Stellar Cyber, a provider of open security operations platforms, announced the advanced development of its Identity Threat Detection & Response (ITDR) capabilities. These enhancements are fully integrated into its open, unified, and AI-driven SecOps platform, aiming to provide security teams with identity-centric visibility and control without requiring additional tools.
Identity represents a primary attack surface in today’s cybersecurity landscape. According to Verizon’s 2024 Data Breach Investigations Report (DBIR), 70% of breaches began with compromised credentials. Furthermore, SecurityToday.com reported that 22% of confirmed breaches in 2025 originated from account compromise, highlighting identity-based threats as a prevalent and persistent attack vector for organizations. ITDR is increasingly adopted to detect and mitigate credential-based attacks. Common use cases for ITDR include detecting unusual access patterns or privilege misuse indicative of lateral movement or credential abuse, identifying login anomalies such as geographically impossible access attempts signaling account compromise, and monitoring privileged user behavior for large or unusual data transfers that may suggest malicious insider activity.
Stellar Cyber positions identity at the core of its threat detection strategy for security operations. By correlating identity signals with endpoint, network, and cloud telemetry, the platform aims to enable customers to identify threats early, develop defense strategies, and act decisively within a single unified console. “Identity is today’s battleground,” said Aimei Wei, Founder and CTO of Stellar Cyber. “We built ITDR into the core of our platform to give customers the full identity context they need—fused with all their other security data—to stop credential-based attacks in real time and move closer to autonomous response.”
Key capabilities of Stellar Cyber’s ITDR include unified identity visibility, ingesting data from identity tools such as Active Directory, Entra ID, and Okta without agents or add-ons. Its AI-Powered Detection leverages Multi-Layer AI™ and User and Entity Behavior Analytics (UEBA) to flag stealthy and brute force tactics like account takeover (ATO), multi-factor authentication (MFA) abuse, privilege escalation, brute force login, and lateral movement. The system provides real-time identity risk scoring, continuously evaluating users, service accounts, and machine identities to highlight top risks. Identity threats are seamlessly correlated into case timelines with endpoint, network, and cloud context. Instant remediation features allow analysts or automated playbooks to disable accounts, expire sessions, and isolate hosts with a single click or automatically via pre-built playbooks. Additionally, the platform offers audit-ready dashboards aligned with compliance frameworks such as PCI-DSS, HIPAA, and ISO 27001.
Subo Guha, SVP of Products at Stellar Cyber, commented, “Our customers are done with tool sprawl. They want outcomes—not another product to manage identity threats. ITDR is a key integral component in delivering on our vision of a human-augmented autonomous SOC: real-time identity defense built into the same platform they already trust.” The company emphasizes that its ITDR solution is integrated into its Open XDR platform, offering day-one value with deployment under an hour, baselining identity behavior in 24 hours, and surfacing actionable threats immediately. It is hybrid-ready, securing identities across SaaS, cloud, and on-prem environments, and vendor-agnostic, compatible with Microsoft Entra ID, Google, Okta, CrowdStrike, and Zscaler, among others. The unified detection and response capabilities allow for correlation of all threats into cases and identity threat movements, with automation for quick resolution.
