omdia highlights its recent research on XDR. Extended Detection and Response (XDR) technology is quickly taking the enterprise cybersecurity industry by storm. The term XDR, first coined in 2018 by Omdia Principal Analyst Rik Turner, is defined by Omdia as a single, stand-alone solution that offers integrated threat detection and response capabilities.

The Cyber Kill Chain and MITRE ATT&CK are popular reference frameworks to analyze breaches, but amid the rise of XDR, we may need a new one. If you work in information security, you will be aware of Lockheed Martin's Cyber Kill Chain and/or the MITRE ATT&CK Framework. Both are attempts to create a common language in which to describe the various stages of an attack, and the tactics utilized by the attackers.

Security problems are essentially data problems. For threat detection, investigation and forensic analysis, one would ideally like to collect as much data as possible and store it as long as needed. But having a SIEM or XDR system that sucks up every packet or every log entry creates an ongoing demand for more storage, which can be expensive over the long term whether you’re using on-site resources or the cloud. Another issue is that searches or queries on huge volume of data can take a long time when a quick response may be critical for stopping an attack.

Stellar Cyber announced that its open and highly flexible approach to the long-term storage of large volumes of security data eases concerns about storage complexity and costs seen in legacy SIEMs or some proprietary XDR solutions used by security operations centers. Cybersecurity is essentially a data problem, with best practices necessitating capturing and retaining all available data to properly evaluate potential threats and keep an audit trail for future investigations.

Almost since the beginning of network security, vendors and practitioners have wrestled with choices between going deep and going broad for their security solutions. Mostly, the choice varies between predominantly one or the other. Going deep typically means careful monitoring and analysis of certain types of threats or behaviors at the cost of not examining a much broader range of activity. Solutions that are broader may lack the clarity and fidelity to make fast, accurate alerting. They also may miss important indicators.

Technology has always been - and continues to be – a field dominated by men. However, women have always played a crucial role in tech. The stories of some of these pioneers and current leaders have only recently gained widespread attention. But if women are half of the population why does their tech representation fail to reflect this? The problems that women in tech face can explain a lot of the disparities in not just representation, but pay and other issues. We assembled a panel of current tech leaders to discuss the history of women in tech, and the path forward.

The recently disclosed breach of FireEye should give everyone pause over both the importance and difficulty of security. This high-profile breach left the vendor with a black eye and some serious questions. The disclosure almost immediately had every security vendor writing blogs and articles about the importance of this or that in accordance to what they sell and market. Opportunity strikes!

While the term XDR has become pervasive, the technology and market remain a work in progress with lots of innovation and market confusion. Given all the hype around extended detection and response (XDR) technology, it's worth starting this article by defining the term "XDR." XDR is an integrated suite of security products spanning hybrid IT architectures (such as LAN, WAN, infrastructure-as-a-service, data centers, etc.) designed to interoperate and coordinate on threat prevention, detection, and response. XDR unifies control points, security telemetry, analytics, and operations into one enterprise system.

Almost since the beginning of network security, vendors and practitioners have wrestled with choices between going deep and going broad for their security solutions. Mostly, the choice varies between predominantly one or the other. Going deep typically means careful monitoring and analysis of certain types of threats or behaviors at the cost of not examining a much broader range of activity. Solutions that are broader may lack the clarity and fidelity to make fast, accurate alerting. They also may miss important indicators.

On December 13, 2020, multiple vendors such as FireEye and Microsoft reported emerging threats from a nation-state threat actor who compromised SolarWinds, and trojanized SolarWinds Orion business software updates in order to distribute backdoor malware called SUNBURST. Because of the popularity of SolarWinds, the attacks have affected multiple government agencies and many Fortune 500 companies. It also appeared in the recent CISA Emergency Directive 20-01.

The noise is real. Of that, we can agree. It started way back in history – whoops, wrong topic (shout out to all of you who know that lyric). Basic packet captures – the final arbiter of proof, started all this and has continued nonstop until this very day. Every security analyst worth his/her salt asks for the packet captures. Why do we have all this data? Do we need it all? With IOT today, my toaster can tell me how many toast points I have burned since 2019. Do we care? Should we care? To be honest, I’m not sure I want folks to know I struggle getting my toast just right :).

