Stellar Cyber has a number of features that collect data, take response through
source tools and send data to other systems.
Log forwarders collect, aggregate, and parse logs from hundreds of existing IT and security tools such as ﬁrewalls, IAMs, WAFs, EDRs, etc. In addition, they support various formats, including standard log format, CEF format, etc. Finally, adding new log parsers will not interrupt your existing services.
Connectors collect, aggregate, and parse data from the tool through their APIs. Connectors ensure visibility into Software-as-a-Service applications, service provider environments, or any tool with an API. They also help consolidate data such as asset information from your EDR and other asset-based systems.
Although Stellar Cyber has a built-in Threat Intelligence Platform, customers can import their favorite threat intelligence feeds through STIX-TAXII.
The built-in Automated Response capability of Stellar Cyber allows security analysts to take direct actions in the platform without switching to another product.
The Data Sink feature allows Stellar Cyber to seamlessly integrate with other data infrastructures, including object storage for compliance or SIEM for maintaining existing investments. It can stream raw data with fused context, AI-generated Alerts, Incidents, or both to any location.
The Stellar Cyber Open XDR Platform provides a rich set of restful APIs to allow access to the data stored in the Data Lake. These APIs enable integration with third-party SOAR products such as Phantom, Cortex SOAR, Swimlane, and Siemplify (now part of Google).