The industry’s most intelligent and scalable cybersecurity architecture
Stellar Cyber autonomously detects a broad range of threats in the entire cyber kill chain with high confidence through your entire environment. With Stellar Cyber, your dream of AI driven breach detection becomes reality. We do this on a big data platform with distributed security intelligence including Machine Learning.
Starlight - SOC Command Center
Starlight eliminates blind spots through its unique set of data collectors that include agent sensors, network sensors, security sensors and deception sensors. These sensors can be deployed as software, hardware appliances or virtual appliances and can be collected from any environment. The sensors collect packets, files & logs and transforms the data collected into a proprietary Interflow data set that is reduced and fused data.
Once data has been collected, reduced and given context, Starlight runs advanced machine learning algorithms on the new and improved data set in order to detect higher fidelity security events. With this methodology of getting the data set right before applying detection techniques, Starlight solves the age-old problem of garbage in, garbage out. Security Analysts benefit with this approach by chasing down less false alarms.
Starlight’s Interflow data is the foundation for security investigation and threat hunting. Because Interflow fuses contextual data into packet and log records, security analysts have a single record that can be looked at when trying to prove that a detection is accurate and actionable. When looking for evidence for security detections, analysts no longer have to mentally try and stitch together data from packets and logs make sense of things.
Starlight delivers a variety of response actions once security events have been detected. The system can generate email or slack alerts, send PDF reports, submit data to SOAR tools such as Demisto and Phantom Cyber and even manually or automatically instructing firewalls to take appropriate response actions such as blocking an IP address or redirecting a user to a captive portal for further authentication.
How Interflow Works
Starlight efficiently collects and processes network, server and application data from any environment. Our distributed intelligent data collectors process the data streams at the source, preserving and augmenting critical information while dramatically reducing the amount of data that needs to be delivered to the next level in the platform. Collectors deploy in any environment – on bare metal, native operating systems, VMs and containers.
Application identification, data reduction, correlation, and breach detection start at the source. Our big data processor then further enriches the data with context digested from many sources, such as threat intelligence, geo-location, domain name, user name, and event logs. During enrichment processing, breach detection is also performed and the results are immediately fed back to the system for other real-time detections.
Scalable Breach Detection
Our intelligent data collectors are purely software-based, with extremely low memory footprints and computing requirements. They can perform local detection of threat events, instantaneous layer 7 application identification with just one packet, as well as correlation locally. Our big data processor’s carefully-crafted intelligence identifies threats during data ingestion and post data storage by leveraging the right machine models. This provides unprecedented scale and enables deployments in anything from autonomous machines to global public clouds.
High Fidelity Alerts
Stellar Cyber PBDS uses AI and machine learning to cut through the noise and deliver only high-quality, high-confidence, actionable alerts. Using Multi-Level Machine-Learning (ML-ML), the system applies cascaded threat models to the rich data from collectors and intelligence feeds. The system is self learning, boosting the productivity and efficiency of security analysts in both real-time breach detection and historical forensic analysis.
Fastest Time To Detect
The industry average to detect a major cyber breach is about 200 days and carries an average cost of $6 million dollars to identify a breach. According to industry reports, it has been found that 53% of the breaches were discovered by an external source. Stellar Cyber has developed unique data collection techniques and artificial intelligence reduces the time to detect a breach from months to minutes which ultimately reduces the cost to identify a breach from millions of dollars to hundreds of dollars in human costs.