Stellar Cyber Supercharges Firewalls with Traffic Analysis App
New App Applies Machine Learning to Firewall Data to Spot Anomalies
Firewalls have limited resources in terms of processing power and storage size, so they have limited intelligence and they are usually optimized only for policy enforcement. Stellar Cyber’s Open-XDR platform can cost-effectively store firewall traffic logs for forensics, compliance and threat hunting. The new FTA App leverages additional sets of enriched data such as Threat Intelligence, geo-location, username and host name to create better context for the data. It also leverages advanced machine learning and big data analytics in conjunction with other detection’s to fuse context into the data. This process in effect adds a second set of eyes uncovering additional cyber-threats and anomalies, from firewall mis-configurations to Command and Control (command & control) Domain Generation Algorithms (DGA) and data exfiltration like DNS tunneling to malware detection such as ransomware. The App also leverages closed-loop automated workflow to block attackers through firewall APIs.
“Firewalls are relatively passive because they have a limited processing capability and apply a static set of rules to traffic,” said Iker Simsir, Principal Product Manager at Stellar Cyber. “Our FTA App delivers the automated intelligence of our Starlight platform to provide important new insights from firewall data and run through machine learning to elevate to the next level of security analysis.”
Helpful Stellar Cyber links
About Stellar Cyber:
Stellar Cyber makes Starlight, the only comprehensive security platform providing maximum protection of applications and data wherever they reside and automatically responding to attacks wherever they occur. Starlight tightly integrates dozens of security applications from an App Store and presents results in an intuitive dashboard to supercharge analyst productivity by slashing attack response times to seconds or minutes. Starlight deploys easily on premises, in public clouds or with service providers. Stellar Cyber is based in Silicon Valley and is backed by Valley Capital Partners, Northern Light Venture Capital, SIG and other investors. For more information, contact https://stellarcyber.ai.