“ Extended detection and response   is a platform that integrates, correlates and contextualizes data and alerts from multiple security prevention, detection and response components.   XDR   is a cloud-delivered technology comprising multiple point solutions and advanced analytics to correlate alerts from multiple sources into incidents from weaker individual signals to create more accurate detections. It aims to reduce product sprawl, alert fatigue, integration challenges and operational expense, and will appeal in particular to security operations teams that have difficulty managing a best-of-breed solutions portfolio or getting value from a SIEM or SOAR solution.” (Gartner) Gartner also says that by the end of 2023, at least 30% of  EDR  and  SIEM  providers will claim to provide XDR, despite them lacking core XDR functionality. This is completely true. In fact,  Crowdstrike, SentinalOne, CyberReason  and others have classified their endpo...

  As we are on the doorstep of the dog days of summer, where kids on summer break are soaking up the sun, the  Stellar Cyber  team is hard at work cranking out new features and capabilities aimed at helping customers continue to improve their ability to simplify security operations. While we have some cool new features planned for release later this summer, I thought I’d recap what we have recently added to the  Stellar Cyber   Open XDR Platform . Rules can be your friend. In Security, when the top of correlation rules comes up, many people flash back to painstakingly importing rules into their  security products , hoping the fresh batch doesn’t cause thousands of false positives. We sympathize with the painful memories many have for rules, so when we release new rules, we take special care to ensure they are 1) required and 2) add value. To that end, recently, we added over 100 new PowerShell and 200+ process creation rules in our 4.3.6. We also standardiz...