• Support
  • Contact Us
Stellar Cyber
  • Platform
    • Overview
    • Platform Tour
    • How It Works
    • Stellar Cyber for Enterprises
    • Stellar Cyber for MSSPs
    • Before and After Stellar Cyber
    • What is Open XDR
  • Industries
    • Manufacturing
    • Government
    • Higher Education
    • Financial Services
  • Services
    • Overview
    • Customer Enablement
    • Stellar Cyber Academy
    • Customer Success
  • Pricing
  • Resources
    • Library
    • Blogs
    • Case Studies
    • Data Sheets
    • Ebooks
    • Research Reports
    • Use Case Videos
    • Podcasts
    • Whitepapers
    • Webinars
  • Partners
    • MSSPs
    • Become A Channel Partner
    • Become A Technology Partner
    • Open XDR Marketplace
    • Partner Portal
  • Company
    • About Us
    • Our History
    • Events
    • Press Coverage
    • News Releases
    • Customer Testimonials
    • Careers
    • Contact Us
  • Request A Demo
  • Platform
    • Overview
    • Platform Tour
    • How It Works
    • Stellar Cyber for Enterprises
    • Stellar Cyber for MSSPs
    • Before and After Stellar Cyber
    • What is Open XDR
  • Industries
    • Manufacturing
    • Government
    • Higher Education
    • Financial Services
  • Services
    • Overview
    • Customer Enablement
    • Stellar Cyber Academy
    • Customer Success
  • Pricing
  • Resources
    • Library
    • Blogs
    • Case Studies
    • Data Sheets
    • Ebooks
    • Research Reports
    • Use Case Videos
    • Podcasts
    • Whitepapers
    • Webinars
  • Partners
    • MSSPs
    • Become A Channel Partner
    • Become A Technology Partner
    • Open XDR Marketplace
    • Partner Portal
  • Company
    • About Us
    • Our History
    • Events
    • Press Coverage
    • News Releases
    • Customer Testimonials
    • Careers
    • Contact Us
  • Request A Demo
February 14, 2022February 11, 2022

Stellar Cyber’s Open XDR Platform Debuts “Universal EDR” to Optimize Data from Any EDR for Enhanced Speed and Precision in Detecting Attacks

Universal EDR is Industry’s First Open, High-Fidelity XDR Technology to Unify and Amplify Data from Any and All EDRs

Santa Clara, CA, February 14, 2022 — Stellar Cyber, the innovator of Open XDR, today announced Universal EDR – an open, heterogeneous Endpoint Detection and Response (EDR) technology that optimizes and augments event and alert data from any single or combination of EDRs from any vendor. Using the Stellar Cyber Open XDR platform, data from different EDRs is appropriately interpreted to deliver cohesive, low-noise findings regardless of EDR source. The result is high-fidelity detection of real attack activity that is operationalized for fast, efficient response. Universal EDR thus maintains the Stellar Cyber platform’s openness while incorporating third-party EDR or multiple EDRs’ data as if they were built directly into the platform. At the same time, companies can change their EDRs or use multiple ones, and Universal EDR will automatically calibrate the data for overall precise attack detection.

Through a tight, bidirectional data flow, optimized data pathways and integrated resource assessment—such as monitoring for container builds and changes, Kubernetes execution and server activities interacting with endpoints—the Stellar Cyber platform preserves investments in EDRs and enables organizations to find attack activity early to prevent or minimize damage. In addition to optimizing individual EDRs’ data for faster, earlier detection of attacks, Universal EDR adds precision to an EDR’s own alerts.

“With this announcement, Stellar Cyber can enable enterprises and MSSPs to retain investments in and increase the value of any existing EDR tool within an XDR environment,” said Jon Oltsik, Senior Principal Analyst and ESG Fellow. “Users can now enhance their favorite EDR tools with full integration into an XDR platform, combining their EDR data with telemetry from other security tools and obtaining greater visibility.”

Stellar Cyber’s Universal EDR delivers ready-to-consume EDR integration and data optimization without requiring the customer to complete manual integration, significantly speeding time to value. At the same time, Stellar Cyber enriches existing EDR security tools, allowing SOC teams to act more quickly on findings from existing EDRs or enhancing that data with other critical alert data from other key systems (SIEM/NDR, etc.).

Universal EDR incorporates four key advancements:

  1. It collects complete data sets from any EDR tool and creates bidirectional communication to and from the Open XDR platform through APIs, enabling flexible and preferred response via the customer’s existing tools and workflow.
  2. It incorporates EDR-specific alert processing pathways to standardize data output and ensure high-fidelity detections by removing the noise of these alerts.
  3. It automatically processes and correlates data from all tools in the security stack, including EDR, to provide better context for accurate diagnosis and timely response.
  4. It dynamically discovers asset information from EDR data and combines it with asset information from a variety of other data sources to provide comprehensive asset management and UEBA analytics.

“Some XDR vendors can do one-way or even two-way integrations between their core platform and third-party EDR products, but that’s not really enough to ensure accurate detection and response – it requires careful study and treatment of EDR alert and event data with critical enrichment to evolve from simply alerting to truly informing. In addition, as environments change and evolve, a company may need more EDR integrations,” said Sam Jones, VP of Product Management at Stellar Cyber. “With Universal EDR, our platform performs automated integration, customized data processing, and event correlation to deliver the best detections and faster responses regardless of which EDR product is being used.”

