Open XDR Security Operations Platform Reviews & Product Details

As an SOC Analyst, I use the Open XDR Security Operations Platform daily to monitor, investigate, and respond to security incidents. What I like best is how it consolidates multiple data sources into a single, unified view. Instead of switching between different tools for endpoint, network, and cloud telemetry, I can correlate everything in one dashboard. This saves significant time during investigations and reduces alert fatigue.

The automated correlation engine is particularly valuable. It highlights relationships between alerts and helps prioritize true threats over noise. The built-in playbooks for response automation also make incident handling faster and more consistent. For example, I can automatically isolate a compromised endpoint or enrich alerts with threat intelligence without manual effort. Review collected by and hosted on G2.com.

The main drawback is that the initial setup and integration phase can take time, especially when connecting multiple third-party tools. Some dashboards can also feel slightly cluttered until they’re customized to match your team’s workflow. Despite this, once configured, the platform runs smoothly and significantly improves visibility and response efficiency. Review collected by and hosted on G2.com.

The thing I like best about Stellar Cyber is its ability to integrate a variety of connectors. There has been an instance where there are hesitations regarding its compatibility with what we used. But those were not an issue with this platform. Custom alerts and filters are also great because it gives us a more refined visibility on what's needed to focus on. It is also easy to implement and pretty straightforward. The dashboard is great for beginners because you can easily understand what you see. It doesn't look super technical unlike the other platforms related to Stellar Cyber. Review collected by and hosted on G2.com.

There are some bugs that makes it quite troublesome to use such as alerts that are already done and sometimes gets involved with the recent alerts when you're doing a bulk assignments. I figured that some workarounds for this is to uncheck the bulk assignments and redo the process. That way only the recent alerts will get involved. There are some cases that pop-up sometimes but no alerts generated but those are still bearable. Aside from these, the platform is great. Review collected by and hosted on G2.com.

The Stellar Cyber Open XDR platform's biggest feature is its open, vendor-agnostic architecture, which effortlessly interfaces with existing security products like SIEM, EDR, and NDR, allowing enterprises to improve detection and response without replacing their present investments. Also, It delivers full insight across networks, endpoints, the cloud, identities, and apps, offering analysts a 360-degree picture of their threat surface. It normalizes and enhances raw alerts using AI and ML correlation, resulting in high-fidelity incidents that greatly minimize alert fatigue and improve threat detection accuracy. Its automation features significantly reduce detection and reaction times, and built-in modules like as NDR, UEBA, and Threat Intelligence enhance security operations. It is cloud-native and scalable, so it readily adapts to hybrid environments and allows for flexible deployment. Review collected by and hosted on G2.com.

Integrating Open XDR Security Operations Platforms with current tools can be challenging, and tuning and maintenance call for qualified staff. If not set up correctly, they can also produce alert noise, which can wear out analysts. Some platforms still have limited interoperability despite being marketed as "open," and the ongoing infrastructure and management requirements can increase the total cost of ownership. Concerns are also frequently raised about speed problems, unnoticed vendor lock-ins, and less sophisticated reporting or visualization tools. Review collected by and hosted on G2.com.

The most I like about Open XDR is that I can integrate security solutions with different vendors Review collected by and hosted on G2.com.

Not all solutions have integrations yet and sometimes it needs a lot of time creating the integration. Review collected by and hosted on G2.com.

Very helpful for a SOC to monitor all the threats, malicious behaviour on a single pane of glass. with the help of ML/AI, the detection is more faster and accurate. the customer service is very responsive on every ticket. Review collected by and hosted on G2.com.

the integration on the other solutions, it might take lot of times when integrating to a new solutions on the market and need a skilled personel. Review collected by and hosted on G2.com.

The main advantage is that we can always say yes when it comes to integrating various SaaS, PaaS, IaaS and log sending sourced. Stellar offerings over 65 API connectors and hundreds of log parsers. Where it accels is the normalization of all that data. Review collected by and hosted on G2.com.

The reporting engine still has room for improvement though I know the product team has prioritized a complete retooling of the reporting engine. Additionally, the API is robust and allows us to extract data we need to generate the exact reporting we need with low effort. Review collected by and hosted on G2.com.

Integration with existing technologies that provides a complete landscape view of your technology stack.

This facilitates the ability to correlate seemingly unconnected events while reducing the dwell time between identifying and remediating cyber threats. Review collected by and hosted on G2.com.

All XDR platforms are not created equal and due diligence is required to identify those solutions solely leveraging and promoting proprietary, enhanced EDR feature sets.

An open XDR solution in this context should provide full integration (or make provisions) for the entire technology stack. Review collected by and hosted on G2.com.