How Do We Revolutionize Cybersecurity?
Cyberattacks are increasingly common and costly, and all organizations are vulnerable. Last year, Statista reported that over 493.33 million ransomware attacks were detected by organizations worldwide, and Tekspace reported that global cyberattacks increased by 38% in 2022. IBM estimated that the global average data breach in 2022 cost $4.35 million
Cyberattack protection tools are constantly evolving to address new threats, but traditionally, each tool has its own security console, which often makes it impossible to detect cyberattacks that work through a combination of entry points (or attack vectors). Also, many tools produce thousands of alerts that overload analysts and make it difficult to identify the few that require urgent action. Finally, each new tool requires a new software license and more training
Stellar Cyber’s XDR Solution
One new technology, eXtended Detection and Response (XDR), helps address these issues. XDR unifies cybersecurity tools under one license and one console, so it’s much easier for analysts to correlate alerts across tools and act more quickly to respond to threats. In a large American City, the IT department adopted Stellar Cyber’s Open XDR Platform to unify its detection and response capabilities and dramatically improve analyst productivity.
“XDR seemed like a good approach for us,” said the city’s Deputy CIO. “Unifying all data in one console and doing threat-hunting and remediation from there was a lot better than having specific analysts assigned to specific parts of the network. When you have several different security tools you assign one analyst to learn and operate one set of tools, another to operate another set of tools, and so on. So, it’s hard to get a good overall view of your security with a model like that because nobody sees the whole picture.”
The Deputy CIO invited his security analysts to a demo of the Stellar Cyber Open XDR platform. “After the demo, it was just one unanimous decision,” he said.
“Stellar Cyber was the destination we were trying to get to when it comes to monitoring and visibility into our environment.”
Enhanced Visibility and Efficiency
Stellar Cyber combines NG-SIEM, NDR, IDS, UEBA, and SOAR functions and also includes malware/phishing detection and several other key security tools. In addition, the platform integrates data from the City’s existing security tools and data from its proprietary sensors to deliver a comprehensive picture of the entire environment.
“The visibility we get into our environment is outstanding, whether it’s east/west traffic or north/south traffic, and we can triage from a generated incident to the source of what caused that incident,” said the Deputy CIO. “It makes it much easier to do a lot of investigation and response because it cuts down the manual intervention of the analysts. With our lean security team, the product helps skills of any level be more productive.”
Stellar Cyber simplifies detection and response by leveraging AI and machine learning. The platform automatically evaluates and groups related alerts in a prioritized list of contextual incidents on its intuitive dashboard.
“The AI features of the platform reduce the number of staff we have to assign to doing manual tasks,” the Deputy CIO said. “That automation saves us a lot of time, and our analysts are far more productive and can quickly detect and respond to threats.”
“If we didn’t have this platform, I would have needed to hire more analysts because of the labor involved in the investigation aspect alone,” said the Deputy CIO. “Now, one analyst can investigate and resolve an incident within five to ten minutes instead of taking days or weeks. It has been a game-changer for us and has allowed me to keep my budget under control.”
If you want real solutions to today’s cybersecurity challenges, learn more about Stellar Cyber’s Open XDR Platform at https://stellarcyber.ai.
