Firewall Traffic Analysis (FTA)
As one of the native capabilities of Stellar Cyber's intelligent security operations platform
As one of the native capabilities of Stellar Cyber's intelligent security operations platform
NDR detects suspicious events that other network security tools
are missing, improving MTTI over 8x
The Right Data With Accurate Cybersecurity Analysis
The Right Data With Accurate Cybersecurity Analysis
- Collect the right network security L2-L7 metadata and files for > 4,000 network applications from packets
- Collect traffic data including NGFW logs, and network devices NetFlow and IPFix
- Normalize and enrich the data from many sources to build rich context for accurate security analysis
- Build actionable, searchable and readable Interflow™ records stored in a single, efficient big data lake
- Maintain high data availability through buffering, replication, redundancy, and years of configurable long term storage
- Provide 360 degree visibility for both north/south and east/west traffic, traffic inside public cloud, and traffic between containers
- Apply machine learning, both supervised and unsupervised, and deep learning to analyze Interflow™ records in real time
- Advance signature-based detections with machine learning to improve fidelity.
- Integrate advanced persistent threat (APT) and malware detection to provide a unified detection across the kill chain
- Tightly integrate and correlate with EDR, CDR, Vulnerability scanning, IoC, etc. on a single Open XDR platform
- Trigger automatic responses through direct NGFW, EDR and Active Directory integration, through SOAR integration or through incumbent SIEM systems
- Threat hunting via flexible global text search – manually or through automation
Automated Firewall Detection and Response
Firewall Traffic Analysis (FTA) Application 3-minute overview
Stellar Cyber’s Open XDR Security Platform.
Automated Firewall Detection and Response
Network Detection And Response (NDR)
MSSP Case Studies
What People Are Saying
Jon Oltsik Senior Principal Analyst and ESG Fellow
Central IT Department University of Zurich
Gartner PeerInsights
Rik Turner Principal Analyst, Infrastructure Solutions
Key Features
Data Beyond Raw
Packets
Network Detection and Response (NDR, or NTA) addresses the labor/false alert data security analysis challenge by enabling IT security staff to weed out low- or no-value data in network packets, to better qualify and funnel alarms with threat intelligence and advanced security analytics, and to reduce data storage.
Detection at
Scale
Stellar Cyber NDR is a distributed cybersecurity system with a family of sensors and a centralized data processor and management system. It also encompasses a distributed detection system with multiple processing stages to improve system performance and scalability. Network security through NDR begins by performing necessary detections such IP/port scan, DNS tunneling, and flooding at the data collection stage.
Response at Your
Discretion
Stellar Cyber’s NDR application supports both automatic and manual responses. It can directly block attacks by dropping suspicious traffic on NGFW, disabling affected users on Active Directory, containing compromised endpoints via EDR, or any actions through Restful APIs or flexible scripts. Stellar Cyber’s NDR also supports integration with other SOARs like Phantom, Demisto, Swimlane and more.
Designed Around
AI
Sensors, collected data, threat intelligence and data storage technologies all support AI which drives detection and response outcomes.