Close this search box.

August Product Update

SIEM platform

August Product Update

Stellar Cyber continually works to ensure the products we deliver not only meet but exceed the needs of our customers. As hockey legend Wayne Gretsky famously said, “I skate to where the puck is going to be, not where it has been” we also work hard to anticipate the future needs of our current and future customers, as evident from our product roadmap that we make freely available to our customers right from within the platform. Recently we released version 4.3.3, which brings with it enhanced incident usability, a new connector to a leading endpoint product provider, as well as native alert ingestion additions. For complete details, references the release notes available within the Stellar Cyber product. Here are the high points for those who might not yet be customers of Stellar Cyber or just can’t wait to learn more about this release.

Filtering is Fundamental

Anyone that has taken on the daunting task of looking for a house or apartment knows that when you first select a city, you are shown a list of hundreds, even thousands, of possibilities. While I am sure most homes would be a nice place to live, there is simply no way to effectively find what is right for you without applying some criteria, aka filter. By selecting a number of bedrooms, size, and price range, you hopefully are left with a much more manageable list of options. This same logic applies to incidents within Stellar Cyber. While each incident is relevant, we know not all incidents are the same. Now, in v4.3.3, you can apply filters to the incident list to hone in on the incidents you want to investigate. You can filter score, date created, modified, and more.

Going Deep

The Stellar Cyber Open XDR Platform is helping security teams become more efficient and effective because of its ability to eliminate “swivel chair” integration. With Stellar Cyber security analysts no longer need to continually swivel from one product to another to gather data, perform investigations, and initiate response actions. Due to the breadth of integrations available, most organizations now use Stellar Cyber as the hub of their security operations, having their other security controls feed data into the platform.
In v4.3.3, we added an endpoint heavyweight to the ranks of our out-of-the-box integrations with a new connector to Deep Instinct. If you are not familiar with Deep Instinct, you probably should be, as they are leveraging deep learning to identify threats, and they are damn good at it. Full disclosure, I had the pleasure of working with the team at Deep Instinct a few years ago and can tell you their tech is phenomenal and worth checking out if you are in the market for a new endpoint protection product. In this release, we can ingest native alerts from Deep Instinct, and in the near future, we will be introducing a capability to initiate response actions automatically.

Who wants more native ingestion?

When your goal is to turn security data into relevant security incidents, you will always be looking for ways to improve your outcomes. That is exactly what we are continuing to do with the addition of Azure AD Risk Detection and Google Workspace: Gmail Phishing alerts. Now when either of these products detects a threat, those threats will be visible from the stellar cyber product, giving you an even better view into the threats against your environment.