With the pandemic and the stay-at-home orders that came with it, hackers started increasingly attempting to exploit the situation and damage businesses that operate remotely. When it comes to enterprises, it is common to cut corners in terms of  cybersecurity  as not many are aware of the consequences. In reality, there are various  cyber threats , such as ransomware and phishing attacks, that can severely impact a business. Some of the outcomes include a ruined reputation or major loss of money. That is why various threat prevention measures , such as  open detection and response (Open-XDR)  security platforms, exist. For this reason, to discuss  cybersecurity  and  cyberattack prevention , we had a talk with Changming Liu, the CEO and Co-Founder of  Stellar Cyber , a company that offers a security platform created to identify and remove  threats . Tell us a little bit about your history. How did Stellar Cyber originate? Stellar Cyber ...

For security vendors and those in the   XDR market specifically , there is an architectural axis of build vs. integrate. On one end, you have   “Build / Acquire Everything”   – vendors that are vertically integrated and want to be an enterprise’s entire   security stack . On the other end, you have   “Integrate with Everything”   – vendors that build a single component or API meant to be pieced into a larger architecture. There are pros and cons for both approaches. The “Build / Acquire Everything” camp can tightly wire all components together to create a cohesive   security experience , but they do so at the expense of being focused and likely won’t be best-of-breed. The “Integrate with Everything” camp revels in their afforded focus and can build a fantastic product with minimal scope, but require a certain buyer to layer them into their broader security portfolio. At  Stellar Cyber , we take the approach of being somewhere in the middle of this...

  In  detection and response , bidirectional integrations between  security products , let alone unidirectional integrations, are not enough. There needs to be true cohesion amongst the entire security stack; otherwise,  security operators  are left with piles of data and endless API endpoints to figure out how to wire together. This is more important with  Endpoint Detection & Response (EDR)  products than with any other component of the enterprise security stack. For example, you might be forwarding all events and alerts from your  EDR  to your  Security Information and Event Management (SIEM) , and within your  Security Orchestration and Response (SOAR)  you have several playbooks deployed to take automatic actions back through your EDR. This is worlds better than where detection and response was 10 years ago, but today it is not enough.  To demonstrate it is not enough, consider these three operational questions. F...