TECHNOLOGY

XDR Kill Chain™

See everything, detect everything

The XDR Kill Chain is a fully compatible MITRE ATT&CK framework kill chain that is designed to characterize every aspect of modern attacks while remaining intuitive to understand. All Stellar Cyber Alert Types are aligned to the XDR Kill Chain out of the box, so you can start detecting full attack progressions, immediately.

XDR Kill Chain Design

Older kill chains like the Lockheed Martin Cyber Kill Chain are outdated, but newer frameworks like MITRE ATT&CK, while powerful, do not fully characterize attacks in a way that an XDR platform requires. The XDR Kill Chain solves these problems and is purpose-built for XDR.

Threat hunting application

XDR Malware
Covers all malware-related detections

XDR Network Behavior Analytics (NBA)
Covers network anomaly detections

XDR Intel
Covers all threat intelligence-related detections

XDR Endpoint Behavior Analytics (EBA)
Covers all host-based anomaly detections

XDR User Behavior Analytics (UBA)
Covers user anomaly detections

XDR Sensor Behavior Analytics (SBA)
Covers injection anomaly detections
on the operational side

Cybersecurity

Key Features

Stellar Cyber has a number of features that collect data, take
response through source tools and send data to other systems.

security solutions

Intuitive To Understand

Five top-level stages wrap dozens of MITRE ATT&CK’s tactics and hundreds of detailed techniques so security analysts can better mentally position alerts in the broader context of risk and attacks.

internet security

Delineates External vs. Internal Alerts

Alerts that represent activity via external actors vs. internal actors significantly affect prioritization. The XDR Kill Chain tags alerts accordingly to make it easy to understand context and generate Incidents more effectively.

Security software

Map Your Own Alert Types

User defined Automated Threat Hunting alerts can be mapped onto the XDR Kill Chain so that organization specific alerts can live alongside out-of-the-box Stellar Cyber alerts.

security analysis

Tagging

Stages, Tactics and Techniques are often not enough to make the most productive use of a kill chain. The XDR Kill Chain comes with robust tagging functionality built in so analysts can further organize alerts for prioritization.