Stellar Cyber Product Update: Dog Days of Summer Edition

As we are on the doorstep of the dog days of summer, where kids on summer break are soaking up the sun, the Stellar Cyber team is hard at work cranking out new features and capabilities aimed at helping customers continue to improve their ability to simplify security operations. While we have some cool new features planned for release later this summer, I thought I’d recap what we have recently added to the Stellar Cyber Open XDR Platform.

Rules can be your friend.

In Security, when the top of correlation rules comes up, many people flash back to painstakingly importing rules into their security products, hoping the fresh batch doesn’t cause thousands of false positives. We sympathize with the painful memories many have for rules, so when we release new rules, we take special care to ensure they are 1) required and 2) add value. To that end, recently, we added over 100 new PowerShell and 200+ process creation rules in our 4.3.6. We also standardized on the Sigma rule format for rules going forward. This change will make us more efficient in researching and deploying new rules while maintaining industry best practices. Look out for more cool rules-related enhancements soon.

Integrity

When adding new team members, finding someone with integrity who you can trust and depend on is critical. Regarding security, we want to ensure that the files we rely on have integrity, meaning that they are where we expect them to be and are operating as expected. In 4.3.6, we added File Integrity Monitoring to our Windows sensors. Now with this new feature, users can deploy our Windows servers across their network with the ability to monitor specific sensitive files and folders to ensure an attacker has not moved or corrupted these critical files. Get the full details on our new FIM capabilities in our user documentation.

What about Integrations? Glad you asked

No Stellar Cyber update would be complete without a quick look at how we expand our over 400 integrations that come out-of-the-box with our platform. In 4.3.6, we added new connectors for the Oracle Cloud Infrastructure (OCI), Thinkst Canary, and Indusface. We also improved our existing Microsoft Defender, Azure Event Hub, Azure AD, Active Directory, and AWS connectors in this release base on customer feedback. We also added 17 new log parsers in 4.3.6, including log parsers for ServiceNow, Apache HTTP Server, Fortinet FortiEDR, and Trend Micro Tipping Point, to name a few. As I have said, we are all about integrating as many products as our customers need to make finding and defeating threats easier.

Black Hat is Coming

As hard as it might be to believe Black Hat is less than two months away. We will be bringing the heat this year (pun intended) by showcasing some great new features in our booth (#672) as well as doling out some cool swag. Check out more about what we have planned here.