Stellar Cyber 6.2 strengthens human-augmented autonomous SOC

Stellar Cyber announced version 6.2, marking the next major milestone in its mission to deliver autonomous security operations.

Building on the AI and automation foundations established in versions 6.0 and 6.1, Stellar Cyber 6.2 deepens analyst assistive intelligence, streamlines case workflows, alert customizations and expands the platform’s openness with new integration and enrichment capabilities.

“With 6.2, we’re extending our leadership in human-augmented autonomous SOC,” said Subo Guha, SVP Product Management at Stellar Cyber. “We’re bringing even more intelligence to the analyst’s fingertips — from automatic case summaries to adaptive alert filters — while ensuring the ecosystem stays open and connected.”

From human-augmented to AI-assisted security

Stellar Cyber 6.2 introduces Agentic AI based Case Analysis & Summary, a generative-AI capability that automatically creates concise narratives for every case. Analysts receive immediate insight into root cause, affected entities, and recommended actions, reducing investigation and response time and improving analysts’ efficiency.

Traditionally SOC analysts take days to sift through the details of alerts and get very little depth of explanation of the severity of any alerts. Now Stellar’s Agent based Case analysis takes minutes to provide a descriptive view of the alert and severity or if it is a false positive.

The new Phishing Email Auto-Triage feature, also for Private Preview, extends this automation to one of security’s most persistent challenges. By leveraging AI-driven parsing, enrichment and analysis, Stellar Cyber automatically identifies, scores, and routes suspected phishing messages, freeing analysts to focus on higher-value threats.

Expanded NDR response

The 6.2 release is introducing real-time TCP Reset capabilities as a native enhancement to our integral NDR capability, enabling organizations to disrupt malicious network sessions detected and in progress. Unlike competitive offerings that require costly add-on modules, Stellar Cyber delivers this immediate threat-stopping capability as a standard feature of the Open XDR platform, with no additional cost.

By terminating harmful connections in real time, customers can dramatically reduce dwell time, contain lateral movement, and strengthen their overall security posture with faster, autonomous response built directly into the platform.

Threat intelligence platform 2.0 advancements

TIP 2.0 supports a wide range of built-in threat intelligence feeds as well as custom, third-party feeds owned by customers. Over previous releases, it has already integrated many leading TI sources—including CrowdStrike, Recorded Future, SOCRadar, and any feeds delivered in standard STIX/TAXII format.

A key advancement in the Stellar Cyber Threat Intelligence Platform is the addition of two important new capabilities:

ESET IOC feed integration: Through our recent partnership with ESET, TIP 2.0 now supports real-time ingestion of ESET threat intelligence as a primary IOC feed. This provides stronger detection, richer enrichment, and more accurate correlation across the platform.

ASN enrichment: TIP 2.0 now enriches IP-based insights with Autonomous System Number (ASN) context, enabling deeper understanding of external connections, improved threat scoring, and more precise threat hunting.

These upgrades further strengthen our customers’ ability to identify, enrich, and act on threats with higher accuracy and better context.

Expanded ecosystem, smarter data

With XDR Connect Webhook Ingestion, Stellar Cyber 6.2 takes a major step forward in openness and self service. This lightweight, standards-based framework lets customers post JSON data directly from any external system, accelerating custom integrations and extending visibility across the full security stack.

Precision and control for the modern SOC

The 6.2 release also refines how analysts interact with alerts, data, and permissions:

• Adaptive alert filters: Context-aware filters that automatically adjust severity, apply tags, and exclude noise, aligning detections to real business impact.
• Object-level access control: Fine-grained role-based permissions that ensure the right people see the right data at the right time.

Together, these features drive greater clarity, control, and confidence within every SOC workflow.

A more connected customer experience

To support customers better as we evolve our platform rapidly, Stellar Cyber 6.2 debuts the Resource Center — a new in-product hub that delivers release highlights, documentation, training materials, and Stellar Cyber News directly inside the interface. This ensures customers stay informed, educated, and empowered to make the most of each capability.

A journey toward autonomous security

From 6.0’s foundation of human-augmented autonomy to 6.1’s illumination of AI-driven insights, and now 6.2’s expanded intelligence and integration, Stellar Cyber continues to deliver on its vision: enabling every SOC to achieve faster, safer, and lower-risk AI adoption in security operations.

“Stellar Cyber 6.2 proves that AI in the SOC doesn’t have to be risky,” added Aimei Wei, CTO and Founder. “It’s assistive, explainable, and built to make security teams smarter and more effective, not replace them.”

Availability

Stellar Cyber 6.2 is available now to all customers. Select features, including Case Analysis & Summary, Phishing Email Auto-Triage, and XDR Connect Webhook Ingestion, are in Private Preview with selected customers.