Stellar Cyber’s Open XDR provides a single unified view,
automatically and constantly discovering new assets, identifying their behavior and risk
Comprehensive Inventory
Dynamically discover assets across networks, endpoints and cloud environments
Discover assets from a variety of sources, i.e., sensors, agents, logs, host information
Identify assets with either host names, MAC addresses or IP addresses
Discover and provide asset/user relationships
Prioritize assets by assigning values to them
Categorize assets in various ways including type, vendor, location, tag, authorization, etc.
Tags each asset with any label
Entity Analytics
Assigns a risk score based on observed security events and asset risk profile
Provides a centralized risk-level view of all assets
Correlates asset information with user, threat, location and vulnerability data
Provides a kill chain view of security events for each asset
Offers a panoramic view of lateral movement of attacks around an asset across security infrastructure
Enables flexible searching or filtering of assets in various ways such as CVEs
Tags each security event with asset ID
Starlight – Open XDR Security Platfor
Reveal Hidden Attacks On Premises, Edge and Cloud
Key Features
Advanced Asset Management
EBA automatically and continually discovers and inventories all assets across networks, clients and cloud environments by collecting information from many different sources such as network traffic, logs, endpoint agents, vulnerability scan results, etc. It provides a unified view of all assets by host name, user, location, device type, manufacturer and many more identifiers. It allows the user to prioritize assets by assigning value to assets, and to group assets by assigning tags. It identifies and alerts analysts to unauthorized assets in a network.
Auto Correlation and Risk Profiling
EBA automatically correlates asset information with other information such as user information, location, threat intelligence, vulnerability/CVEs. Each security event is automatically associated with its asset information. With rich context around an asset and all of its related security events, EBA provides a centralized view of risk levels of all assets with a proper risk score assigned to each asset.
Fast Investigation and Easy Threat Hunting
Assets sorted by risk scores can help security analysts focus on the most critical and high-risk assets. Cyber kill chain view helps analysts focus on the most important security infrastructure events of an asset. Panoramic view automatically draws the time line of attack events associated with an asset along the cyber kill chain while visualizing the lateral movements of attacks among assets. Powerful Google-like search can quickly nail down the security event. The rich context of the assets allows the asset under investigation to be quickly identified and located.
