About the Stellar Cyber Threat Intelligence Platform

Stellar Cyber automatically integrates its own Threat Intelligence Platform (TIP) into its architecture, regularly collecting, parsing, and distributing dynamic threat intelligence to the Stellar Cyber solution from multiple third-party threat intelligence feeds.

In addition, you can also integrate an additional third-party TIP or a custom IoC file in the System | Threat Intelligence page.

Multi-Source and Bi-Directional

The Stellar Cyber TIP adds multi-source, bi-directional threat intelligence feeds to the Open XDR Platform. As shown in the diagram below, the Stellar Cyber TIP is a cloud-based platform that automatically collects and aggregates feeds from many different sources into a single, consolidated resource of threat intelligence. Sources for the Stellar Cyber TIP include the following:

  • Commercial and non-commercial threat intelligence feeds from organizations such as Proofpoint, DHS, OTX, Openphish, and PhishTank

  • Internal research

  • Intelligence shared by other deployments

Once the feeds are curated, the Stellar Cyber TIP normalizes and prioritizes them before distributing them to all of the Open XDR platforms deployed by end users from enterprises, government agencies, and MSSP partners, as shown in the diagram below.

Stellar Cyber TIP Benefits

The Stellar Cyber TIP offers the following benefits:

  • Efficiency – You don’t have to manage another set of third-party tools so your analysts can be more efficient. Stellar Cyber's threat intelligence feeds are distributed directly from our cloud TIP to your instance of the Open XDR platform without any administrative overhead. Open XDR automatically enriches the data during its ingestion in real-time to create the right context for the data. This amplifies our threat detection, threat investigation, threat-hunting, and remediation capabilities.

  • No Cost – You don’t have to subscribe to third-party threat intelligence feeds because we already provide them for you within Stellar Cyber.

  • Openness – While Stellar Cyber natively provides most popular threat intelligence feeds at no cost, The Open XDR platform can also directly take in third-party feeds to meet your specific needs. For example, non-US customers may want to subscribe to local, country-specific feeds.

  • Evolving Threat Intelligence –The Stellar Cyber TIP delivers bidirectional feeds to grow smarter over time. We not only send feeds down to our analytical engine, but any customer can send new threats up to our TIP for the benefit of all Stellar Cyber customers. In addition, we continually add new threat intelligence feeds over time to improve our platform’s capabilities. As a detection platform, Stellar Cyber finds new threats that haven’t been published yet, so it is continually upgrading the TIP with the latest detected threats.

  • Safe Threat Inspection – The Stellar Cyber TIP incorporates a sandbox for zero-day malware and advanced persistent threat analysis so users can safely inspect suspicious files without fear of damage to their infrastructure.