Stellar Cyber Open XDR - logo
Search
Close this search box.
Stellar Cyber Open XDR - logo
Stellar Cyber Open XDR - logo

Stellar Cyber Product Update

Firewall Traffic Analysis
Back to School Edition

Kevin Wilson from our Product Management team is providing this month’s product update blog, detailing a few key features and enhancements designed to make the user experience better. Check it out below.

Well, it’s here.

Back to School season is officially upon us! No more Zoom pop-ins for help with a Mario level (Looking at my son) or the dreaded “I’m bored” being uttered. Now our kids get to go and finally learn something new, or perhaps again, since, let’s face it, which kid is doing math over summer break? In that spirit, we at Stellar Cyber find our platform returning to class to polish up on many items. Namely, Case Management and our Tables.

Let’s dive in and show you what we’ve learned at Stellar Cyber University!

 

Allow me to make a Case

With our introduction of Case Management to the Stellar platform, we finally can have our customers truly OWN their alert loads. With Cases replacing Incidents, customers never have to answer the dreaded “We had an incident?!” question to their internal and external customers. Whether you’re an MSSP managing tons of customers or an enterprise of 1, Case Management will assist you with understanding the pertinent information quicker and allow you to manage all the data. Let me show you what I’m talking about.

 

Case Summary

With the landing page Case Summary, you get all the important information faster and easier to understand. You can edit nearly everything to fit your organization, from the Title to the Severity. You know your environment, we give you the information, and you decide what you need to do with it.

 

Alerts Table

All associated alerts are available to see and quickly access. In our future phase, you’ll be able to take Bulk action on these including removing them from the case. No worries about the need to close them all individually. Once a Case is closed, the corresponding alerts are closed as well!

 

Show me who did this

Always a dreaded question. Something goes awry when making a change and you don’t know where to begin to fix it. Not to worry, our Case Activity tab keeps a running list of all activities made in the case from conception to close. No matter what, we have your back.

 

Case Activity is also where you find the spot for Analyst comment. While you’re working on a Case, you may have questions or need to pass off the investigation to another analyst. In those instances, it’s important to always leave a note.

 

Evidence is the cornerstone of any investigation. With our Evidence Locker, you can attach an item to bolster your case. Did some research? Drop in a hyperlink. Have a PDF? Go ahead. See that phishing attack? Attach the .eml file. We want you to make sure you have all you need for your Case.

 

Visualize…

Here is where you can get – a visualization of your Case. In the Analysis tab, you get a breakdown of what happened. You can toggle between Timeline and Observable views.

 

 

 

… and Attack

With the Response tab, you’ll be presented with automation options relevant to your case. From here you can take action on the case. We want to be able to answer the “What do I do now?” question as easily as possible. As we continue to mature Cases, we will add additional response actions.

 

 

Let’s talk about the Future.

So this is just the beginning of Case Management. We want this to be the place you live in your analyst home. The living room if you will. From here, we’ll be continuing to add new features like a ServiceNow integration to make ticketing less of a nightmare. We’ll also be adding additional SOAR capabilities, plain English, and Case Summaries, so you understand what we saw and why it’s bad faster, as well as deeper alerting granularity.

We’re so excited to be delivering this as our first major user experience overhaul and we can’t wait to show you all what our future has in store.

 

A Table(d) discussion

Now on to another major change to the Stellar Platform, which would be our Tables. We have listened to feedback from our customers, tweaked, tinkered, and iterated, and are now proud to introduce our new tables. What’s new about a table? Glad you asked!

We’ve made them easier to manipulate, navigate, set straight, filtrate, out the gate, numerate, for goodness sake. Sorry, had R.E.M stuck in my head for a second.

Anyway, our tables just work better. They are cleaner and easier to use, so you can know what you need to know and see what you need to see in a much more digestible way.

 

Takeaways

Case Management: Replacing Incidents in the platform. New items include the Evidence Locker, Summary Page, Case Activity tab, and Case Aware Responses. Tables: Cleaner, easier to use, a cure for a massive headache.

As our platform continues to grow and mature, we, too, continue to grow and mature. Much like our kids going back to school, we at Stellar Cyber are always looking forward to learning and growing alongside our customers. We want you to be equipped with the best tools and knowledge available to get your organization just one more step closer to winning the battle against threats. As always, feel free to email me with any questions or new ideas. We’re always excited to chat about what’s important to you. Until next time, happy hunting!

Scroll to Top