Stellar Cyber, the only intelligent next-gen security operations platform powered by Open XDR, announced today that it has won an Internet Telephony Cybersecurity Excellence Award. Any company running a network could be a target for a hacker to try to produce Ransomware, get free service, gather other people’s information or cause irreparable disruption to the target company. Small and mid-sized security teams, in particular, struggle to assemble the right tools to give them insight into these complex attacks, but AI and machine learning technology can make a big difference.

I’ll begin by making a bold statement: Stellar Cyber is a beast. For you who may be thinking, “he’s about to demolish this product”, I’m sorry to disappoint you. Today’s enterprises are beasts. Combinations of centralized, distributed private cloud and public cloud networks, and the cybercriminals who attack them are even bigger beasts and it takes one to manage one.

Albert Zhichun Li, Ph.D., is Chief Security Scientist at Stellar Cyber. He has over 15 years of experience in cybersecurity research. Much has been touted about the intelligent SOC, particularly from security vendors hawking their latest wares. It's a familiar high-tech chorus, the idea of next-generation products and their next-generation capabilities that will eventually be supplanted by a generation beyond that. Reactions vary to the idea of an intelligent SOC. There is some level of taking offense by hardworking security professionals currently staffing a SOC. "Wait a minute, are you telling me that our SOC is not intelligent?"

Changming Liu, CEO and Co-Founder of Stellar Cyber, did us the honor of sitting down for an interview with Aviva Zacks of Safety Detectives. He told her how his company is riding the XDR wave. Safety Detectives: What motivated you to start Stellar Cyber?

If you are wanting to accelerate your steps towards offering managed security, you have a few options, including build or partner. Today’s episode discusses some of the pros and cons of both the build and partner methods. MSP Zone Guest: Brian Stoner, Stellar Cyber Program Highlights What are some of the common MSSP challenges? Should MSPs build or partner? Has Work From Home disrupted the legacy managed security deliverable? What is a SOC? Is it just a NOC with a SIEM?

The historical definition of network security is to use a firewall to screen users coming into the network, but as IT technology and security technology have evolved, the definition is much broader now. Today, network security is everything a company does to ensure the security of its networks and everything connected to them. This includes the network, the cloud (or clouds), endpoints, servers, users and applications

On the surface, having lots of data becomes less of a problem with AI-driven security, as ML usually requires lots of data to train the model and learn the patterns. On the contrary, not enough data is obviously a problem as the less data, the less accurate and thus the less useful the ML model becomes. However, as time went by, researchers gradually realized that having the right data was far more important. Too much data without the right information is just a waste of computing power for ML as well as a waste of storage space. Earlier UEBA vendors with solutions based on logs from SIEM tools learned this hard lesson: the SIEM might have collected lots of logs, but only a few of them contain the right information related to user behaviors. So, although data-driven security builds a great foundation for AI-driven security, in order to build scalable and accurate AI-driven security, the right data is far more important.

Stellar Cyber unveils Jumpstart, a partner program that enables MSSPs to integrate its Open XDR extended detection & response platform into their portfolios. Stellar Cyber, an extended detection and response (XDR) platform provider, has unveiled the Jumpstart partner program for MSSPs. The partner program launch comes after Stellar Cyber earlier this year hired Cylance veteran Brian Stoner as its VP of service providers and raised $7.1 million in an expanded Series A financing round.

Brian Stoner is a high-impact channel expert and thought leader with extensive experience working with all channels but more specifically MSP and MSSP partners. Before joining Stellar Cyber he has over 15 years of cybersecurity experience with high growth start-ups like FireEye and Cylance where he led the service provider programs. He was also the Vice President of Business Development for Solutionary – one of the top MSSP partners that was acquired by NTT. Brian has several articles that have been published regarding cybersecurity and the channel. He has an MBA with Distinction from Keller Graduate School and a bachelor’s degree from Southern Illinois University – Carbondale. Learn more about Stellar Cyber at stellarcyber.ai/

Historically, security buyers evaluated products on an individual basis in which firewall vendor A would have a bakeoff against firewall vendor B, and endpoint detection and response (EDR) vendor C would be compared to EDR vendor D. Conceptually, this might make sense, because having “best of breed” everywhere should offer the best protection.

