Starlight AI-Driven Pervasive Breach Detection Solutions from Aella Data

Can you see pervasively throughout your environment?

Aella’s Starlight detects cyber breaches across the entirety of your network, regardless of its scale or complexity. When Starlight is deployed, it quickly establishes a baseline behavior model for your environment and automatically starts identifying anomalous behaviors and breach events. Its AI technology operates like an around-the-clock, autonomous virtual security analyst, ceaselessly monitoring and learning from your network. With each observation, it continues to refine its intelligence and predictive abilities. At the core of Starlight is its foundation on pervasive data collection and distributed security intelligence, key differentiators from other solutions.



Pervasive Breach Detection

Pervasive Breach Detection

Aella’s Starlight detects cyber breaches across your entire network, regardless of scale or complexity. When Starlight is activated, it quickly establishes a baseline behavior model for your specific environment and automatically starts identifying anomalous behaviors and breach events. Starlight’s advanced AI technology operates like an around-the-clock, autonomous virtual security analyst, ceaselessly monitoring and learning from your network. With each observation, it continues to refine its intelligence and predictive abilities. At Starlight’s core is its emphasis on pervasive data collection and its Distributed Security Intelligence™ architecture – key differentiators from other solutions.

Key Features

  1. Distributed, intelligent, lightweight sensors deliver pervasive coverage, eliminating all network blind spots.
  2. Collection, inspection, and correlation of data from many data sources including network, server, applications, events from security devices such as FW/IDS, and threat feeds.
  3. Starlight’s Distributed Security Intelligence™ architecture supports a broad range of detections at every phase of the cyber killchain.
  4. With Artificial Intelligence powered analysis, alert fatigue and false alarms are effectively eliminated.
  5. Starlight’s big data platform supports both real-time and historic analysis and detection.
  6. Get a 360° view of the attack surface on critical assets.
  7. Flexibly and rapidly deploy pervasively in any environment – physical, virtual, containerized, in private data centers, public clouds, and/or hybrid environments.

Aella For Containers

Ai-Driven Security For Containers

Container deployment is gaining popularity and according to research done by MarketsandMarkets, container monitoring is expected to grow from $169.6 million in 2017 to 706.2 million by 2022, at a Compound Annual Growth Rate (CAGR) of 33% during the forecast period. What this simply means is that organizations have a growing concern about container visibility. Aella has created the industries first AI-Driven Breach Detection System for container workloads. IT organizations can deploy a privileged container that has the ability to monitor network traffic flows to, from and between containers as well as identify up to 3,000+ network applications that may be in use by containers. Beyond monitoring traffic, Aella’s container solution can monitor the commands executed, processes launched and the files that are touched on the host serving the containers as well as within the container itself.
In addition to monitoring, the solution also detects breach attempts in real time. Rapid deployment is also a key feature and container monitoring can be centrally managed and pushed out to over 100,000 containers with the click of a button.


  • Centralized management
  • Easy deployment & integration with Kubernetes and Openshift
  • Centos, Ubuntu, Redhat and Docker compatible
  • Network, application, command, process, file and user monitoring
  • Breach detections across the entire cybersecurity kill chain
  • Artificial intelligence through machine learning identifies container anomalies

Aella For Public Clouds

AI-Driven Security for AWS

Do you know if your AWS servers are being attacked?

With public cloud services like AWS and Azure are becoming popular choices for applications, sensitive data such as customer or subscriber information become highly attractive targets for malicious actors. Weaknesses in cloud security leave customers more susceptible to attacks, and an AWS firewall is simply not enough to secure your servers.
Hackers routinely run port scans against servers hosted on public clouds. Once an open TCP or UDP port is discovered, they can gain access through brute force attacks or vulnerabilities in your application.
After intruders steal your information or turn the server into a bot under their command, the damage is irreversible. All of this can and does occur right under the nose of a simple public cloud firewall.
Aella’s Starlight platform detects intruders in minutes. Simply install our lightweight, software-only Aella Agents on your servers and thoroughly monitor network traffic, file access, processes, and command executions with ease.


  • Easy installation of Starlight platform within your AWS and Azure environment in minutes.
  • Full visibility of user logins and activities
  • Full visibility of command executions and processes on your servers
  • Full visibility of services running on the servers
  • Rapid identification of anomalous behaviors via machine learning.
  • Rapid detection of data exfiltration and other exploits from your servers
  • Single out the real threats with high fidelity alerts

Aella For Private Clouds

Aella For Virtualized Environments

Virtual environments have become the new norm for deploying servers, however the challenge of security visibility in this environment still exists. Deploying too many security tools in a virtual environment will consume too much resource and sending every single packet out to external security tools will have I/O and CPU utilization issues. Because of these problems, organizations are constantly challenged with how to scale breach detection across virtual infrastructures offered by VMWare, KVM and HyperV.

