Stellar Cyber’s patented Interflow™ streamlines anomaly detection and investigation by creating context among events.
Interflow is a technology that was designed by Stellar Cyber engineers to capture network packets, files and server logs in an effort to output a dataset to other tools that is 100 times richer than Netflow (too little), 100 times smaller than PCAP (too big) and fused with context, (just right) such as geo location, IP reputation and user information.
Interflow normalizes security data shared between integrated applications and third-party applications, driving single-pane-of-glass visibility and control across security toolsets.
Starlight efficiently collects and processes network, server and application data from any environment. Our distributed intelligent data collectors process the data streams at the source, preserving and augmenting critical information while dramatically reducing the amount of data that needs to be delivered to the next level in the platform. Collectors deploy in any environment – on bare metal, native operating systems, VMs and containers.
Application identification, data reduction, correlation, and breach detection start at the source. Our big data processor then further enriches the data with context digested from many sources, such as threat intelligence, geo-location, domain name, user name, and event logs. During enrichment processing, breach detection is also performed and the results are immediately fed back to the system for other real-time detections.
Scalable Breach Detection
Our intelligent data collectors are purely software-based, with extremely low memory footprints and computing requirements. They can perform local detection of threat events, instantaneous layer 7 application identification with just one packet, as well as correlation locally. Our big data processor’s carefully-crafted intelligence identifies threats during data ingestion and post data storage by leveraging the right machine models. This provides unprecedented scale and enables deployments in anything from autonomous machines to global public clouds.
High Fidelity Alerts
Stellar Cyber data processor uses automation to cut through the noise and deliver only high-quality, high-confidence, actionable alerts. Using Multi-Level Machine-Learning (ML-ML), the system applies cascaded threat models to the rich data from collectors and intelligence feeds. The system is self learning, boosting the productivity and efficiency of security analysts in both real-time breach detection and historical forensic analysis.
Fastest Time To Detect
The industry average to detect a major cyber breach is about 200 days and carries an average cost of $6 million dollars to identify a breach. According to industry reports, it has been found that 53% of the breaches were discovered by an external source. Stellar Cyber has developed unique data collection techniques and automation reduces the time to detect a breach from months to minutes which ultimately reduces the cost to identify a breach from millions of dollars to hundreds of dollars in human costs.