Some years ago, during the renaissance of security information and event management (SIEM), security became log crazy. The hope was that by gathering logs from networking and security devices and running them through the SIEM, security events could be astutely exposed and security teams could gain an upper hand over attackers. The enthusiasm was soon dashed when it was obvious that logs alone were not the answer. In the first place, not everything was covered by logs and security details that were being captured could be manipulated easily as an attacker attempted to cover their tracks. Second, it’s one thing to aggregate logs but another to integrate the findings to produce true intelligence, particularly that which could easily stand apart from false positives.

When most people think about cybersecurity, they think about security products, such as firewalls, virtual private networks (VPNs), anti-malware and endpoint solutions. Maybe a security information and event management (SIEM) solution comes up or the advanced means of finding internal attackers or potential breaches. Sometimes, policies and end-user training also come into consideration or even the (overworked) security team.

Managed detection & response (MDR) provider Deeptree adds Stellar Cyber security operations capabilities (SOC) to deliver end-to-end protection against cyberattacks. MSSP Deeptree has integrated Stellar Cyber security operations capabilities into its managed detection and response (MDR) platform. The Stellar Cyber integration will provide the foundation for Deeptree’s next-generation security operations center (SOC), the companies said.

The cybersecurity world loves acronyms, and XDR is among the newest ones going around. XDR, or eXtended Detection and Response, is a foundational technology that detects cyberattacks anywhere they may occur - on endpoints, in servers, in applications, by users, in the network, or in cloud or SaaS environments.

Actively participates and contributes in trusted CXO community, forum and solutions intelligence to combat the most sophisticated cyber attacks Stellar Cyber, the only cohesive intelligent security platform that provides maximum protection by piecing attacks together across the entire IT infrastructure, announced today that it has joined, as a founding member, CxO InSyte,

High-Fidelity Next-Generation SOC Solution that Finds Active Attacks and Boosts Security Team Effectiveness is Major Draw for Customers

Executives consider cyberattacks as one of the topmost business concerns, and it outranks other adversaries like brand damage, regulations, and economic uncertainty. In the prevailing cyber landscape, cyberattacks are considered to be inevitable, but security analysts suggest that these attacks can be largely prevented if the companies choose to implement robust security measures. By having a sophisticated security measure in place, we can reduce the chances of someone walking away with the company’s sensitive data.

First of all, how are you and your family doing in these COVID-19 times? Changming Liu: We are doing fine. Tell us about you, your career, how you founded Stellar Cyber Changming Liu: I have a wealth of leadership, entrepreneurship, management skills, and technical expertise in networking, security, big data, and machine learning. Before co-founding Stellar Cyber, I was a co-founder, CTO, and Board Member at Aerohive Networks, a cloud networking provider that successfully completed an IPO in 2014.

Stellar Cyber announced a new toolkit customers can use to verify the platform’s functionality by launching a wide variety of cyberattacks against it. The Red Team toolkit is an offensive attack generator that ‘red team’ (offensive) security analysts can use to test the Stellar Cyber Open-XDR platform’s ability to defend against the latest attacks.

Toolkit adds Cyberattack Generator to help security analysts verify effectiveness of EDR, SIEM and thwart attacks over the entire cyber kill chain Stellar Cyber, the innovator of Open XDR, the only cohesive intelligent security platform that delivers maximum protection, today announced a new toolkit customers can use to verify the platform’s functionality by launching a wide variety of cyberattacks against it.

With more complex cyberattacks on the rise, and with COVID-19 adding additional challenges to protecting the enterprise, is the SIEM the go-forward core of a next-gen security operations center (SOC), or is it time to consider new ideas? We discuss daily the cybersecurity challenges with global thought leaders, but we wanted to get better insights into this challenge question to better understand the market. To that end, we contracted LeadtoMarket to perform a study with customers who have industry-leading SIEM platforms, to understand what is needed for customers to rethink their SOC practices and to consider a means to radically reduce costs and dramatically improve performance by reducing the complexity of day-to-day cybersecurity operations.

