As the  cybersecurity  threat landscape is evolving so is the way we need to look at those  threats .  The drumbeat of new breaches is continuous. If you read the news, you would be led to believe that there is only one major tactic the attackers leverage in an  INCIDENT  against their targets. That is simply not the case, and we need a new way to describe and track these events. The term  ALERT  and  EVENT  need to be clearly defined. Today SOC teams use many different technologies to  detect threats .  Many large customers have 30 or more  security technologies  in their defense in depth architecture.  Every one of those technologies generate their own specific ALERTS.  It is the job of the  SOC analyst  to review these individual alerts and correlate and combine them into  EVENTS .  It takes an experienced analyst to write rules to connect the different  ALERTS  they are seei...

Challenges Most IT organizations have deployed multiple traditional  security products  and services from multiple vendors—yet they remain vulnerable Enterprises are seeking to optimize their existing investments in critical WAF infrastructure in ways that further reduce risk, increase productivity, and accelerate response times Enterprises prioritize limited security budget only for known security vulnerabilities, thereby creating potential blind spots by not adequately addressing new or previously unknown threats Key Benefits Comprehensive:  A  single open security platform  for 360-degree visibility, high-fidelity detection, and fast remediation across hybrid environments (on-premises, multi-cloud, mobile, edge, etc.) Fast:  Integrated F5 WAF engine is accessible to a single team via a “ single pane of glass ” for faster response time and no more “falling through the cracks” Future-proof:  The Stellar Cyber AI-engine delivers advanced analytics and ...

In every SOC environment, there are two key metrics that demonstrate efficiency and effectiveness:  Mean Time to   Detection   (MTTD)  and  Mean Time to Remediation (MTTR) .  The risk and exposure from any cyber threat can be reduced significantly by improving these metrics.  Stellar Cyber recently completed a study with its MSP and  MSSP  partners, to determine how much our  Open XDR platform  improves these two metrics.  MTTD  – Partners reported that  Machine Learning (ML)  in our platform delivers an 8X reduction in detection times.  Most notably, they reported that the machine learning in  Open XDR  cuts across multiple threat vectors to provide a clear, concise, correlated event.   SOC  analysts using  SIEMs spend a significant amount of time determining whether alerts are false positives, and whether individual alerts are related to others – since they must manually corre...

The   cyber threats   are going sideways . Here I’m not talking about  Sideways *,* the 2004 movie starring  Paul Giamatti  and  Thomas Hayden Church  that made Pinot Noir famous while the pair traveled through Santa Barbara County wine country in seven days. Rather, I’m talking about cyberattacks that work through lateral movement through your network infrastructure. No one wants to get famous because of  cyberattacks  which can travel inside your network in tens or even hundreds of days without being noticed. Let me give you an example how a  cyberattack  can move laterally inside your network. A registered user logs into a server at an anomalous time, say 3AM. Not a big deal by itself because the login was successful. The user’s IP address indicates that the login came from outside of United States. That’s a fairly big deal because you know the user lives in Santa Barbara, California and doesn’t travel much. But still, the login ...