With Stellar Cyber’s Open XDR, No EDR is an Island
Stellar Cyber’s Open XDR platform is about giving customers a choice in security tools, and this extends to EDR systems as well as NGFW, vulnerability management, identity management, SOAR and other solutions. EDR has been in the news lately because some EDR vendors have acquired log management companies to flesh out a solution for the security operations center. In fact, some XDR products in the market are based on EDR, and their vendors are grafting on the acquisitions to fill out an XDR solution by bundling different products together.
Stellar Cyber is different. Our Open XDR platform is built from ground up as an open platform. We enhance the tools you’re already using by ingesting their data, normalizing and correlating that data, alerting you to detected attacks, and responding through the trusted security tools you’ve already deployed.
How does this work with EDR systems? Here’s an example.
You have an EDR (Endpoint detection and response) solution in place along with Stellar Cyber and the two of them are tightly integrated through two-way communications. And one day one of your laptop users experiences a breach and your EDR solution detects it. Our Open XDR platform has already ingested and normalized the security events from the EDR solution. We then alert you to the attack through our console and, through integration with your EDR, we quarantine the laptop so the breach can’t spread into your network. All of this work happens through our award-winning dashboard, so the only time you need to check your EDR’s console is if you want to dive deeper into the specific characteristics of the breach.
We perform essentially the same operations with your other standalone systems, enhancing them with advanced data analysis, correlation and automated responses. For example, our sensors run on either Linux and Windows servers and in the cloud to capture data from these places, and we use data from many sources – your servers, endpoints (through EDR), applications and cloud – to correlate them so that complex attacks can be found and responded to quickly. In addition, the endpoint data and server data (among many other data sources) feed our asset management system. Asset management is critical in responding to attacks, as all vulnerable or affected assets need to be identified quickly.
EDR-based XDR solutions are particularly challenging for MSSPs because their customers may use different EDR tools as well as other different security tools, and some MSSPs bill by the number of assets being supported. But remember, we have over 300 integrations with popular security tools, and we likely already support the ones MSSP customers are using. With EDR in particular, we currently support CrowdStrike, Carbon Black, Cylance, SentinelOne, Microsoft Defender, Cisco AMP, Palo Alto Prisma, and SonicWall Capture Client, and the list keeps growing as new integrations are added constantly.
So with our Open XDR platform, your EDR is not an island. We make your EDR better with automated detection, correlation and response so you can leverage the tools you trust and retain your investments. And if you’re an MSSP, you can relax, because Stellar Cyber works with all of the most popular EDR solutions on the market. As with SIEMs and other standalone tools, we have you covered with the most comprehensive security blanket you can buy.