Interview With Albert Zhichun Li, Chief Scientist at Stellar Cyber - SoundCloud

Stellar Cyber: Our comprehensive security platform provides maximum protection of applications and data wherever they resideIn today’s online age, the number of threats to businesses and their customers increases every day. The largest obstacle in cybersecurity is the perpetual security risk that quickly evolves over short periods of time, leaving businesses with a widening gap in manpower and the resources needed to protect their data. In the past decades, Stellar Cyber has witnessed some significant advances in the detection and management of various cybersecurity threats, but in today’s fast-paced IT world, a new problem has arisen in the world of cybersecurity: companies are often drowning in too much information from too many tools, each of which has its own solution with its own management console.

Stellar Cyber: The only comprehensive security platform providing maximum protection of applications and data wherever they reside Every company with an online presence is subject to cyberattacks, and the challenge is to mitigate those attacks by spotting and correcting them as quickly as possible. We present to you Stellar Cyber whose top security infrastructure data collection, analysis and automated anywhere detection and response (XDR) mechanisms elevate productivity and strengthen security analysts to eliminate threats in a few minutes instead of days or weeks.

If Paul Newman’s Cool Hand Luke character were to address the security industry, his opening line would likely be: “What we have here is a failure to correlate.” Today, one of the major deficiencies affecting security is not a lack of data or even an aggregation of data, but the central problem is one of correlating data and connecting the dots to find otherwise hidden traces of attack activity.

You can use security analytics platforms to provide better visibility into your environments, detect threats and support investigations, and orchestrate a response across the environment. But to realize these benefits, you'll first have to select from a diverse set of vendors that vary by size, functionality, geography, and vertical market focus. Security and risk professionals should use this report to understand the value they can expect from a security analytics provider and to select one based on size and functionality.

During Black Hat USA 2020, Stellar Cyber Founder Aimei Wei Named a Top 100 Winner in this Prestigious Awards Category Exclusively for Women in Cybersecurity. Stellar Cyber, the only cohesive security AI/ML platform that delivers maximum protection today announced that its Founder and SVP Engineering Aimei Wei has been named a Top 100 Women in Cybersecurity for 2020 by Cyber Defense Magazine, the leading cybersecurity publication in the industry.

Albert Zhichun Li, Ph.D., is Chief Security Scientist at Stellar Cyber. He has over 15 years of experience in cybersecurity research. Not long ago, the state of voice recognition was quite primitive, and interacting with it was painful. Call management systems using voice recognition were fraught with errors, making it difficult to navigate to a desired destination or produce the correct result. But that was then, and this is now. Voice recognition has come a long way. It's now generally effortless and even enjoyable to ask things of Alexa, Siri or Google Assistant, and call systems work reasonably well. No one can deny the progress made in voice recognition.

Opportunities for women in the cybersecurity.

It’s neither data-driven nor AI-driven cybersecurity, which you might have heard before — it’s both and more, much more. It is correlation-driven cybersecurity. It is about correlations of many detections, from very basic like NGFW to very advanced like AI-based EDR, from various data sources in a single cohesive platform. We hear about many security challenges from prospects, customers and partners — why? Because it is part of what humans do — share pain! As you may or may not know, attackers have access to the same tools as we all do. They have access to both Big Data and AI technologies for more advanced attacks.

Albert Zhichun Li, Ph.D., is Chief Security Scientist at Stellar Cyber. He has over 15 years of experience in cybersecurity research. For many companies, a data breach has become almost a way of life and business as usual. Damages — from customer loyalty and reputation to financial penalties and damage to infrastructure — while sizable, seemingly have not significantly impaired the largest enterprises.

The experts at Stellar Cyber asked their co-founder and CEO Changming Liu 7 questions about the cutting edge Open XDR Security Platform, which has gained a lot of industry attention and users.

Aimei Wei is a woman who loves to solve problems. That’s one reason she’s passionate about her role in cybersecurity. “Solving cybersecurity problems is challenging, but it’s also a fascinating industry and career,” said Wei, founder and VP of Engineering at Stellar Cyber, a provider of security solutions, software and analysis tools. “It’s like you are a detective.”

Stellar Cyber announced that CyFlare has deployed the Stellar Cyber platform as the core of its Security Operations Center (SOC) service. While many MSSPs cobble together complete solutions from a dozen or more different products and then have trouble correlating detections to stop complex attacks, Stellar Cyber’s platform is a complete solution with more than 20 natively-supported applications that present detections in an intuitive dashboard.

