The recent platform releases (6.5 and 6.6) help MSSPs and enterprise SOC teams accelerate investigations, improve detection fidelity, streamline response, and bring new telemetry online faster
Stellar Cyber, the full-cycle AI-native security operations platform company, announced continued momentum across Stellar Cyber 6.5 and 6.6. Together, the releases advance the company’s AI-driven, human-augmented SOC vision with governed AI workflows, improved Auto Triage visibility, sharper detections, stronger platform health monitoring, expanded integrations, and faster self-service data onboarding for MSSPs and enterprise security teams.
Also Read: CIO Influence Interview with Hugo Dozois-Caouette, CTO and Co-founder at MaintainX
“Customers and partners do not need more alerts or more disconnected tools. They need a platform that helps them detect faster, investigate with more context, bring new data online without friction, and act with confidence,” said Mayuresh Ektare, SVP Product Management, Stellar Cyber. “With 6.5 and 6.6, Stellar Cyber continues to close the loop between AI-assisted investigation, analyst oversight, and action-ready SecOps workflows – always with the human in the loop.”
Release Highlights
AI-Native SOC Workflows and Governed AI Access. Stellar Cyber 6.5 introduced Early Access support for the Stellar Cyber MCP Server, giving approved AI clients a governed way to connect to the platform through the Model Context Protocol. This helps customers bring AI into existing SOC workflows with case context, tenant awareness, and access controls instead of relying on disconnected assistants outside the analyst workflow.
Expanded Auto Triage Visibility and Actionable Outcomes. Stellar Cyber 6.6 extends Auto Triage by adding verdict visibility to the Alert Table and Threat Hunting views, including filterable verdict columns, and by adding a response action panel to the Auto Triage alert page. Analysts can see triage outcomes faster, filter by verdict, and act on results without unnecessary navigation.
Sharper Detection Fidelity Across Identity, Cloud, and Network. Across 6.5 and 6.6, Stellar Cyber extends detection coverage across identity, cloud, network, and application-driven threats. Updates include Successful Login After Brute Force, AWS Config detections, improved location-based fidelity scoring, customizable suppression for Impossible Travel and User Login Location anomalies, ASN enrichment, improved user counting for Microsoft Entra ID environments, and additional Microsoft Graph Security API alert integrations.
Stronger Platform Operations, Health Monitoring, and Automation Readiness. The releases add practical operational enhancements for SOC teams, including Dashboard Hub, temporary alert filters, improved ATH rule import/export, better playbook run timestamps, platform health monitoring via System Action Center, license enforcement and usage notification APIs, and improved troubleshooting context for automation condition evaluation.
Self-Serve Data Onboarding and Broader Ecosystem Coverage. Parser Studio, introduced in 6.5 through Early Access, gives teams a self-service workspace for creating, testing, and activating custom parsers. Stellar Cyber 6.6 adds more parser and connector coverage, selective parser port activation, Liongard, Ironscales, Check Point Smart-1 Cloud response actions, API token authentication for the Universal Webhook Responder, and additional built-in parsers for endpoint, DLP, database, WAF, web security, email security, and privileged access data sources.
Sensor, NDR, and Traffic Analysis Enhancements. Stellar Cyber continues to deepen network and sensor coverage with updates such as Azure VTAP documentation in 6.5, SMB session IDs, NFS file assembly for malware inspection, expanded Linux sensor support, DPI protocol bundle updates in 6.6, Suricata 8.0.1, and sensor security hardening for local service communications.
Catch more CIO Insights: What Does “Job-Ready” Really Mean in IT and Cybersecurity?
[To share your insights with us, please write to psen@itechseries.com ]
