Stellar Cyber Delivers Intelligence to SIEMs
Stellar Cyber is a known technology company which focuses on providing its clients with services helps to properly operate their businesses. The organization is the maker of Starlight, the world’s first open detection/response (Open-XDR) platform which connects the dots throughout the entire security infrastructure and automatically responds to attacks wherever they occur. Starlight ingests data from any data source and integrates dozens of security applications from an App Store and presents results in an intuitive dashboard to supercharge analyst productivity by slashing attack response times to seconds or minutes. Starlight deploys easily on premises, at the edge or in public clouds, and is delivering comprehensive security for enterprises and managed security service providers.
As such, the company’s recent announcement of adding a new “Data Streaming” Application to its Starlight platform is a huge breakthrough in the industry as it will help to cut down the cost of using an existing SIEM through reducing and optimizing the data fed to it, and ensuring that only high-fidelity, actionable events reach the SIEM instead of oceans of data.
By itself, a SIEM is a passive (and massive) repository of log information that must be laboriously queried to identify threats,” said Ilker Simsir, Principal Product Manager at Stellar Cyber. “Our Data Streaming App reduces the volume of data in a SIEM by feeding it only actionable, high-fidelity events so analysts can be much more productive with their queries.”
The Silicon Valley company has an “Interflow” technology that controls data by reducing, enriching and correlating original data including security information such as Threat Intelligence, location information such as Geo location, user name, hostname, domain names, or machine learning results like DGA, port-scan, etc. Therefore the new Starlight’s automated detection and response mechanisms helps to improve the value of a SIEM while also reducing its cost, since the cost is typically based on data volume.
