Starlight’s industry-leading data collection, analysis and automated response mechanisms improve productivity and empower security analysts to focus on and kill threats in minutes instead of days or weeks. With Starlight, organizations of any size can proactively detect security breaches in computer systems and networks before damage is done or data is stolen. Stellar Cyber’s Interflow™ technology is foundational to why Starlight helps organizations scale security detection across hundreds of thousands of systems, without blinds spots, performance problems, or exorbitant costs.
Founded in 2015 by industry pioneers from leading companies including Aerohive, Netscreen, Fortinet, Vectra, Juniper, Cisco, VMware, Gigamon, and A10 Networks; Stellar Cyber is based in Silicon Valley, and venture backed by Valley Capital Partners, Big Basin Partners, SIG – Susqehanna and Northern Light Venture Capital.
Cloud Security
Stellar Cyber’s Interflow™ technology foundational to the Starlight platform solves these problems. By deploying software-based agents in cloud instances or using a single data collector off of the mirror port of a virtual switch on premises, packets are collected and converted to metadata in real time. The reduction of packets to metadata can result in a 100-to-1 savings of network bandwidth and improves performance by sending a reduced yet complete amount of data to a distributed, data processor, security analyzer and machine learning engine.
Digital Forensics
Starlight’s NTA application helps get the data right. It collects, analyzes and stores metadata from network traffic at scale by dramatically reducing the data volume while providing ample evidence for advanced detection and forensics analysis. The integrated and advanced deep-packet inspection (DPI) engine can identify 4,000+ network applications, extract metadata from these applications, and reassemble files. The right amount of metadata, including DNS domain names, URLs, SQL queries, etc. are extracted. Stellar Cyber’s Interflow™ enriches the metadata with information from a variety of sources including DHCP/DNS traffic, logs for host names and domain names, identity provider (IDP) such as Active Directory or Okta for usernames, Threat Intelligence, Geolocations, and vulnerability scan
Infrastructure Security
Open system integrates with any existing tools in heterogeneous environments Improves fidelity of all existing infrastructure
Security Automation
Automatically correlate detections across security infrastructure.
Security Operations & Incident Response
Starlight’s Automated Threat-Hunting(ATH) App Library eliminates an analyst’s need to use custom queries in order to search for cyber threats. The library and its collection of threat-hunting apps (and automated execution of them) opens the door for less-skilled security analysts to automatically hunt for threats at endpoints, in the network, or in the cloud, with a few mouse clicks.
Threat Intelligence
The UBA App in Stellar Cyber’s Starlight platform collects and fuses user-relevant data from a variety of data sources such as network traffic, Active Directory logs, and applications like Office-365. It applies sophisticated behavioral analytics through machine learning. It baselines users’ typical behavior in order to detect users’ anomalous activities. It can rapidly detect bad behaviors without the need to write any rules or signatures. Combined with other relevant security events detected with many tightly-integrated security applications such as malware detection, the UBA App can quickly detect malicious users or compromised users.