Stellar Cyber enhances identity security with ITDR capabilities

At the upcoming Black Hat USA 2025 in Las Vegas, Stellar Cyber will debut its Identity Threat Detection & Response (ITDR) capabilities, fully embedded into its open, unified, AI-driven SecOps platform.

See Identity Threat Detection & Response (ITDR) capabilities in action at Booth 5642, August 2–7, 2025, or book your meeting here.

ITDR marks a step forward on the journey to a human-augmented autonomous SOC, empowering security teams with identity-centric visibility and control—without requiring yet another tool or console.

Identity is the new perimeter of attack in cybersecurity: According to Verizon’s 2024 DBIR, 70% of breaches began with compromised credentials, and SecurityToday.com reports that 22% of confirmed breaches in 2025 originated from account compromise, making identity-based threats the most prevalent and persistent attack vector facing organizations today.

Common use cases driving the need for ITDR

Identity credentials are a primary attack surface in today’s threat landscape. To combat this threat, more organizations are turning to ITDR to help detect and mitigate credential-based attacks. Common use cases where ITDR plays a critical role include:

• Compromised user accounts: Detecting unusual access patterns or privilege misuse that may indicate lateral movement or credential abuse.
• Account takeover via impossible travel: Identifying login anomalies, such as geographically impossible access attempts, that signal potential account compromise.
• Insider data exfiltration: Monitoring privileged user behavior to flag large or unusual data transfers that may suggest malicious insider activity.

As identity continues to dominate the threat landscape, Stellar Cyber places it at the core of threat detections for security operations. By correlating identity signals with endpoint, network, and cloud telemetry, Stellar Cyber enables customers to see bad actors coming early, know how to defend, and act decisively, all within a single unified console.

“Identity is today’s battleground,” said Aimei Wei, CTO of Stellar Cyber. “We built ITDR into the core of our platform to give customers the full identity context they need—fused with all their other security data—to stop credential-based attacks in real time and move closer to autonomous response.”

Key capabilities: Identity-centric detection, response, and resilience

Stellar Cyber ITDR transforms identity security from reactive to proactive with:

• Unified identity visibility – Ingests identity data from your identity tools, either on-prem or SaaS, like Active Directory, Entra ID, Okta, and more—no agents, no add-ons.
• AI-powered detection – Multi-Layer AI and UEBA flag both stealthy and brute force tactics like ATO, MFA abuse, privilege escalation, brute force login, lateral movement, etc.
• Real-time identity risk scoring – Continuously evaluates users, service accounts, and machine identities to spotlight top risks.
• Seamless correlation – Identity threats are automatically integrated into case timelines with endpoint, network, and cloud context.
• Instant remediation – Analysts or automated playbooks can disable accounts, expire sessions, and isolate hosts with one click or automatically via pre-built playbooks.
• Audit-ready dashboards – Prebuilt reports aligned to PCI-DSS, HIPAA, ISO 27001, and other compliance frameworks.

“Our customers are done with tool sprawl,” said Subo Guha, SVP of Products at Stellar Cyber. “They want outcomes—not another product to manage identity threats. ITDR is a key integral component in delivering on our vision of a human-augmented autonomous SOC: real-time identity defense built into the same platform they already trust.”

Why customers choose Stellar Cyber ITDR

• No extra console – Built into the Open XDR platform under a single interface. You get all the enhancements of our Open XDR platform.
• Day-one value – Deploys in under an hour, baselines identity behavior in 24 hours, and surfaces actionable threats immediately.
• Hybrid-ready – Secures identities across SaaS, cloud, and on-prem environments.
• Vendor-agnostic – Works with Microsoft Entra ID, Google, Okta, CrowdStrike, Zscaler, and many others—no rip-and-replace required.
• Unified detection and response – ITDR is integrated into the Stellar Cyber platform, enabling you to not only identify identity-based threats, but also correlate all threat movements using powerful AI capabilities. Combined with automated response, this ensures rapid resolution of any attack.