 

Custom Alert Pathways Precisely Match Each EDR:
Stellar Cyber’s real-time EDR data processing uses three different types of alert pathway to closely align with the way each EDR operates and the level of noise it produces:

  1. Passthrough Enrichment — all alerts are passed directly from the EDR after normalization and enrichment to the Open XDR Platform and mapped to MITRE ATT&CK context and identification as needed to aid investigations. 
  2. Deduplication — Machine Learning (ML) is used to identify source EDR alerts that are related and part of the same activity, and to generate a single alert within the Open XDR platform to improve prioritization and response speed. Some EDRs produce a number of alerts for the same event, causing extreme alert fatigue and reducing precision and efficiency.
  3. Machine Learning Alerts — EDR events and alerts are processed via different ML models that generate high-fidelity alerts within the Open XDR platform through automated data correlation and weak signal escalation to enable faster responses.

The Stellar Cyber Open XDR Platform automatically applies these pathways for each EDR tool. For example, EDR 1 might have 10% Passthrough Enrichment, 50% Deduplication, and 40% Machine Learning Alerts, while for EDR 2 those ratios could be 0%, 80%, and 20% respectively.

“For a company that doesn’t build an in-house EDR, we find ourselves at the leading edge of endpoint-based security research,” said Aimei Wei, Founder and CTO at Stellar Cyber. “This gives our customers full confidence that they can integrate their EDR of choice and get outstanding results through the Stellar Cyber Open XDR platform.”

Resources:

  • Stellar Cyber security operations platform
  • Stellar Cyber case studies
  • Stellar Cyber blogs

 

About Stellar Cyber:
Stellar Cyber’s Open XDR platform delivers Everything Detection and Response by ingesting data from all tools, automatically correlating alerts into incidents across the entire attack surface, delivering fewer and higher-fidelity incidents, and responding to threats automatically through AI and machine learning. Our XDR Kill Chain™, aligned with the MITRE ATT&CK framework, is designed to characterize every aspect of modern attacks while remaining intuitive to understand. This reduces enterprise risk through early and precise identification and remediation of all attack activities while slashing costs, retaining investments in existing tools and accelerating analyst productivity. Typically, our platform delivers an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley. For more information, contact https://stellarcyber.ai.

###

Stellar Cyber Contact:

Charlie Rubin
Story PR
+1 510-908-3356
charlie@storypr.com

END

Portfolio navigation

Previous
Next

Categories

  • AI-driven security
  • Alliances Events
  • Application Security
  • Apps
  • Artificial Intelligence
  • Breach Detection
  • Case Studies
  • Case Studies – MSSP
  • Cloud
  • Cloud Security
  • Compliment SIEM
  • Core Capabilities – Datasheets
  • Core Technologies – Datasheets
  • CxO Insyte Events
  • Cyberattacks
  • Cybercriminals
  • Cybersecurity
  • Data Breaches
  • Data Collection
  • Data Storage
  • Deployment Models – Datasheets
  • Ebook – Whitepaper
  • EDR – Endpoint detection and response
  • EDR Alerts
  • Email
  • Endpoint
  • Enterprise Events
  • Identity
  • IT technology
  • Kill Chain
  • Machine Learning
  • MSSP
  • MSSP Events
  • NDR
  • Network
  • Network Security
  • Network Traffic Analysis
  • NG-SIEM
  • Open XDR
  • Open XDR Platform
  • Open XDR Summit Event
  • Podcast
  • Ransomware attacks
  • Security Operations Center (SOC)
  • security technology
  • SIEM
  • SIEM technology
  • SOC
  • SOCless
  • Uncategorized
  • University
  • Vulnerability
  • Webinar – Architecture
  • Webinar – Business Models
  • Webinar – General
  • Webinar – Upcoming
  • Whitepapers
  • XDR
  • XDR Adoption
  • XDR Solutions

Archives

FOR ENTERPRISE

  • Replace SIEM
  • Complement SIEM
  • Deploy NDR
  • Turn EDR Into XDR
  • Next Gen SOC

CAPABILITIES

  • NG SIEM
  • Universal EDR
  • Automated Threat Hunting
  • Automated Response
  • Threat Intelligence

PARTNERS

  • Become a MSSP Partner
  • Become a Channel Partner
  • Become a Technology Partner
  • Open XDR Ecosystem
  • Partner Portal

Resources

  • Blogs
  • Case Studies
  • Data Sheets
  • eBooks
  • Use Case Videos
  • Podcasts
  • Webinars
  • Whitepapers

Company

  • Who We Are
  • Our History
  • Reduce Insurance Costs
  • Events
  • Media Kit
  • News Releases
  • Press Coverage
  • Customer Testimonials
  • Careers
  • Contact Us

For MSSP

  • Increase Revenue and Margin
  • Sell SOC-as-a-Service
  • Sell MDR-as-a-Service
  • Grow Market With Universal EDR

TECHNOLOGIES

  • Sensors
  • Interflow
  • Data Lake
  • AI Engine
  • XDR Kill Chain
  • Deployment

NETWORK

  • Network Traffic Analysis (NTA)
  • Firewall Traffic Analysis (FTA)
  • Data Streaming
  • Security Across Clouds
  • Automated SOC
  • Securing Containers
  • User Entity Behavior Analytics
  • Cloud Detection Response
  • NTA / NDR+ with ML-powered IDS

REPORTING

  • Log Management Use Cases
  • Compliance and reporting

FOR INFRASTRUCTURE

  • Integrating Existing Infrastructure
  • How Interflow Works
  • Collection Engines
  • Multi Tenant Security Platform
  • Data Processing Engine
Stellar Cyber
© 2023 Stellar Cyber All Rights Reserved | 2590 N First St Suite 360 San Jose, CA 95131
X
See Stellar Cyber
Upcoming Events!
Cookies on Stellar
We use cookies for a number of reasons, such as keeping Stellar Cyber websites reliable and secure, personalising content and ads, providing social media features and to analyse how our sites are used. Read More
AcceptReject
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT