Stellar Cyber Adds Asset Smarts to Security Platform

Cybersecure4

By: Mary Jander

Cybersecurity startup Stellar Cyber has unveiled a new application for its Starlight product suite, demonstrating the increasingly popular platform approach to enterprise threat protection.

The vendor’s new Enterprise Behavior Analytics (EBA) application, announced yesterday, discovers any device or host within a data center network or cloud, and based on data from a range of sources (including a variety of third-party products), scores each asset according to its risk profile.

EBA is the latest addition to Stellar Cyber’s App Store, a variety of applications that gather, interpret, and use the data gleaned by the vendor’s Starlight security platform. For example, another application called the User Behavior Analytics (UBA) app, presents information about specific users across an enterprise. Stellar Cyber says UBA creates a baseline of behavior for every user and leverages that to identify abnormal activity.

Focus on Security API Design

2020 futuriom primo pro 300x600

Stellar Cyber’s claims for Starlight and its App Store aren’t just clever marketing. They signal adherence to an enterprise security design that’s rapidly gaining ground.

In the platform paradigm, APIs draw data from a range of sources, including remote standalone devices, traditional data center gear, virtual networks, and cloud environments, which the system then uses to identify threats and activate responses. The APIs also connect with third-party security products, following the trend toward cooperative interconnection that's becoming essential in coping with hybrid clouds.

Despite efforts to categorize these security platforms as XDR (X detection and response), there’s lots of variation among them. Some offer hardware options, some artificial intelligence (AI). Their range and method of integration with other products varies, as do their flexibility and fit within cloud environments. And of course pricing is a factor too.

Still, the basic goal of a cybersecurity platform is consistent: to automate what is turning into an overwhelming and even unmanageable flood of data in the face of multiplying cyberspace threats.

Tapping Multiple Sources

For its Starlight platform, Stellar Cyber draws on proprietary and third-party data sources — Stellar Cyber recently added Check Point Software to its partner list — which feed information into a data lake. Data normalization, machine learning, and application intelligence are then applied to create a range of interpretations and views from a central console. Stellar Cyber claims that over time, the use of machine learning makes the system more efficient.

Starlight can automate responses when threats occur — for instance, by blocking an IP address, redirecting a user, sending an email, or activating another application.

Notably, Stellar Cyber offers customers several options for deploying Starlight and its applications. Agents and sensors come in specialized rackmount servers, as virtual machines, or via containers (apparently the preferred approach of many DevOps personnel). The vendor's goal is to work in as many environments as possible, cloud or otherwise, following the smart-money trend toward outreach and "coopetition" as enterprises and service providers progress through digital transformation.

AI-based Security Expansion

Stellar Cyber has some strong competitors, including firewall experts such as Cisco, Fortinet, and Palo Alto. Startups also are surging. One is Axonius, a New York-based company specializing in unifying multivendor security solutions via what it calls adapters. Founded in 2017 by a group of Israeli security experts, Axonius has garnered $37 million in funding from a range of investors, including Bessemer Venture Partners and YL Ventures. So far, this vendor says it has integrated its console with 199 security and management products, including those of Cisco, Check Point, and Palo Alto.

Stellar Cyber could also face challenges from vendors specializing in automation of IT assets, such as data warehouser Snowflake. orchestration vendor Itential, as well as endpoint security providers like CUJO AI. While these and other suppliers have a particular focus, their alliance-aggressive approach ensures their participation in all kinds of interesting cybersecurity applications going forward.

So far, Stellar Cyber seems to be following the flow by presenting its wares as a platform open to the permutations of its own technologies and those offered elsewhere.