Storing metadata and offering flexible storage options sets Stellar Cyber’s platform apart
Cybersecurity is essentially a data problem, with best practices necessitating capturing and retaining all available data to properly evaluate potential threats and keep an audit trail for future investigations. This approach causes skyrocketing storage costs and makes it much more difficult to identify real attacks, because analysts often can’t see the forest for the trees with the massive amounts of data. Voluminous data also makes forensics and threat hunting almost impossible on some legacy SIEMs due to poor query performance.
Stellar Cyber’s intelligent SOC platform is more efficient, storing only security-relevant metadata in a scalable, elastic data lake, which reduces the amount of storage needed and makes it easier to identify anomalies more quickly. Once it collects the metadata, Stellar Cyber’s AI-powered analytical engine evaluates it and alerts analysts to even the most complex attacks.
“We were having a real problem storing data from a traditional SIEM,” said Joe Morin, CEO of CyFlare. “Stellar Cyber’s metadata parsing and flexible storage options save us money on resources while making our analysts more efficient.”
Flexible Storage Designed for Scalability and Efficiency
Most SIEM products not only force collection and storage of irrelevant data, but they don’t offer any flexibility in what, how or where data is stored. With Stellar Cyber, users have many choices through its Open XDR platform. They can pick the right data to be collected, customize data retention time by type of data (on a per-tenant basis in a multi-tenancy environments), choose whether data is kept in hot or cold storage, and pick where to house cold storage (on-premises with a NAS or JBOD system or in the cloud) to further save on costs.
“Scaling storage is a top complaint by legacy SIEM users – the SIEM sucks up all the data, but then you have to store it somewhere,” said Zeus Kerravala, principal analyst at ZK Research. “Stellar Cyber’s platform keeps only the relevant data for security analysis and then gives users a lot of options for how and where it’s stored.”
Stellar Cyber’s fast forensic analysis and threat-hunting capabilities are built on top of its scalable elastic data lake, which is designed for storing large volumes of data with fast search performance on a cloud-native, microservice architecture. The collected data is normalized, enriched in real time with context, correlated, and can be searched quickly by any data field or any combination of fields. Data is automatically evaluated for anomalies by the platform’s AI-powered detection engine, and analysts can use pre-built or home-grown threat-hunting playbooks to ferret out threats wherever they reside.
“Data storage is a major challenge for users of security systems, particularly legacy SIEMs,” said Steve Garrison, VP of Marketing at Stellar Cyber. “We thought through this issue when designing our Open XDR platform, and now offer a number of ways in which customers can optimize their storage to improve efficiency and save costs.”
Resources:
Open XDR vs. XDR
While standard XDR platforms enforce vendor lock-in and abandonment of existing security tools, Stellar Cyber’s unique Open XDR platform works seamlessly with existing EDR, SIEM, UEBA, NDR, and other solutions to preserve their investments. In addition, Stellar Cyber’s platform enhances those investments by ingesting their data, normalizing and correlating it, applying AI-driven analytics to inspect it, and automatically responding to complex threats. Only Stellar Cyber’s Open XDR delivers these benefits.
About Stellar Cyber
Stellar Cyber is the innovator of Open XDR – the only intelligent, next-gen security operations platform that provides high-speed, high-fidelity threat detection and response across the entire attack surface. The world’s first Open-XDR platform, Stellar Cyber is an easy-to-use investigation and automated response platform, delivering a 360-degree view of your entire attack surface with readily-available, high-fidelity detections delivered through pre-built, tightly-integrated capabilities including NDR, CDR, NG SIEM, UEBA, and Automated Threat Hunting. Stellar Cyber’s platform helps eliminate the tool fatigue and data overload often cited by security analysts and enables them to respond in real time rather than days or weeks. The company is based in Silicon Valley and is backed by Valley Capital Partners, Northern Light Venture Capital, SIG, Big Basin Ventures and other investors. For more information, contact http://stellarcyber.ai.
###
Stellar Cyber Contact:
Charlie Rubin
Story PR
+1 510-908-3356
[email protected]
END