Stellar Cyber expands Autonomous SOC capabilities with agentic AI
Stellar Cyber announced updates in version 6.3 that advance its goal of an autonomous SOC. Powered by agentic AI, the release helps security teams reduce alert volume and improve response by automating threat detection, investigation, triage, and response across identity, network, endpoint, email, and cloud environments.
With 6.3, Stellar Cyber delivers measurable customer value by reducing analyst workload, shortening mean time to respond (MTTR), and unifying security operations through deeper automation, smarter context, and expanded integrations.
Stellar Cyber continues to strengthen its Autonomous SOC vision by expanding agent-driven automation across the platform. With Model Context Protocol (MCP) available in version 6.3, organizations can integrate third-party agents and bots more seamlessly, enabling new SecOps use cases such as tighter ticketing system integrations and automated workflows.
Security teams are overwhelmed by fragmented tools and endless alerts. Stellar Cyber 6.3 addresses this challenge with expanded Autonomous SOC capabilities that act like a seasoned SOC analyst, automatically analyzing signals, prioritizing risk, and explaining what matters.
Capabilities and enhancements included as part of early access program:
- AI-generated case summaries that automatically explain what happened, why it matters, and what evidence supports the conclusion, reducing investigation time.
- Advanced automated email phishing triage, providing earlier and deeper diagnosis to stop phishing attacks before they escalate.
Together, these capabilities help customers resolve incidents faster with fewer resources, improving SOC efficiency without sacrificing accuracy.
“With agentic AI at the core of our platform, we’re transforming raw telemetry into clear decisions and automated actions—so security teams can move at machine speed without losing human trust,” said Aimei Wei, Chief Technology Officer at Stellar Cyber.
New usability enhancements reduce friction and speed collaboration:
- Query Manager import/export enables teams and MSSPs to share and reuse proven detection logic.
- A streamlined Watchlist workflow allows analysts to take action directly from investigations, minimizing context switching.
These improvements help SOC teams resolve incidents faster and scale best practices across teams and tenants.
Unified identity and network security for real-world attacks
Stellar Cyber 6.3 strengthens Identity Threat Detection and Response (ITDR) and Network Detection and Response (NDR) by correlating identity, network, and endpoint signals into a single operational view.
Key enhancements include enriched login anomaly detections with ASN and user-agent context, plus new support for Netskope CloudTap, enabling decrypted traffic analysis and user identity enrichment. Customers can detect suspicious behavior earlier and respond with targeted actions that bridge ITDR and NDR use cases.
Expanded Unified Threat Management (UTM) support further enhances network visibility, allowing customers to leverage existing firewall and UTM telemetry as high-value data sources within Stellar Cyber’s Open XDR platform.
Version 6.3 introduces enhancements to XDR Connect Webhooks for easier third-party alert ingestion and a new Domain Service that improves connector scalability and reliability.
Many new alert and connector integrations, including Wiz, SonicWall Endpoint, Fortinent FortiManager, Halcyon, BitDefender, Cisco Duo Trust Monitor, iManage Threat Manager, etc., expand Stellar Cyber’s ability to ingest and correlate data across endpoint, cloud, ransomware protection, digital risk, and asset intelligence platforms. The result: faster deployments, broader visibility, and higher detection fidelity without rip-and-replace.
“Every enhancement in 6.3 is designed to help security teams detect faster, investigate smarter, and respond with confidence, all from a single platform that unifies SecOps instead of fragmenting it,” said Subo Guha, Senior Vice President Product at Stellar Cyber.