Stellar Cyber 6.1: Intelligent automation and enhanced control for SOCs and MSSPs

In today's landscape of cyber threats, the speed and accuracy of response determine business resilience. Stellar Cyber has unveiled version 6.1 of its platform, a significant step toward creating a human-augmented autonomous Security Operations Center (SOC). This update provides enterprises and Managed Security Service Providers (MSSPs) with a new level of visibility, investigation speed, and operational control.

Expanding AI-driven investigation capabilities

At the core of Stellar Cyber 6.1 is a deeper integration of agentic artificial intelligence. The platform automates the analysis of phishing threats and creates incident summaries, transforming disparate alerts into a cohesive story with a timeline, interconnections, and recommended actions. This allows analysts to get a clear picture of events while spending less time on false positives.

• Automatic phishing triage: Reports of suspicious emails are analyzed in minutes without human intervention, significantly speeding up the response.
• Incident summaries: AI generates narratives, hypotheses, and timelines, combining individual alerts into a single context for a quick understanding of the attack.
• Customizable machine learning models: Security teams can adapt anomaly detection to their unique environment, reducing noise and increasing accuracy.

Strengthening threat detection across all vectors

The 6.1 update extends detection capabilities to critical areas such as identity data and network activity.

• Identity threats: New detection mechanisms have been added for attacks on Active Directory, privilege escalation attempts, and geo-anomalous user behavior.
• Network threats: The platform provides early warnings about command-and-control (C2) server activity and the use of rare domains, helping to detect hidden attacks.
• CrowdStrike Threat Intelligence integration: High-fidelity Indicators of Compromise (IOCs) from CrowdStrike are integrated in real-time into the analysis process, increasing detection accuracy without the need for additional tools.

New tools focused on MSSPs

Stellar Cyber 6.1 provides Managed Security Service Providers with powerful tools to scale operations and improve efficiency.

• ServiceNow workflow optimization: Multi-tenant workflows allow for more precise synchronization of alerts and incidents, exclusion of inactive clients, and on-demand updates.
• License transparency: MSSP providers can now track license usage at the individual client level, simplifying billing and resource management.

Stellar Cyber 6.1 gives us sharper detections, richer case context, and smoother integration into our workflows. It’s not just an upgrade—it’s a force multiplier for our team and a differentiator for our services.

Key differences in security approaches

Traditional SOC approach

• Priority: Manual analysis of a large number of raw alerts.
• Process: Lengthy investigations involving switching between different tools.
• Outcome: High probability of missing a threat due to analyst fatigue and scattered data.

Stellar Cyber 6.1 approach

• Priority: Automation of routine tasks and providing context for decision-making.
• Process: Rapid investigation within a unified platform with ready-made conclusions from AI.
• Outcome: Building an effective, human-centric autonomous SOC that allows focus on the most critical threats.