Close this search box.

Interview With Changming Liu by Safety Detectives

Interview With Changming Liu

Changming Liu, CEO and Co-Founder of Stellar Cyber, did us the honor of sitting down for an interview with Aviva Zacks of Safety Detectives. He told her how his company is riding the XDR wave.

Safety Detectives: What motivated you to start Stellar Cyber?
Changming Liu: I co-founded Stellar Cyber in 2015 with our VP of Engineering in Silicon Valley. We had been working in networking and cybersecurity for many years. We worked for companies like Netscreen and Cisco. We knew that prevention technologies like firewalls could not prevent all attacks, especially when the attack surface has changed a lot as more workloads are moving to cloud and SaaS applications like O365 are becoming more and more popular.  Breaches happen almost daily despite almost every enterprise having firewalls in place. And what’s even more clear from the recent SolarWinds attacks, it’s not about perimeters anymore—firewalls are a small part of our total security solution, and it’s not even about when you get hacked. Now, you should assume you are hacked, and the question is, can you find out quickly, stop it, and remediate any damage. The trend of the enterprise security solution was shifting from prevention-based architecture to become more detection-based architecture. However, with more security solutions, especially detection technology, being developed and deployed, a new problem has arisen in the world of cybersecurity: companies are often drowning in too much information from too many security tools that each have its own solution with its own management console. If an organization has one or two of these, it’s not a big problem, but once it has installed 8, 9, or 10 cybersecurity systems, it will have many sets of data in different data lakes, multiple algorithms, and multiple management consoles. It indeed amounts to being too much of a good thing.Stellar Cyber was established based on the information overload problem happening in every medium-to-large company’s IT department and, in particular, in the security operations center where there is room for improvement in its effectiveness, efficiency, and efficacy.  Several VCs have funded Stellar Cyber, including Valley Capital Partners, Big Basin Partners, SIG – Susquehanna, and Northern Light Venture Capital.

SD: Tell me about Stellar Cyber’s flagship platform.
CL: We are part of the rise of platform thinking. One way to get past too many security tools is to build, from the ground up, a platform with pre-built tools and a natively-supported detection mechanism. This way, you share exactly the right data for high-speed analysis with high-fidelity detections as the outcome.Stellar Cyber pinpoints attack activities and provides security teams with efficiency and effectiveness to identify the most important events without the endless wild goose chases seen in other security systems. Stellar Cyber enables 360-degree visibility across the entire attack surface of the network, endpoints, cloud, applications, and users. Besides natively-supported tools, it also enhances existing security tools by correlating their detections across them. Alert fatigue can be minimized and smaller signals that might not otherwise be noticed can be augmented with other data to ensure not missing attack activities that would otherwise be under the radar.

SD: What verticals use your products?
CL: Since we sell a platform, at some point, it is best sold as a managed security service to smaller customers through MSSP partners, whereas large enterprise customers needing compliance and security operation in-house leverage our security operations platform as part of or their entire SOC.

On the enterprise side, Stellar Cyber is designed for organizations that are overworked and understaffed but which need to protect their data and assets better. The platform is horizontally applicable since these conditions apply to most organizations. Stellar Cyber boosts the ability of a security team to find and stop attacks, eliminating or mitigating theft or damage.

For example, based in Birmingham, Alabama, EBSCO Industries is one of the largest privately-held companies in the United States. It owns roughly 40 small-to-medium business units across a diverse group of industries, including publishing, manufacturing, real estate, information services, and insurance. As incidents of cyberattacks against enterprises became more common, EBSCO’s board of directors wanted to tighten its security posture. They chose Stellar Cyber as the solution for building an effective Security Operations Center (SOC). Stellar Cyber pulls together EBSCO’s disparate sets of security tools and presents their findings under a single, intuitive interface so analysts can quickly spot and correct issues.

CyFlare is a great MSSP customer story to share, a top 100 global managed security services provider (MSSP) based outside of Rochester, New York. The company wholesales managed security services to small and mid-sized VARs, MSPs and  MSSPs, and brings value to its customers by delivering Security Operations Center (SOC) as-a-service functionality that’s comprehensive, cost-effective, and easy to deploy. CyFlare relies on Stellar Cyber’s solution as the core of its SOC-as-a-service offering. The Stellar Cyber platform helps CyFlare deliver high-value, high-margin security services to downstream MSPs and small enterprises.

SD: How does your company stay ahead of the competition?
CL: We are part of an emerging new category called XDR – eXtended (X) detection (D) and response (R), which reflects the idea that an enterprise attack surface is no longer a single point. It means detecting threats anywhere, from within, from outside, or from host-to-host attacks. Industry analyst firms Enterprise Strategy Group (ESG), Gartner, Forrester, and Omdia track the new XDR category.

Our main competitors in the XDR space ar