Aella’s Starlight solution solves these problems. By deploying a single data collector off of the mirror port of a virtual switch, within the environment, packets will be collected and converted to metadata in real time. The conversion of packets to metadata results in a 100 to 1 savings network bandwidth and improves performance by sending a reduced, yet complete amount of data to a centralized, yet distributed, data processor, security analyzer and machine learning engine.


  • Deployment in VMWare, KVM and HyperV environments
  • Discovery of over 3,000 applications
  • Converts raw packets to application aware metadata
  • Deployment integration with virtual environment orchestration tools
  • Lightweight application that consumes less than 5% of the environments total resources

Aella For SIEM

Data Pre-Processor for Elasticsearch and Splunk

Are you using Elasticsearch as a security logging platform?

Security information and event management (SIEM) systems are used to collect and store security events, mainly logs, in a centralized platform. After the events are aggregated, central analysis, reporting and attack detection can be conducted. However, since these products are usually targeted at large organizations with ample staffing and resources, they are complex to setup and expensive to maintain. Recently, Elasticsearch has emerged as an alternative to SIEM for log collection and storage. As an open source system, it is well-suited to the needs of organizations of any size.

With Starlight for SIEM, you can gain more visibility and utility out of SIEM investments such as Elasticsearch or Splunk. AellaFlow’s high performance metadata extraction enriches data with additional context from a wide variety of sources while dramatically reducing data volume. Deploy Aella in front of your SIEM infrastructure as a processor and enhancer to supercharge your data and conserve your SIEM resources.


  • Distributed, intelligent Aella agents capture server processes, command executions, application logs, network traffic, as well as user information
  • Extract network traffic metadata up to Layer 7 for over 3,000 applications
  • Local data correlation
  • Starlight Big Data Processor can enrich data further with threat intelligence, GEO-location, user name, and domain name, among others
  • Real time breach detection conducted by both agents and Big Data processor
  • Transport pre-processed, enriched data to Elasticsearch in lightweight JSON
  • Centralized management and control
  • Rapid deployment of agents

Aella for MSSPs

AI-Driven Multi-tenancy for MSSPs

Do you have enough security analysts on staff to monitor your customers networks?

An MSSP business that manages security for hundreds or thousands of customers must defend each network with vigilance. Yet, security analysts are as expensive as they are in demand, resulting in limited staff who are swamped with thousands of alerts on a typical day.

Improve business profit margins by hiring a virtual security analyst called Aella, which runs on the industry’s first multi-tenant, AI-driven breach detection platform for MSSPs. With Aella’s self-learning intelligence, security event analysis is conducted 24/7. MSSPs can augment the efficiency of their security operations staff, using Aella’s high fidelity analytics to enable staff to prioritize in their investigations and reduce response times.


  • Real-time monitoring and detection that runs 24/7, with additional retrospective investigation capabilities.
  • Reduce the time to detect anomalies and breach events from months to minutes.
  • A multi-tenant architecture designed to support MSSP-specific need
  • Flexible deployment of the Starlight platform in the MSSP’s own SOC or their customers’ cloud/data centers
  • Rapid deployment of Aella agent on their customers’ networks
  • Multi-tier, role-based access for MSSP administrators and tenant users
  • Receive alerts & reports via email, text or RESTFUL API updates
  • Sleek and modern UI with customizable dashboards

Aella for Deception

BlackHole Deception

Deploy honeypots and deception targets for breach detection using Starlight’s BlackHole Deception solution. Starlight makes the use of Multi-Machine Learning & Artificial Intelligence an first when it comes to honeypots & deception technology. When deploying the BlackHole Deception solution, organizations can lure hackers that have made their way into your network, into a fake server that appears to be vulnerable to attack. These fake servers are commonly referred to as “honeypots” and are a good way of identifying malicious actors within your environment. Aella’s honeypots are not like others seen in the industry. With our solution, we leverage complex Multi-Machine Learning and AI technology to find anomalous behavior being performed on the honeypots. This allows Starlight to see more breach attempts and detect things faster. Once a breach has been detected on a honeypot, a security analysis can take the necessary actions to hunt down the intruder and remove him from the network.


  • Centralized management with rapid, flexible deployment
  • Deploy single target honeypots, sophisticated honeynets, and deception
  • Complements anomaly detection on primary network assets
  • Artificial Intelligence driven deployment models
  • Fake & accessible network services that can cause no damage to real servers
Contact Us for more Information

Contact us via e-mail or online enquiry form and we will get back to you as soon as possible.