Data Pre-Processor forLegacy SIEMs
Security information and event management (SIEM) systems are used to collect and store security events, mainly logs, in a centralized platform. After the events are aggregated, central analysis, reporting and attack detection can be conducted. However, since these products are usually targeted at large organizations with ample staffing and resources, they are complex to setup and expensive to maintain.
With Starlight for SIEM, you can gain more visibility and utility out of SIEM investments, while dramatically reducing your cost. Stellar Cyber’s high performance metadata extraction enriches data with additional context from a wide variety of sources while dramatically reducing data volume. Deploy Stellar Cyber in front of your SIEM infrastructure as a processor and enhancer to supercharge your data and conserve your SIEM resources.
- Distributed, intelligent Stellar Cyber agents capture server processes, command executions, application logs, network traffic, as well as user information
- Extract network traffic metadata up to Layer 7 for over 3,000 applications.
- Local data correlation
- Starlight Big Data Processor can enrich data further with threat intelligence, GEO-location, user name, and domain name, among others
- Real time breach detection conducted by both agents and Big Data processor
- Transport pre-processed, enriched data to Elasticsearch in lightweight JSON
- Centralized management and control
- Rapid deployment of agents