Security provider Stellar Cyber, with the first Open-XDR security platform, announced the latest addition to its Starlight platform’s built-in App Store, a new Entity Behavior Analytics app.
This new app dynamically discovers and constantly tracks entities (or assets). It provides a unified view of all assets across networks, endpoints and cloud environments by assigning a risk score to each asset based on observed security events and related risk profiles. This app enables cybersecurity analysts to focus on the most critical, high-risk assets.
EBA dynamically discovers assets from a variety of sources including traffic, logs, agents and vulnerability scans. It enriches and associates an asset with rich context such as host name, user, location, vulnerabilities, device type, entity value, etc.
This app also correlates security events with entity info. It enables users to prioritize assets by assigning a specific value to each of them in order to provide the most accurate entity risk score.
By assigning a risk score to each asset, it provides a risk level view of all assets and prioritization for analysts. Its Cyber Kill Chain View helps analysts focus on important events by asset, while its Panoramic View automatically draws the timeline of attack events associated with an asset along the cyber kill chain while visualizing the lateral movements of attacks among assets.
“Having an inventory of all assets, identifying security risks by each asset, drilling down into the security events of an asset and locating the at-risk asset are critical tools security analysts can use to rapidly spot and remediate cyberattacks,” said Iker Simsir, Director of Product Management at Stellar Cyber.
“Our EBA app offers outstanding asset management capabilities and advanced analytics for spotting risks at the asset level.”