Stellar Cyber Blogs

Stellar Cyber maintains a comprehensive set of blogs written by our in-house security experts that can help you stay up to date on the latest news, resources, and products, including deep dives on technical topics ranging from identity threat detection and response to an exploration of the platform's data pipeline.

Start your security blog journey on the Stellar Cyber Blogs home page. From there, you can venture into detailed blog posts according to your interests. Here is a sampling of some recent blogs to get you started:

Inside Stellar Cyber’s Data Pipeline: The Hidden Engine Behind Smarter Security

Discover how Stellar Cyber's data pipeline is not a simple data transport layer, but the fundamental engine powering its AI-driven SecOps platform.

Stellar Cyber ingests data from multiple sources, including network telemetry, logs, servers, and APIs, and processes it through a series of stages that ensure data quality and consistency. These stages include filtering unnecessary data at the edge, normalizing formats, enriching events with contextual information such as geolocation, threat intelligence, and user or asset identity, and applying redaction and deduplication before routing the data to storage or analytic workflows. This architecture enables real-time correlation and detection, reduces noise, and ensures consistent visibility across complex and distributed environments. As a result, security teams benefit from improved detection accuracy, faster incident response, optimized resource use, and seamless support for both enterprise and MSSP deployments.

Stopping Threats in Their Tracks: Stellar Cyber’s NDR Latest Respond Capability Explained

Learn how Stellar Cyber's Network Detection and Response (NDR) extends beyond monitoring by adding real-time, network-level response capabilities directly within the Open XDR platform. When malicious activity such as data exfiltration, command-and-control communication, or exploit attempts is detected, the system can automatically or manually terminate the connection using a TCP RESET, stopping the threat instantly. This native response operates at the sensor level without requiring extra hardware or licenses, enabling faster containment and simplified operations. By unifying detection, investigation, and response in one platform, Stellar Cyber empowers security teams to act decisively and efficiently, transforming reactive defense into proactive protection.

Identity Security, Reinvented: How Stellar Cyber ITDR Stops Credential-Based Attacks Before They Spread

Discover how Stellar Cyber's ITDR (Identity Threat Detection and Response) integrates identity security directly into the Open XDR platform, unifying visibility across users, endpoints, networks, and cloud environments. When credential misuse, privilege escalation, and lateral movement in real time is detected, Stellar Cyber can perform rapid, automated response actions such as account disablement or host isolation. By correlating identity data with broader telemetry, ITDR reduces alert noise, accelerates investigations, and strengthens defenses against identity-based attacks, bringing identity protection into the core of modern SecOps.

Empowering SOC Teams with Open and Seamless API Integration

Read how the Stellar Cyber Open XDR Platform delivers a robust, API-driven foundation that enables seamless integration, automation, and orchestration across a broad security toolchain. The platform supports over 500 integrations and diverse ingestion methods, allowing SOC and MSSP teams to combine existing tools — endpoints, network sensors, threat-intel feeds, cloud services — into a unified workflow rather than deploying another siloed product. Through OpenAPI-compliant APIs, teams can ingest logs and alerts, enrich data, automate response actions (for example isolating endpoints or blocking IPs), and extract correlated security insights for custom dashboards or automation pipelines. By embedding APIs at its core, the platform reduces integration complexity, streamlines operations, and accelerates detection and response.

Data Management Approaches: Schema-on-Read vs. Schema-on-Write

Understand the differences between Schema-on-Read and Schema-on-Write data management strategies and learn why Stellar Cyber’s Open XDR platform adopts the latter. Schema-on-Read offers flexibility by applying structure only when data is queried, but it can slow analysis and introduce inconsistencies. Schema-on-Write, in contrast, normalizes and enriches data at ingestion, ensuring faster searches, higher accuracy, and reliable analytics at scale. By standardizing data upfront, Stellar Cyber enables more efficient AI-driven detection and investigation across diverse sources.