All your investments, full visibility

Open integrations with the market leading IT and security tools so you can protect the entire attack surface. Collect telemetry, respond directly through tools and distribute your data where you need it. If Stellar Cyber doesn't yet integrate with a mission critical tool, it can be rapidly added to the integration suite.

Open XDR Ecosystem

Example Integrations

Entity Behavior Analytics Application
AlienVault alternatives
Carbon Black Logo
Cylance Logo
Cyber Reason
siem tools
Fortinet Logo
Security software
Network Detection and Response Platform
User Behavior Analytics

Understand traffic across the enterprise, both north-south, and east-west.

See all your assets, their activity and vulnerabilities. Then respond back through your tool to take action where necessary.

Access all cloud telemetry regardless of your multi or hybrid cloud setup.

Track users across all applications and systems to detect risk and advanced threats.

Correlate vulnerabilities with activity across the enterprise to prioritize remediation.

Get visibility into key SaaS applications where some of your most critical enterprise information and workflows are stored.

Bring together email alerts with all other telemetry to detect and respond to phishing attacks.

Key Features

Stellar Cyber has a number of features that collect data, take
response through source tools and send data to other systems.

automated soc

Log Forwarders

Log forwarders collect, aggregate and parse logs from hundreds of existing IT and security tools such as firewalls, IAMs, WAFs, EDRs etc. They support various format including standard log format, CEF format, etc. New log parsers can be added any time without interrupting your existing services.

automated threat hunting application


Connectors collect, aggregate and parse data from tool through their APIs. Connectors ensure visibility into Software-as-a-Service applications, service provider environments or any tool with an API. They also help consolidate data such as asset information from your EDR and other asset based systems.

cloud detection and response

Threat Intelligence

Although Stellar Cyber has a built-in Threat Intelligence Platform, it also allows our customers to import their favorite threat intelligence feeds through STIX-TAXII.

cloud security

Automated Response

The built-in Automated Response capability of Stellar Cyber allows security analysts take direct actions in the platform without switching to another platform. By leveraging APIs provided by your existing security tools, the platform can interact with firewalls to block attacking IP addresses, disable users via the Active Directory, disconnect an endpoint device from the network via EDR, or trigger a vulnerability scan, to name a few. It allows security analysts to define powerful playbooks so that any combination of these responses can be automated based on one or multiple conditions. This helps improve the response time to an attack and reduce the risk.


Data Sink

The Data Sink feature allows for Stellar Cyber to seamlessly integrate with other data infrastructure including object storage for compliance or SIEM for maintaining existing investments. It can either stream raw data with fused context, the AI-generated Alerts and Incidents, or both, to any location.

entity behavior analytics tools

Open APIs

The Stellar Cyber Open XDR Platform provides a rich set of restful APIs to allow access to the data stored in the Data Lake. These APIs have been used for successful integration with third-party SOAR tools like Phantom, Demisto, Swimlane and Siemplify etc.