Teknolohiya

AI Engine

Battle Tested, Purpose-built, AI

Go beyond alerts – detect and respond to Incidents. Industry leading Machine Learning (ML) algorithms detect threats in the enterprise. Stellar Cyber’s AI engine is like a team of world class security experts working around the clock at massive scale to make your team faster and more effective.

AI That Naghahatid ng Mga Resulta

The output of Stellar Cyber’s AI Engine can be simplified down to generating two types of data
for security teams: alertoat pangyayari. Together,alerts and incidents provide the depth and holistic
view teams need to make rapid decisions

Mga Alerto sa Nobela

Alerts are instances of specific suspicious or high risk behavior and are the building blocks of Incidents. Stellar Cyber ships with 200+ Alert Types out of the box; no configuration required. Alert Types are mapped to the XDR Patayin ang Chain, upang paganahin ang prioritization at ugnayan. Ang mga Indibidwal na Alerto ay nakabuo, nababasa ng tao na paglalarawan sa kung ano ang nangyari, at inirekomenda ang pag-aayos para sa mabilis na tugon.
Example alert types include:
  • Anternal na Pag-uugali ng Panlabas na Scanner
  • Panloob na RDP Brute Force Attack
  • Panloob na SMB Username Enumeration

Awtomatikong Nauugnay na mga Insidente

Ang mga insidente ay mga ugnayan na hanay ng mga Alerto at iba pang sumusuportang data kabilang ang mga signal, assets, gumagamit at proseso. Ang mga insidente ay kumakatawan sa isang buong pag-atake o pagkakasunud-sunod ng mga pagkilos na mataas ang peligro. Sa real time, habang nabubuo ang mga bagong Alerto, ang mga Alerto ay nakatalaga sa mga nauugnay na Insidente upang ang mga pag-atake ay maaaring makita at tumugon bago makumpleto. Ang mga insidente sa Stellar Cyber ​​ay nababagabag, nangangahulugang maaari silang mai-update, at hindi limitado sa anumang tiyak na window ng oras upang maaari silang makakuha ng mga kumplikadong pag-atake.
Real-world incidents detected in Stellar Cyber:
  • Pag-atake ng Darkside Ransomware
  • Pag-atake ng Sunburst

How Stellar Cyber’s AI Engine Works

Pangunahing tampok

tama

Alert Fatigue is a serious problem. Not every anomaly is
a security incident. Mga analista sa seguridad should stop sifting through
countless anomalies and focus on the real threats. Core to
Buksan ang XDR, Stellar Cyber’s AI Engine leverages
state-of-the-art machine learning algorithms to implement
the best accuracy for detection. It analyzes time series and
peer groups with unsupervised learning, performs complex
behavior analysis through modeling relationships with Graph
ML, and generalizes known attack patterns with supervised
learning. It also correlates and builds context with advanced
Graph ML, so that we can present the high priority attacks with
rich context.

Real Time

It may take minutes for hackers to infiltrate your system and
steal valuable information. You need virtual security experts to
continuously work around the clock and detect threats in real
time. Stellar Cyber’s AI Engine performs ML inference in real
time and provides detailed reasons for its output.

Unified

Ang aming solong advanced na AI Engine ay kapangyarihan Stellar Cyber's Pagbubukas
XDR
technology and works on various data sources after
normalization regardless of data types such as logs or
network traffic. When a new data source is ingested, all
existing detections will be directly applied. For example, our
machine learning can perform user behavior analysis based
on behavior data from different data sources. Machine
learning inference is natively embedded in our data
processing pipeline without the need to send data outside.

Agpang

Stellar Cyber goes wherever you need it to go – on-premise,
in the cloud or hybrid. Multi-tenancy is built in from the
beginning to ensure flexible, secure operations for any
organization. Multi-site allows data to stay resident in its own
region to be compliant and scalable in complex operating
mga kapaligiran.

Naipaliliwanag At Maisasagawa

The ultimate goal for detection is to take action to stop attacks
and to keep your environment safe. Action-taking is a serious
desisyon; security analista need to fully understand the situation
in order to make an informed decision regarding what is the
best action to take. With the latest explainable AI, instead of
being a black box, the AI Engine provides human-friendly
evidence and easy-to-digest-details from ML models to ease
decision-making. With that, security analista maaari madali
understand the reasons and evidence for any detection in order
to block an attack with high confidence without mistakenly
interrupting protected users or applications.