• HOME
  • CATEGORIES

    • CATEGORIES

    • Browse All Categories
  • FOR VENDORS

    • FOR VENDORS

    • Log In to Vendor Portal
    • Get Started
  • REVIEWS

    • REVIEWS

    • Write a Review
    • Product Reviews
    • Vendor Directory
    • Product Comparisons
  • GARTNER PEER COMMUNITY™
  • GARTNER.COM
  • Community GuidelinesListing GuidelinesBrowse VendorsRules of EngagementFAQPrivacyTerms of Service
    ©2026 Gartner, Inc. and/or its affiliates.
    All rights reserved.
  • Categories

    • No categories available

      Browse All Categories

      Select a category to view markets

  • For Vendors

    • Log In to Vendor Portal 

    • Get Started 

  • Write a Review

Join / Sign In
 in  Market

Reviews

in
0.0
0 Reviews
OverviewReviewsLikes and Dislikes

Ratings Overview

Review weighting

mail_outlineEmail Page
4.7
0 Reviews (All Time)

Rating Distribution

Distribution based on 0 ratings


Customer Experience

Evaluation & Contracting
4.6
 
 
 
 
 
Integration & Deployment
4.6
 
 
 
 
 
Service & Support
4.7
 
 
 
 
 
Product Capabilities
4.7
 
 
 
 
 

Overall experience with

How helpful reviews are selected


Favorable Review

5.0
February 12, 2026
Product: Open XDR Platform

Unified Visibility Enhances Monitoring While Dashboard Depth Could Be Expanded

Critical Review

2.0
February 17, 2026
Product: Open XDR Platform

Steep Learning Curve and UI Challenges Impact StellarCyber Open XDR Experience

Likes and dislikes about

likes

What stands out most about Stellar Cyber is how well it brings together data from different security tools into a single, easytouse interface. Instead of juggling multiple dashboards, alerts, and log sources, everything is consolidated in a way that makes sense for daytoday security operations. I especially appreciate how quickly the platform turns raw data into something analysts can act on. The event correlation and guided investigation views make it much easier to understand the context behind alerts without having to reverseengineer the story yourself. This saves a lot of time during triage and reduces the backandforth normally required in a SOC. Another aspect I like is the balance between automation and analyst control. Automated detection helps surface issues early, but the platform still gives you the freedom to dig deeper and validate findings instead of forcing a blackbox approach. It feels like a tool designed to support analysts rather than replace them. Overall, the best part of Stellar Cyber is how much it simplifies the workflow. It reduces noise, connects the dots between different systems, and makes investigations feel more structured and efficient.

February 12, 2026

dislikes

The user interface is extremely unfriendly to work with. For example, in the threat hunting view, the way to choose the date and time contains a slider for hours and minutes which is a poor choice of time selection. Then there are a number of little UI nuances like if you auto-size all the columns in a table (threat hunting, alerts, and cases) then switch to the next page it will reset your column sizes. The correlation engine doesn't always create a reliable case in terms of related telemetry. You might get a case for a Windows event log that contains a process creation for an abnormal parent/child process but then in the same case a DNS query to a website that hasn't been visited in over 300 days which are both completely unrelated. There are many limitations on how to search for telemetry in the system. For example, if you're trying to search for the network traffic surrounding a process you will have to be mindful of what indices you're looking at. If you select more than one indice while reviewing logs ie. traffic, windows logs, firewall logs etc. You will be limited to the last 24 hours. This is also the same when trying to compare the traffic that is being created by certain processes. What this means is that anything that requires multiple indices to investigate past 24 hours is going to take you significantly longer to correlate it together. When it comes to abnormal parent and child processes, there is no way for the Stellar system to track the storyline of process lineage. Your alert might have an abnormal parent of notepad.exe spawning a child process notepad.exe and the only way to find out the true parent is by searching potentially hundreds of logs manually just to find out that werfault.exe was the true parent that triggered the alert.

February 17, 2026

Powered by Google TranslateThis service may contain translations provided by Google. Google disclaims all warranties related to the translations, express or implied, including any warranties of accuracy, reliability, and any implied warranties of merchantability, fitness for a particular purpose and noninfringement. Gartner's use of this provider is for operational purposes and does not constitute an endorsement of its products or services.
Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.
This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.
  • Community Guidelines
  • Listing Guidelines
  • Browse Vendors
  • Rules of Engagement
  • FAQ
  • Privacy
  • Terms of Service
©
 
©