XDR Provider Stellar Cyber Announces Incident Correlation Technology
Stellar Cyber continues to share more details about the company’s recent Open XDR 4.0 platform launch. The latest capability to note: The software features artificial intelligence-based incident correlation technology.
In a briefing with MSSP Alert, Stellar Cyber VP of Product Management Sam Jones noted:
- The company views XDR as “Everything Detection and Response” rather than just “eXtended Detection and Response.” The reason: Open XDR gathers and normalizes data from network, endpoint, cloud, identity and SaaS productivity applications, Jones asserts.
- From there, the incident correlation technology uses GraphML algorithms to automatically group and consolidate security alerts and events into precise and actionable incidents, Stellar Cyber said.
Open XDR Incident Correlation Explained
What’s the net result? Traditional security analysts typically have to search for a needle in a haystack to (A) find incidents and then (B) prioritize response. But in the case of Open XDR, Jones asserts, the grouped/consolidated security alerts essentially shrink the haystack and enlarge the needle or needles that need immediate action.
In addition, the technology leverages automatic scoring to help security analysts prioritize incidents, Stellar Cyber noted. That way, the technology reduces the manual work and number of cases for security analysts and helps them minimize mean time to detection (MTTD) and mean time to resolution (MTTR), the company asserts.
Open XDR 4.0 also features an XDR Kill Chain model. which allows analysts to view a cyberattack’s progression and the tactics and techniques utilized in the attack. Also, MSPs, MSSPs and managed detection and response (MDR) providers can leverage the model to explore ways to improve security team efficiency and make their cybersecurity protection, detection and response capabilities, the firm asserts.
Open XDR Partner Developments
In addition to platform R&D (research and development), Stellar Cyber has been busy on the partner and customer fronts. Key moves include:
- Partners and customers: Key partners and adopters include Germany-based data intelligence company LOEPRE and Barracuda — the cybersecurity company backed by Thoma Bravo. Also, Ingram Micro in June 2021 agreed distribute Open XDR to its partners.
- MSP and MSSP Capabilities: Stellar Cyber also has added centralized management and threat intelligence capabilities to Open XDR in the first half of 2021 to help MSPs and MSSPs get the most value out of its platform.
Cylance veteran Brian Stoner has been leading Stellar Cyber’s partner push as VP of service providers.
Additional insights from Joe Panettieri.