Part I: Demystifying Cyber Health and Cyber Threat Hunting Watch Video JEFF:  Welcome to Cloud Expo, can you please help explain what cyber threat hunting is? SNEHAL:  Jeff, thanks for hosting us. First let’s talk to what a  cyber threat  is -– someone is trying to take your data by breaking into your critical digital systems.  Let me describe three types: A threat can be an IP address from a hacker country, and that traffic is a sign of a breach. A threat can be someone breaking into your email systems and stealing identities, now they can gain more access to other systems. A threat can be someone that removes data from critical servers—and now you have a ransomware issue. JEFF:  So are you saying that cyber  threat hunting  is a practice of seeing a very complex attack and stopping it before real damage is done? SNEHAL:  correct Jeff, and threat hunting needs more than  SIEM  logs. You need  network traffic, behavior a...

Extending   managed detection   and response across your customers entire attack surface with one comprehensive platform MSPs  and  MSSPs  represent a fast-growing segment of  Stellar Cyber’s  customer base. We see organizations large and small moving to managed  security services , so today you’re a key route to market. The Stellar Cyber platform has been built from the ground up to support MSSPs. With most manufacturers, they start with an enterprise product and try to retrofit things like a  Multi-Tenant  console and RBAC.  Not  Stellar Cyber ; these features were built into the platform from the beginning and we continue to improve them every release. So what makes Stellar Cyber unique in this new space everyone is calling  XDR (extended detection and response)? Open extended detection and response (Open XDR)  is the key to the  Stellar Cyber  Platform, helping you drive new services quickly and easily. ...

  On December 13 2020, multiple vendors such as  FireEye  and  Microsoft  reported emerging threats from a nation-state threat actor who compromised SolarWinds, and trojanized SolarWinds Orion business software updates in order to distribute backdoor malware called SUNBURST. Because of the popularity of  SolarWinds , the attacks have affected multiple government agencies and many Fortune 500 companies. It also appeared in the recent  CISA Emergency Directive 20-01 .  We analyzed decoded DGA domains from SUNBURST and found 165 unique domains that were affected by the backdoor malware. Some of them might be victims, and some of them might relate to  security detection  or analysis such as sandboxing. We found the affected domains span across different types of organizations (including information technology, public administration, education, and finance and insurance etc.) and belong to 25 different countries (spanning to all the continent...

  Changming Liu, CEO and Co-Founder of Stellar Cyber, did us the honor of sitting down for an interview with Aviva Zacks of Safety Detectives. He told her how his company is riding the XDR wave. Safety Detectives: What motivated you to start Stellar Cyber? Changming Liu:  I co-founded  Stellar Cyber  in 2015 with our VP of Engineering in Silicon Valley. We had been working in networking and  cybersecurity  for many years. We worked for companies like Netscreen and Cisco. We knew that prevention technologies like firewalls could not prevent all attacks, especially when the attack surface has changed a lot as more workloads are moving to cloud and SaaS applications like O365 are becoming more and more popular.  Breaches happen almost daily despite almost every enterprise having firewalls in place. And what’s even more clear from the recent SolarWinds attacks, it’s not about perimeters anymore—firewalls are a small part of our total  security solutio...