10 Best Cyber Security Companies 2020
Every company with an online presence is subject to cyberattacks, and the challenge is to mitigate those attacks by spotting and correcting them as quickly as possible.
We present to you Stellar Cyber whose top security infrastructure data collection, analysis and automated anywhere detection and response (XDR) mechanisms elevate productivity and strengthen security analysts to eliminate threats in a few minutes instead of days or weeks.
The firm’s Open-XDR platform evades the tool exhaustion and data overload frequently mentioned by security analysts.
The company was founded by a group of industry pioneers from leading companies including Aerohive, Netscreen, Fortinet, Vectra, Juniper, Cisco, VMware, Gigamon, and A10 Networks.
Changming Liu (CEO) and Aimei Wei (Sr. VP of Engineering) will now take us to the journey of Stellar Cyber
Q. Why was Stellar Cyber originated?
The founders knew that in security there is a correlation problem. Organizations have dozens of siloed tools and as a result siloed data. It is therefore difficult to correlate common events or related events. The real problem lies in gathering the right data so the most critical correlations are more easily seen.
Stellar Cyber’s founders first invented a family of seven sensors and agents suited for a variety of customer environments. These sensors index security metadata at ingestion, ensuring from the beginning that there is a means to normalize and make correlations. Deep-packet-inspection (DPI) at ingestion ensures that only needed metadata is kept, which reduces storage costs. The solution had to be deployable anywhere, so they realized they needed a microservices-based platform that is container-ready, and they built a user-friendly GUI. With a GUI that follows the Lockheed Martin kill chain and also aligns with NIST’s and MITRE’s frameworks, security analysts can work intuitively as they move from collecting the right data, detecting events, investigating those incidents and then responding to high-risk events.
The Open-XDR platform is application-based because customers now expect applications that work together in the workplace along with a GUI to help them work more efficiently—breaking through the siloed tools they worked with in the past.
Q. Brief us about the Application-based security platform.
Stellar Cyber makes an Open XDR platform to address the data overload problem. Stellar Cyber’s Anywhere Detection & Response (XDR) provides a single pane of glass that gives one centralized view of security throughout the entire organization. The platform unifies results from many different security tools under one interface to deliver pervasive protection from complex cyberattacks anywhere that applications and data reside. Stellar Cyber incorporates dozens of security applications natively and makes them all available through a single interface. And, as an Open-XDR platform, it allows users to leverage existing investments in SIEM, firewalls, CASB, Vulnerability Management tools and other solutions.
Also, Stellar Cyber uses Machine Learning and Big Data techniques to correlate incoming data detections and evaluate alerts to slash the number of false positives, so security analysts are far more productive and real security threats are resolved much more quickly.
Q. Open-XDR is your prominent platform; how does it work?
We are part of an emerging new category called XDR – anywhere (X) detection (D) and response (R), which reflects the idea that an enterprise attack surface is no longer a single point. It is anywhere, from within, from outside, or from host-to-host attacks. Palo Alto Networks is building their platform, Cortex, through acquisitions (LightCyber is one example). As a startup, Stellar Cyber had the XDR vision from day one and built an Open-XDR platform as we intend to attract a thriving ecosystem. Many customers do not want a rip-and-replace story; they want to augment what they have and make it better.
Q. How to deploy Open-XDR platform?
Stellar Cyber wants to make its platform available wherever it is needed to address cybersecurity comprehensively, whether in servers, endpoints, applications, containers, websites, SaaS applications, or service providers.
We live in a multi-cloud world, and the enterprise challenge is to deliver tight security across public, private and hybrid clouds as well as virtualized infrastructure. With public cloud services like AWS, Azure and GCP becoming popular choices for applications, sensitive data such as customer or subscriber information become highly attractive targets for malicious actors, and weaknesses in on-premises cloud or virtualization security leave companies more susceptible to attacks.
Q. When you say Stellar Cyber is the only anywhere open detection and response (XDR) platform that comes with built-in multi-tenancy, could you cite us examples to prove the same?
Stellar Cyber is the only XDR platform that comes with built-in multi-tenancy, so you can manage security services for hundreds or thousands of end users, business units or companies with ease. Our multi-tenancy features include:
Multi-tenant security infrastructure architecture Multi-tier, role-based access for administrators and tenant users Rapid deployment of Stellar Cyber sensors and agents in distributed networks.
Q. What is your customer base?
Stellar Cyber’s primary focus is on the enterprise, with a channel play with managed services providers (MSPs) for smaller organizations, for which reason it has security incident and event management (SIEM) and some automated response capabilities built in. It also partners with vendors of firewalls (Check Point), vulnerability management (Tenable), and automated response for more advanced orchestration functionality in adjacent areas.
Q. How did you help the University of Zurich unify security?
INTEGRATING WITH EXISTING TOOLS
The security team at the University of Zurich’s Central IT Department was hoping to find a modern solution for its security needs, rather than just building out another SIEM. While UZH researched and tested other solutions, Stellar Cyber was the best choice because it integrated nearly two dozen security applications under a single, intuitive dashboard. Deployment of Stellar Cyber was a plug-and-play installation that began to produce results quickly right out of the box. Stellar Cyber’s built-in multitenancy would also allow the security team to efficiently support over 150 institutes and colleges within the University family.
“We were impressed by the built-in multitenancy,” said the IT Security Officer at the University of Zurich’s Central IT Department. “We support many different colleges and university departments, each with its own issues, and we need to track them individually. Every other product we saw required a very expensive upgrade to support multi-tenant operations, if it was even offered as an option.”
IMPROVING THREAT VISIBILITY
Stellar Cyber’s built-in detections immediately delivered better visibility for the security team. “With a few basic settings, we quickly made much meaningful detections and discovered a lot of security events we might have missed before,” said the IT Security Officer. “In fact, during the first month of use, we had a security case that we were able to point out within hours instead of several days. Another thing we noticed was that the rate of false positives was half what it was with other products we tested, and our ability to train the Machine Learning so it recognized previous attack vectors makes it even more effective.”
Embrace the innovators
The company was founded in 2015 by Changming Liu (CEO) and Aimei Wei (Sr. VP of Engineering). Several VCs have funded Stellar Cyber including Valley Capital Partners, Big Basin Partners, SIG – Susquehanna and Northern Light Venture Capital.
The founders have been working in cybersecurity for many years. They knew there was an information overload problem happening in every medium-to-large company’s IT department and, in particular, in the security operations center. Changming’s security career started at NetScreen, and he is also the founder of Aerohive. Changming learned that you need great tech and a great GUI – users expect more than just tech today.