MDR-as-a-Service

Starlight’s built-in multi-tenancy means you don’t have to pay extra or spend months integrating a multi-tenancy option like you do with other products. It has very flexible and scalable deployment options for customers of all sizes. You can quickly create templates to on-board new customers with ease, pay for more resources as you go, and manage hundreds of customers. It can be started with a single physical or virtual server and scales to a cluster of multiple nodes as needed.

Better Fidelity, Better Productivity
Starlight uses advanced detection without signatures through machine learning and classic intrusion detection with signatures coupled with machine learning (for example, ML-assisted IDS) to present security analysts with high-fidelity alerts. This dramatically reduces false positives, allowing analysts to focus on critical alerts. Interflow’s contextual information can reduce the detection time and threat hunting by an order of magnitude, making analysts more productive.

Starlight comes with multiple essential security applications that let your analysts quickly hunt down and kill threats whether they reside in the physical network, cloud, containers, or endpoints. It centralizes and simplifies threat detection, incident investigation and response and compliance management. Starlight achieves this by integrating NTA, advanced intrusion detection with machine learning, advanced persistant threat (APT), phishing, asset management, UBA, SIEM, automated threat hunting, compliance management etc., in one shared data platform. This approach unifies the view of your customers’ security profiles across the cyber kill chain in a single pane of glass and takes either manual or automatic actions within the same platform in response to the threats. It eases training needs for multiple tools as a result security analysts’ramp up quickly. Starlight makes compliance easy with pre-canned compliance pre-built reports for PCI, CIS, HIPAA and many custom reports while allowing for customized reports.

Open and Extensible Ecosystem
As an Open-XDR platform, Starlight supports an ever-growing ecosystem of third-party security applications including firewalls from Palo Alto Networks, Check Point, Fortinet and Sophos; EDRs from Crowd strike and Carbon Black, and vulnerability scanning tools like Tenable, etc. Starlight has built-in, direct responses by disabling attacking IPs or affected users, and it an take actions through integration with SOAR tools like Photon Cyber or Demisto.

You can quickly ramp up your customers with a single multi-functional sensor (i.e., SOC-in-a-box) instead of using multiple devices with multiple tools. The sensor can be deployed easily, flexibly and cost effectively on customers’ environments or their tentant. Starlight offers a family of sensors and agents in order to support heterogenous environments: physical, virtual (VMware, KVM, Hyper-V), public cloud (AWS, Azure, GCP), containers, and end points (Windows and Linux). Heterogenous environments are common among MSPs as each customer is different.