Stellar Cyber Enhances Threat Detection & Data Onboarding with New Updates

Stellar Cyber has introduced advancements in threat detection capabilities and data integration processes through updates to its Stellar Cyber 6.5 and 6.6 platforms.

Advancements in Threat Detection and Data Integration

These releases build upon the company’s AI-driven, human-assisted security operations center (SOC) framework by incorporating controlled AI workflows, enhanced Auto Triage functionalities, improved detection accuracy, and expanded integration options. The updates aim to streamline operations for managed security service providers (MSSPs) and enterprise security teams by reducing friction in data onboarding and enabling more efficient incident response.

Key Features of the Updates

The platform emphasizes the need for a unified system that accelerates threat identification, provides contextual investigation tools, and ensures seamless data integration without requiring additional alerts or fragmented tools. This approach aligns with the company’s focus on integrating AI-assisted analysis with human oversight to create actionable security operations (SecOps) workflows.

AI-Native SOC Workflows

Key features of the updates include AI-native SOC workflows with controlled access to AI functionalities. Version 6.5 introduced early access to the Stellar Cyber MCP Server, allowing approved AI clients to connect to the platform via the Model Context Protocol. This integration enables AI to operate within existing SOC workflows, leveraging case-specific context, tenant awareness, and access controls rather than relying on standalone AI assistants.

Enhanced Auto Triage and Detection Accuracy

Auto Triage visibility and actionable outcomes have been expanded in version 6.6. The release adds verdict tracking to the Alert Table and Threat Hunting views, including filterable columns for triage results. A response action panel on the Auto Triage alert page allows analysts to act on findings without navigating away from the interface. Detection accuracy has been improved across identity, cloud, and network domains.

Operational Enhancements

Operational enhancements in the releases include a Dashboard Hub for centralized monitoring, temporary alert filters for dynamic analysis, improved rule import/export functionality for Automated Threat Hunting (ATH), and enhanced timestamps for playbook execution. Platform health monitoring is now accessible through the System Action Center, while license enforcement and usage notification APIs provide better resource management.

Self-Service Data Onboarding and Flexibility

Self-service data onboarding capabilities have been expanded through Parser Studio, introduced in 6.5. This tool allows teams to create, test, and deploy custom parsers independently. Version 6.6 adds broader parser and connector coverage, selective parser port activation, and support for response actions from Liongard, Ironscales, and Check Point Smart-1 Cloud.

Network and Sensor Coverage Improvements

Network and sensor coverage has been deepened with updates such as Azure VTAP documentation, SMB session ID tracking, NFS file assembly for malware analysis, expanded Linux sensor support, and DPI protocol bundle updates. Version 6.6 also includes Suricata 8.0.1 integration and enhanced sensor security hardening for local service communications.

Conclusion

Stellar Cyber’s updates to its 6.5 and 6.6 platforms demonstrate a commitment to enhancing threat detection, streamlining operations, and improving integration capabilities for security teams and MSSPs.

About Author

Anuj

See author's posts