Stellar Cyber is expanding the capabilities of
MITRE ATT&CK Coverage Analyzer, a tool that the company launched last year to enable organizations to visualize and understand how changes in their data sources affects their ability to detect threats.
The goal was to allow security teams including MSSPs, CISOs, compliance teams, and insurance underwriters to understand their data source options and choose what works best to get the security coverage they need.
The San Jose, California-based vendor has introduced the latest iteration of Coverage Analyzer, with features that go beyond simply modeling the effect of changes, according to
Jeff Hill, global senior director for service providers and MSSPs at Stellar Cyber.
“The enhancements we’ve just introduced in the Coverage Analyzer are a direct response to a rapidly evolving threat landscape and customer demand for actionable insights,” Hill told MSSP Alert. “While AI is a major enabler of these new capabilities, the real driver is the shift happening across IT environments: the explosion of distributed infrastructure, hybrid workforces, and the complexity of securing both cloud and on-prem assets.”
Such changes “are stretching traditional SecOps models thin,” Hill said. “Customers need not just data, but context and prioritization. Our new analyzer turns raw detection telemetry into strategic, MITRE-aligned views that guide decision-making and reduce cyber risk.”
Adding to the Platform
Stellar Cyber initially rolled out the Coverage Analyzer as part of its
Open XDR [Extended Detection and Response] Platform to collect data source information and map it to threat detection capabilities to give a view of coverage based on the MITRE ATT&CK Framework, which is knowledge base of tactics and techniques used by bad actors.
Security teams or MSSPs could then use it to update the security coverage based on whether new data sources were added or eliminated.
New capabilities introduced in the Coverage Analyzer include dynamic detection posture mapping across data sources and custom alerts, architecture change simulations to model the return on new telemetry investments, percent-based scoring across MITRE ATT&CK tactics and techniques, and a recommendation engine for that evaluates coverage improvement based on cost, complexity, or impact.
It also can scale for enterprise environments and multi-tenant situations for MSSPs and create reports that can be used for board presentations, compliance audits, or cyber insurance underwriting.
Bolstering RiskShield
The new Coverage Analyzer is also a key enhancement of Stellar Cyber’s RiskShield program, a cyber insurance coverage initiative
introduced in October 2024, according to company executives. With the new capabilities, it can be used by cyber insurers and risk management partners as a key assessment tool, allowing them to use the Coverage Analyzer metrics to evaluate a company’s ability to detect threats and to quantify the insurable risk of an applicant.
It’s an important step at a time when cyber threats are growing in both numbers and sophistication, driving the
adoption of cyber insurance. The global market for cyber insurance is expected to grow from $20.88 billion last year to
$120.47 billion by 2032, according to analysts with Fortune Business Insights.
Hill said the introduction of Coverage Analyzer last year was “immediate and enthusiastic” among MSSPs, CISOs, and compliance officers, particularly in highly regulated industries like manufacturing, utilities and transportation, “where alignment with frameworks like MITRE is a challenge due to IT and OT gaps. Over the past year, we learned that customers wanted more than visibility, they wanted optimization.”
That feedback helped shape the roadmap direction for the tool, with the goal of making it more dynamic, interactive, and tightly integrated with Stellar Cyber’s unified SecOps platform, he said.
More on the Way
That trend will continue, Hill added.
“Without getting ahead of our official roadmap, what I can share is that the Coverage Analyzer is becoming more predictive and prescriptive,” he said. “Today, it shows you what you’ve got; in the future, it will help you understand what you’re missing and what to do next. Expect deeper integrations with risk quantification, automated detection gap identification, and AI-driven recommendations to tighten security posture across diverse environments.”
Stellar Cyber, which in April rolled out an
expanded partner program for MSSPs, is also looking at ways to map coverage dynamically to business impact and compliance frameworks, which he said will make it more relevant to executives and auditors, not just analysts. “As you can imagine, MSSPs love this aspect as they approach building relationships with consultative services at first,” Hill said.
