Multi-Layer AI - SecOps Platform
Single platform with NG-SIEM, NDR and Open XDR incorporating Multi-Layer AI to detect, correlate, and respond to threats fast.
Detection AI
Hard-to-find sources of known bad are identified using supervised machine learning detection. Stellar Cyber’s security research team develops models based on publically available or internally generated datasets and continuously monitors model performance across the fleet.
Unknown and zero-day threats are uncovered using unsupervised machine learning techniques. These models look for anomalous behavior indicative of a threat. These models baseline over several weeks on a per-customer/per-tenant basis.
Correlation AI
Correlation across detections and other data signals occurs through a Graph ML based AI that aids analysts by automatically assembling related data points. The AI determines connection strength between discrete events that can be sourced from any data source, based on property, temporal, and behavioral similarities. This AI is trained on real world data generated by Stellar Cyber and is continuously improved with its operational exposure.
Copilot AI
AI Investigator, speeds complex threat analysis by providing instant responses to analysts’ questions, further reducing the number of analyst decisions to 10-100/day and cutting threat response times by up to 400%. For example, an analyst can ask, “Show all the incidents where data was exported between 12-9AM,” or “Which emails went to domains in Russia?”
Hyper Automation AI
Users have complete customizability over the context, conditions, and output of playbooks. Playbooks can be deployed globally or on a per tenant basis. Use any out-of-the box playbook for a standard response, or create a custom playbook for taking action back into an EDR, calling a web-hook, or simply sending an email.