This blog is written in colaboration with Andrew Homer | Stellar Cyber VP, Technology Alliances
In a previous blog, we discussed how our security partner Stellar Cyber chose Oracle Cloud Infrastructure (OCI) to host their extended detection and response software-as-a-service (SaaS) platform. This blog looks at how our partnership with Stellar Cyber has further evolved with Oracle Cloud Guard to deliver full security operation (SecOps) protection across the broader attack surface.
Protecting OCI and beyond
Protecting your OCI tenancy with native capabilities from Oracle Cloud Guard helps you maintain a healthy security posture by identifying weak security configurations in OCI. Cloud Guard detects these security problems by ingesting audit and configuration data on OCI resources. It helps security administrators easily use dashboards and view risk score metrics to address those identified OCI issues.
But what about the corresponding threats coming from outside OCI? In dealing with an increasing number and intensity of threats, many security teams are looking for ways to improve their ability to combat attacks consistently with a single view across their entire attack surface. One way to achieve this goal is to standardize on an integrated SecOps platform to deliver extended visibility for detection and response beyond OCI, including multicloud, endpoint, email, and network environments. The ability to connect the dots between OCI signals and other telemetry across the attack surface is what Stellar Cyber’s Extended Detection and Response (XDR) brings to the table to complement Oracle Cloud Guard.
What is Stellar Cyber Open XDR?
Stellar Cyber Open XDR provides visibility across your hosts, SaaS apps, containers, firewalls, endpoints, networks, and cloud infrastructure- and -platform as a service (IaaS and PaaS) services. With Open XDR, Stellar Cyber provides heterogeneous integrations across over 500 security tools. This strategy helps SecOps avoid costly rip and replace current security tool investments with “plug-and-play” Open XDR.
The mission for Stellar Cyber’s partnership with Oracle is to simplify security operations for our customers, which aligns with many security teams’ goal to have a single pane that gives security analysts a holistic view across their entire environment. Stellar Cyber extends the security provided by Oracle Cloud Guard with tools for security teams to correlate threats targeting OCI with threat signals from other areas of your cloud environments. Stellar Cyber manages the critical data required to detect these advanced threats. Before diving into the details, let’s take a high-level look at the Stellar Cyber Open XDR Platform.
Stellar Cyber’s Open XDR Platform provides next-generation security information and event management (NG-SIEM), network detection and response (NDR), user and entity behavior analytics (UEBA), security orchestration, automation, and response (SOAR), and threat intelligence platform (TIP) capabilities for everyone. Powered by deep learning AI and an open integration architecture, Stellar Cyber correlates alerts, logs, and telemetry data, providing security analysts with the holistic view of threats that they need to mitigate cyber threats fast. Stellar Cyber also integrates with security, IT, and productivity products, including all significant endpoint detection and response (EDR) vendors. This flexibility helps enable security teams to remain in control of their security investment.
Stellar Cyber + Oracle Cloud Guard = Better together
Recently, we announced our partnership with Stellar Cyber Open XDR Platform in the Oracle Marketplace. Stellar Cyber’s multitenant SaaS offering is built exclusively on OCI. Following an exhaustive evaluation of other cloud providers, Stellar Cyber chose to run on OCI for its superior scalability and regional flexibility. As an open XDR platform, Stellar Cyber normalizes Cloud Guard logs and correlates this data across your security operations’ broader attack surface spectrum, including network, firewall, cloud native, emails, and endpoints. This availability allows for wide detection throughout the kill-chain stages.
Based on Stellar Cyber’s integration with OCI and telemetry across 400+ other security tool integrations, SecOps teams can take immediate and automated response actions to remediate threats.
Stellar Cyber works with Oracle Cloud Guard to ensure that your OCI environment is operating at expected. Stellar Cyber ingests Cloud Guard-identified potential threats and configuration issues. Using machine learning (ML) models and curated that detection rule, Stellar Cyber analyses data from CG and other sources including endpoints, servers, log sources, networks, applications, and other cloud environments, such as Amazon Web Service (AWS), Azure, and Google.
Using AI-driven investigation views, security analysts can quickly validate the potential cyber threats, taking automated response actions directly from the Stellar Cyber platform. As a result, Stellar Cyber reports security teams deploying their technology see their mean time to detection (MTTD) improve by eight times and their mean time to respond (MTTR) increase by 20-fold.
Conclusion
Gaining efficiency when delivering best in class security outcomes can seem like a long-term goal, but with solutions like Stellar Cyber powered by OCI, reaching this goal might be closer than you think.
We continue expanding our coverage as we add more Cloud Guard features and integrations with Stellar Cyber. Watch this space for more blog updates on Cloud Guard, Oracle Cloud Infrastructure Security products, and Stellar Cyber.