CyFlare, a Top 200 MSSP, has unveiled a security operations center-as-a-service (SOCaaS) offering powered by the Stellar Cyber Open-XDR cybersecurity platform, according to a prepared statement. The news comes after Stellar Cyber raised $7.1 million in an expanded Series A financing round earlier this year.

“Application-based, intelligent and open platform, Starlight is the first automated detection and response Open-XDR security platform.”

METCloud is an award winning IT Managed Service Provider. It has been built around the highest level of cyber security technologies available. It tailors its innovative services to specifically align with your organisation’s requirements, ensuring METCloud is the only cloud platform you need.

Stellar Cyber, a provider of threat detection and response technology spanning multiple domains of enterprise infrastructure, has launched a capability for cloud environments to complement the endpoint and network dimensions already addressed by its Starlight platform. It calls it cloud detection and response (CDR), a term Omdia has championed for a while. XDR covers endpoint, network, and cloud The vendor refers to Starlight as an Open-XDR platform, adopting the parlance that Omdia coined in 2018, referring to a spectrum of detection and response technologies for endpoint (EDR), network (NDR), and other areas, eventually including cloud. NDR is sometimes referred to as network traffic analysis (NTA), but Omdia sees the latter as a subset of NDR, in that traffic analysis is necessary to detect threats, but NDR adds the critically important response capability that enables organizations to also mitigate threats. NTA was developed earlier for the purpose of network performance monitoring rather than as a security function. Indeed, a number of NTA vendors, such as Gigamon, Netscout, and ExtraHop, have expanded into NDR in recent years, to align with the direction of the security market and expand their target audience from network operations to security teams.

Cybercrime - Meet Stellar Cyber and the Open-XDR Security Platform - Listen the Audio

Security provider Stellar Cyber, with the first Open-XDR security platform, announced today that it has released its Cloud Detection & Response (CDR) App, the latest addition to the native-supported family of applications on its platform. The CDR App secures SaaS apps and protects public cloud infrastructure with automated attack detection, both manual and automated threat hunting, pre-built compliance reports, manual and automated response and many other features.

One of the unfortunate realities of network security is that it is largely reactive. To be fair, organizations are adept at testing and ensuring that the known holes or vulnerabilities are shored up and systems and devices are kept current and optimized to prevent against a successful attack.

Stellar Cyber - Changming Liu, CEO. Stellar Cyber is the key definitive cyber security guide to help deal with the never-ending, always-looming cyber threats in the digitized world. The Starlight platform from the company rounds up all the different datasets and brings all the cyber security analysis into one mighty management console.

Online threats are diverse, and while searching for a target, they don’t discriminate between organizations and individuals. Cyber threats range from network infiltrations and data breaches through spear-phishing and brute force. Cybersecurity is the implementation of technology, processes, and controls to protect the systems, networks, services, devices, and data from cyberattacks. It aims at reducing the risk of cyberattacks and protecting against the unauthorized systems, networks, and technology exploitation.

In recent times, the organizations are digital by default, and it is becoming difficult for them to map their digital surrounding. The technology infrastructure of every organization is custom-made, and it is complicated. There is no reward without risk. Digital businesses make use of connected devices, new technologies, and operating platforms. They also embrace new ways of working, building large data storage, and so on.

In the past, this malware gained entry using different techniques: exploit kits via drive-by downloads, remote desktop connections (RDP) with weak passwords, email impersonation, and email spam. In the majority of cases where the phishing email is being delivered, the user is clicking on the link, then they give the macro authorization to run, and ultimately get the malicious file installed. Once installed, the Maze ransomware begins to encrypt critical data on the infected machine. While the encryption process is running, the ransomware also ex-filtrates the data to a server on the internet. When both of those processes are complete, the user is presented with a ransom demand and a method to recover their encrypted data.

Extended detection response technology assumes a breach across all your endpoints, networks, SaaS applications, cloud infrastructure, and any network-addressable resource.

Silicon Valley-based Stellar Cyber, a security provider, has raised $7.1 million in additional funding, bringing its total Series A tally to $21.8 million.

Security provider Stellar Cyber, with the first Open-XDR security platform, announced the latest addition to its Starlight platform’s built-in App Store, a new Entity Behavior Analytics app.