XDR, Data Security, Cloud Security, MSSP

Stellar Cyber Delivers Data Lake Security for Splunk, Snowflake and More

Share
Credit: Adobe Stock Images

Credit: Adobe Stock Images

Stellar Cyber has expanded its Open XDR platform to secure data where it lives, in data lakes, something the company is calling "bring your own data lake." Data lakes and cloud data storage is essential as organizations embrace artificial intelligence. Data is the fuel for AI.

Stellar Cyber's integration allows organizations that have standardized their data storage framework on Splunk, Snowflake, Elastic or AWS security data lake to incorporate the Stellar Cyber Open XDR platform into their security framework.

Explaining the inspiration behind BYODL, Aimei Wei, Stellar Cyber founder and chief technology officer, told MSSP Alert that customers want the flexibility to seamlessly integrate their existing data lakes with advanced security platforms and without the cost and hassle of data migrations.

“Without the ‘bring your own data lake’ capability, customers often face high costs and disruptions from migrating data to new platforms,” Wei said. “They deal with complex integration challenges, increased storage expenses and inefficiencies in their security workflows. Additionally, the lack of seamless data integration can lead to lower data quality, resulting in more false positives and less accurate threat detection."

Wei sees Stellar Cyber addressing the concern many organizations have about the cost and complexity of undertaking a shift to its Open XDR platform — by eliminating the need for an organization to migrate their data from an existing data lake that serves multiple functions. This improves their security team’s ability to detect, investigate, and respond to advanced threats while significantly reducing their financial burden, according to Wei.

Organizations using Splunk, Elastic Search, Snowflake, AWS, or any S3-compatible storage, can use the Stellar Cyber Open XDR platform to:

  • Integrate with all relevant security data sources, including but not limited to endpoint security, email security, identities/IAMs, firewalls, CASBs, SASEs, SaaS applications, etc. Any unnecessary data can be filtered out at the collection point to save processing resources and cost.
  • Normalize all data into a standard format and automatically enrich it with contextual information at data ingestion, enabling the purpose-built AI/ML models to analyze all data. Once processed, the data can optionally be routed to the data lake of the customer’s choice.
  • Apply all ingested data to automatically identify related security alerts across the entire environment using the Open XDR platform’s AI-based analysis engine.
  • Allow security analysts to detect threats quickly, to complete the investigation efficiently and to initiate fully automated response actions directly from Stellar Cyber while allowing the data to reside on the data lake.

How BYODL Improves Data Lake Solutions

A data lake is a centralized repository that stores structured, semi-structured and unstructured data at any scale, Stellar Cyber’s Steve Salinas, head of Product Marketing, explains in his blog. It allows organizations to store data in its raw format and apply various analytics and processing techniques to derive insights. Traditionally, cloud providers offer managed data lake solutions that come with predefined configurations and services, he said.

Salinas lists the reasons why BYODL can give organizations more control and flexibility over their data lake:

  1. Choose Tools and Services. Organizations can select the specific tools, technologies, and services they prefer to build and manage their data lakes. This could include storage solutions, data ingestion frameworks, analytics platforms, and more.
  2. Optimize for Requirements. Different organizations have varying data processing and analytics needs. BYODL enables customization of the data lake architecture to meet specific requirements such as performance, scalability, compliance, and cost-effectiveness.
  3. Integrate with Existing Systems. BYODL facilitates integration with existing IT infrastructure, applications, and data sources within the organization. This ensures seamless data flow and interoperability across different systems.
  4. Control and Security. Organizations can implement their own security protocols, access controls, and governance policies tailored to their data lake. This helps in ensuring data privacy, regulatory compliance, and protection against unauthorized access.
  5. Cost Management. By managing their own data lake, organizations can potentially optimize costs by choosing cost-effective storage solutions, efficient data processing frameworks, and scaling resources based on actual usage patterns.
Jim Masters

Jim Masters is Managing Editor of MSSP Alert, and holds a B.A. degree in Journalism from Northern Illinois University. His career has spanned governmental and investigative reporting for daily newspapers in the Northwest Indiana Region and 16 years in a global internal communications role for a Fortune 500 professional services company. Additionally, he is co-owner of the Lake County Corn Dogs minor league baseball franchise, located in Crown Point, Indiana. In his spare time, he enjoys writing and recording his own music, oil painting, biking, volleyball, golf and cheering on the Corn Dogs.

Related