CAPABILITIES

Threat Intelligence

Built-in Enrichment, Fully Customizable

Native to Stellar Cyber and working out-of-the-box for free, the Threat Intelligence Platform automatically aggregates multiple threat intelligence feeds and distributes them in near real-time aggregations to all deployments where data is enriched and threats are detected. Bring your own feeds to customize for your mission.
Automated threat hunting

How it Works?

Stellar Cyber’s cloud based Threat Intelligence Platform (TIP) aggregates multiple commercial, open-source and government threat intelligence feeds together in near real-time. The aggregated results are then distributed to every deployment of Stellar Cyber, on-premise or in the cloud. Each deployment uses the latest threat intelligence to enrich data as it is ingested for the most efficient and effective detection and response.
The Threat Intelligence Platform is a key part of the enrichment backbone for creating Interflow – Stellar Cyber’s normalized and enriched data model.

Key Features

EDR Software

Multiple Feeds Included

Stellar Cyber’s TIP automatically aggregates multiple commercial, open-source and government threat intelligence feeds together with the ones from Stellar Cyber security research or those shared amongst deployments. Example included feeds are Proofpoint, DHS, OTX, Openphish and PhishBank. Feeds are prioritized based on security research so security data is only enriched once after threat intelligence aggregation.
Automated threat hunting

Bring Your Own Feed

If Stellar Cyber does not have certain threat intelligence critical for your mission, you can integrate additional feeds directly into the platform with standards like STIX/TAXII. The added threat intelligence is contained to your deployment only.
Open XDR security services

Near Real-Time

The latest threat intelligence updates from all sources are automatically and constantly distributed to all Stellar Cyber deployments.
SIEM tools

Free

All included threat intelligence feeds and the Threat
Intelligence Platform
itself are provided at no additional cost.
Automated threat hunting

Automatic

The Threat Intelligence Platform is always working in the
background without any administrative overhead. It
continuously collects, aggregates, prioritizes, distributes feeds
and enriches data with them.