Generative AI, Channel partners, Content

XDR Provider Stellar Cyber Announces Incident Correlation Technology


Stellar Cyber continues to share more details about the company's recent Open XDR 4.0 platform launch. The latest capability to note: The software features artificial intelligence-based incident correlation technology.

In a briefing with MSSP Alert, Stellar Cyber VP of Product Management Sam Jones noted:

  • The company views XDR as "Everything Detection and Response" rather than just "eXtended Detection and Response." The reason: Open XDR gathers and normalizes data from network, endpoint, cloud, identity and SaaS productivity applications, Jones asserts.
  • From there, the incident correlation technology uses GraphML algorithms to automatically group and consolidate security alerts and events into precise and actionable incidents, Stellar Cyber said.

Open XDR Incident Correlation Explained

Sam Jones, VP, Stellar Cyber
Sam Jones, VP of product management, Stellar Cyber

What's the net result? Traditional security analysts typically have to search for a needle in a haystack to (A) find incidents and then (B) prioritize response. But in the case of Open XDR, Jones asserts, the grouped/consolidated security alerts essentially shrink the haystack and enlarge the needle or needles that need immediate action.

In addition, the technology leverages automatic scoring to help security analysts prioritize incidents, Stellar Cyber noted. That way, the technology reduces the manual work and number of cases for security analysts and helps them minimize mean time to detection (MTTD) and mean time to resolution (MTTR), the company asserts.

Open XDR 4.0 also features an XDR Kill Chain model. which allows analysts to view a cyberattack's progression and the tactics and techniques utilized in the attack. Also, MSPs, MSSPs and managed detection and response (MDR) providers can leverage the model to explore ways to improve security team efficiency and make their cybersecurity protection, detection and response capabilities, the firm asserts.

Open XDR Partner Developments

Brian Stoner,

In addition to platform R&D (research and development), Stellar Cyber has been busy on the partner and customer fronts. Key moves include:

Cylance veteran Brian Stoner has been leading Stellar Cyber's partner push as VP of service providers.

Additional insights from Joe Panettieri.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.