TECHNOLOGY
XDR Kill Chain™
See everything, detect everything
The XDR Kill Chain is a fully compatible MITRE ATT&CK framework kill chain that is designed to characterize every aspect of modern attacks while remaining intuitive to understand. All Stellar Cyber Alert Types are aligned to the XDR Kill Chain out of the box, so you can start detecting full attack progressions, immediately.
XDR Kill Chain Design
Older kill chains like the Lockheed Martin Cyber Kill Chain are outdated, but newer frameworks like MITRE ATT&CK, while powerful, do not fully characterize attacks in a way that an XDR platform requires. The XDR Kill Chain solves these problems and is purpose-built for XDR.
XDR Malware
Covers all malware-related detections
XDR Network Behavior Analytics (NBA)
Covers network anomaly detections
XDR Intel
Covers all threat intelligence-related detections
XDR Endpoint Behavior Analytics (EBA)
Covers all host-based anomaly detections
XDR User Behavior Analytics (UBA)
Covers user anomaly detections
XDR Sensor Behavior Analytics (SBA)
Covers injection anomaly detections
on the operational side
Key Features
Stellar Cyber has a number of features that collect data, take
response through source tools and send data to other systems.
Intuitive To Understand
Five top level stages wrap Tactics and Techniques so security analysts can better mentally position alerts in the broader context of risk and attacks.
Delineates External vs. Internal Alerts
Alerts that represent activity via external actors vs. internal actors significantly affect prioritization. The XDR Kill Chain tags alerts accordingly to make it easy to understand context and generate Incidents more effectively.
Map Your Own Alert Types
User defined Automated Threat Hunting alerts can be mapped onto the XDR Kill Chain so that organization specific alerts can live alongside out-of-the-box Stellar Cyber alerts.
