Stellar Cyber
Multi-Layer AI™

The driving force behind the Stellar Cyber SecOps Platform's ability to
deliver security analyst efficiency and effectiveness gains.

One Unified Platform: Intelligent Use of AI/ML from Detection Through Response

Detection AI

Traditional ML and Deep Learning models designed to eliminate reliance on rules and manual threat detection methods.

Correlation AI

GraphML connecting seemingly unrelated alerts and events automatically surfacing attacks undetectable to the human eye.

Copilot AI

Conversational GenAI acting as a virtual investigation assistant, taking the complexity out of completing investigations.

Hyperautomation

The continued evolution of SOAR technology, incorporating advancements in AI to slash the response times.

Detection AI

Hard-to-find sources of known bad are identified using supervised machine learning detection. Stellar Cyber’s security research team develops models based on publicly available or internally generated datasets and continuously monitors model performance across the fleet.


Unknown and zero-day threats are uncovered using unsupervised machine learning techniques. These models look for anomalous behavior indicative of a threat. These models baseline over several weeks on a per-customer/per-tenant basis.

Correlation AI

Correlation across detections and other data signals occurs through a GraphML-based AI that aids analysts by automatically assembling related data points. The AI determines connection strength between discrete events that can be sourced from any data source, based on property, temporal, and behavioral similarities. This AI is trained on real-world data generated by Stellar Cyber and is continuously improved with its operational exposure.

Copilot AI

AI Investigator speeds complex threat analysis by providing instant responses to analysts’ questions, further reducing the number of analyst decisions to 10-100/day and cutting threat response times by up to 400%. For example, an analyst can ask, “Show all the incidents where data was exported between 12-9AM,” or “Which emails went to domains in Russia?”

Hyperautomation

Users have complete customizability over the context, conditions, and output of playbooks. Playbooks can be deployed globally or on a per-tenant basis. Use any out-of-the box playbook for a standard response, or create a custom playbook for taking action back into an EDR, calling a webhook, or simply sending an email.

Explore Our Easy-to-Use Platform

Data Onboarding and Management Made Easy

Ensuring you have the data you need to identify threats is the first step in any successful security program. See how we make it easy.

Working with
Alerts & Cases

Investigating alerts manually is no longer feasible. See how Stellar Cyber makes working with Alerts and Cases faster than ever before.

Automated Threat Hunting
and Response

The threats you don't see are the ones that can hurt you the most. See how Stellar Cyber automates threat hunting and response.

Scroll to Top