TECHNOLOGY

AI Engine

Battle-Tested, Purpose-Built, AI

Go beyond alerts – detect and respond to cases. Industry-leading machine learning (ML) algorithms detect threats in the enterprise. Stellar Cyber’s AI engine is like a team of world-class security experts working around the clock at massive scale to make your team faster and more effective.
AI That Delivers Results
The output of Stellar Cyber’s AI engine can be simplified down to generating two types of data for security teams: Alerts and incidence Cases.

Together, Alerts and Cases provide the depth and holistic view teams need to make rapid decisions.

Novel Alerts

Alerts are instances of specific suspicious or high-risk behavior and are the building blocks of Cases. Stellar Cyber ships with 200+ Alert Types out of the box; no configuration required. Alert Types are mapped to the XDR Kill Chain, to enable prioritization and correlation. Individual Alerts have a generated, human-readable description of what happened, and recommended remediation for fast response.

Example Alert types include:

  • External Scanner Behavior Anomaly
  • Internal RDP Brute Force Attack
  • Internal SMB Username Enumeration
NDR platform
NDR platform

Automatically Correlated Cases

Alerts are instances of specific suspicious or high-risk behavior and are the building blocks of Cases. Stellar Cyber ships with 200+ Alert Types out of the box; no configuration required. Alert Types are mapped to the XDR Kill Chain, to enable prioritization and correlation. Individual Alerts have a generated, human-readable description of what happened, and recommended remediation for fast response.

Real-world Cases detected in Stellar Cyber:

  • Darkside Ransomware attack
  • Sunburst attack
Download Cases Data Sheet

How Stellar Cyber’s AI Engine Works

Download AI / ML Whitepaper

Key Features

Accurate

Alert fatigue is a serious problem. Not every anomaly is a security incident. Security analysts should stop sifting through countless anomalies and focus on the real threats. Core to Open XDR , Stellar Cyber’s AI engine leverages state-of-the-art machine learning algorithms to implement the best accuracy for detection.

It analyzes time series and
peer groups with unsupervised learning, performs complex
behavior analysis through modeling relationships with GraphML, and generalizes known attack patterns with supervised learning. It also correlates and builds context with advanced GraphML so that we can present the high-priority attacks with rich context.

Real Time

It may take minutes for hackers to infiltrate your system and steal valuable information. You need virtual security experts to continuously work around the clock and detect threats in real time. Stellar Cyber’s AI engine performs machine learning inference in real time and provides detailed reasons for its output.

Unified

Our single advanced AI engine powers Stellar Cyber’s Open XDR technology and works on various data sources after normalization, regardless of data types such as logs or network traffic.

When a new data source is ingested, all existing detections will be directly applied. For example, our machine learning can perform user behavior analysis based on behavior data from different data sources. Machine learning inference is natively embedded in our data processing pipeline without the need to send data outside.

Adaptive

Stellar Cyber goes wherever you need it to go – on-premises, in the cloud, or hybrid. Multi-tenancy is built in from the beginning to ensure flexible, secure operations for any organization. Multi-site allows data to stay resident in its own region to be compliant and scalable in complex operating environments.

Explainable and Actionable

The ultimate goal for detection is to take action to stop attacks and to keep your environment safe. Action-taking is a serious decision; security analysts need to fully understand the situation to make an informed decision regarding what is the best action to take.

With the latest explainable AI, instead of being a black box, the AI engine provides human-friendly evidence and easy-to-digest-details from machine learning models to ease decision-making. With that, a serious decision, security analysts can easily understand the reasons and evidence for any detection to block an attack with high confidence without mistakenly interrupting protected users or applications.
Request a Demo

Bring Hidden Threats
to Light

Expose threats hiding in the gaps left by your current security products, making it harder for attackers to harm your business.
Request A Demo

 

 

 

 

For Enterprises

Capabilities

Partners

Resources

Company

For MSSP

Technologies

Network

Use Cases

For Infrastructure

Search
#image_title
© 2025 Stellar Cyber All Rights Reserved | 2590 N First St Suite 360 San Jose, CA 95131
Linkedin Youtube
Scroll to Top
Sign Up For Newsletters