The Exeon Blog
Welcome to the Exeon Blog page! As a passionate, interdisciplinary team of data scientists, machine learning experts, white hat hackers, network security specialists and business professionals, we have diverse insights to offer on the complex topic of cybersecurity. Through regular contact and discussions with industry leaders and IT Security decision-makers, we want to transverse these insights into applicable and compelling Blog posts for the interested public. Enjoy our selection of the most recent Blogs below.
EnBW Cyber Security is partnering up with Exeon Analytics for managed service operations in Germany
The Swiss cybersecurity company Exeon Analytics and the German EnBW Cyber Security GmbH have reached an agreement under which EnBW Cyber Security will distribute the Network Detection & Response (NDR) solution ExeonTrace in Germany and use it as a technical solution for the customers of its Security Operation Centre (SOC).
My first month at Exeon – Michael Tullius, Sales Director Germany.
We usually write a lot about industry news and our cutting-edge Network Detection & Response solution, ExeonTrace. However, just as much can be said about our company's core: the Exeon Team. Since the beginning of the year, our has grown by over 35%, and we are ambitious to expand further in the future. With this mini blog series, our new colleagues will provide personal insights into working at Exeon and how they experienced their first days. In this blog post, we interviewed Michael Tullius, our Sales Director for Germany.
Exeon wins the PwC Cybersecurity & Privacy Solution of the Year Award
The Swiss security company Exeon Analytics was awarded the Cybersecurity & Privacy Solution of the Year Award sponsored by PwC at the Cyber Security Week in Luxembourg. A high-calibre jury awarded the prize to the Network Detection & Response (NDR) solution ExeonTrace for demonstrating excellence at all levels - from strategy to execution.
Why Cybersecurity Start-ups are winning the Innovation Race
In almost every industry, start-ups have an innovative edge over larger enterprises. European start-ups, in particular, are excelling as "innovation wunderkinds" in the B2B space. In the cybersecurity industry, scale-ups like Exeon Analytics are setting new standards for innovation-led growth and product development.
Reliable intrusion prevention even for encrypted network traffic and zero-day attacks
Zurich, September 22, 2022 - With ExeonTrace, the Swiss security company Exeon Analytics offers an intrusion detection solution that goes far beyond the capabilities of traditional intrusion prevention systems (IPS). In particular, ExeonTrace can detect zero-day attacks, against which IPS solutions cannot provide protection due to their signature-based detection. While such systems are suitable for automated detection and defense against known attacks, they must be complemented by other security solutions for comprehensive protection.
How Network Detection and Response (NDR) Fills the Security Gaps of Intrusion Prevention Systems (IPS)
Intrusion incidents have become very common in recent years, with widescale cyberattacks affecting organisations virtually every week. Threat actors are constantly trying to break into enterprise networks and compromise business assets. To prevent a breach from occurring, many companies employ Intrusion Prevention Systems (IPS). In order to identify and prevent threats, these solutions rely on signature-based detection, which allows for automatic intrusion detection. However, this approach can cause various blind spots and weaknesses in network protection. Network Detection and Response (NDR) can overcome these drawbacks for more reliable and holistic protection against intrusions.
Exeon: EDR needs NDR for comprehensive security
Swiss security company Exeon Analytics warns against relying only on traditional endpoint detection and response (EDR) solutions to secure endpoints. Numerous endpoints in modern, hybrid networks do not support the agents needed to do so, and where such agents are running, they can potentially be leveraged and disabled by sophisticated attacks. In addition, because of the trend toward home working and BYOD (Bring Your Own Device), IT and security teams often do not have access to privately owned employee endpoints that may also be used by additional family members.
Exeon featured as a top network security provider
ExeonTrace, our future-proof Network Detection & Response platform, has been recognised as one of the best network security providers by Cybernews. ExeonTrace is an AI-driven network analysis solution that can detect and eliminate sophisticated cyberthreats before they cause any harm to organisations.
Exeon revolutionises NDR through metadata analysis
With the analysis of metadata instead of the otherwise common Deep Packet Inspection (DPI), the Swiss cybersecurity company Exeon Analytics is establishing a modernised and future-proof Network Detection & Response (NDR) solution in the European market. The metadata analysis is - in contrast to the established DPI-based procedures - not affected by encrypted data traffic. This is relevant as modern cyber attacks such as APTs, ransomware and lateral movements rely heavily on encrypted communications for attack instructions from remote command and control (C&C) servers
My internship at Exeon – Louis Leclair, Back-End Developer Intern
We usually write a lot about industry news and our cutting-edge Network Detection & Response solution, ExeonTrace. However, just as much can be told about our company's core: the Exeon Team. In the first few months of 2022, our team grew by over 30%, and we are ambitious to expand even further in the future. With this mini blog series, our talented colleagues will provide personal insights into working at Exeon. In this blog post, we asked Louis Leclair, our backend development intern, to tell us about his 6-months long internship at Exeon.
Exeon Analytics appoints Michael Tullius as Sales Director Germany
Swiss network detection and response (NDR) vendor Exeon Analytics is strengthening its commitment to the German market and has brought Michael Tullius on board as Sales Director Germany, an experienced security expert.
Exeon recommends consistent monitoring of third-party applications
The Swiss IT security company Exeon Analytics warns against trusting third-party applications unconditionally, regardless of whether they are contract developments or standard solutions from renowned manufacturers. The problem with such applications is that they often require extensive authorisations or receive them unnecessarily. At the same time, such third-party software usually acts as a black box without transparency into the individual actions or data streams.
Managed Security Services with Ensec and Exeon
Due to complex and distributed IT processes, rising personnel costs and an increasing need for IT security solutions, more and more companies are opting for Managed Security Services (MSS). In this case, an IT service provider takes over the development and operation of a suitable, individually adapted security architecture consisting of individual IT security services. However, there are significant differences between the individual Managed Security Service Providers (MSSP). To better understand what distinguishes the MSS offering of our successful partner Ensec, we asked its CTO Rolf Scheurer for an interview.
Why Organisations Need Both EDR and NDR for Complete Network Protection
Endpoint devices like desktops, laptops, and mobile phones enable users to connect to enterprise networks and use their resources for their day-to-day work. However, they also expand the attack surface and make the organisation vulnerable to malicious cyberattacks and data breaches.
My first month at Exeon - Noè Canevascini, Recruitment intern and IT support.
We usually write a lot about industry news and our cutting-edge Network Detection & Response solution, ExeonTrace. However, just as much can be told about our company's core: the Exeon Team. In the first few months of 2022, our team grew by over 30%, and we are ambitious to expand even further in the future. With this mini blog series, our talented new colleagues will provide personal insights into working at Exeon and how they experienced their first days. In this first blog post, we interviewed Noè Canevascini, our new Recruitment and IT support intern.
Ransomware and the Need for NDR to Provide Robust Protection
Ransomware is one of the most worrying cybersecurity threats for organisations worldwide. In February 2022, the Cybersecurity and Infrastructure Security Agency (CISA) issued a Cybersecurity Advisory cautioning organisations against the "increased ransomware threat" in 2022. Without proper security controls in place, any organisation is vulnerable to the catastrophic impact of ransomware attacks.
Exeon simplifies the deployment of Network Detection and Response
Swiss IT security company Exeon Analytics has enhanced the ExeonTrace NDR platform with cloud connectivity and new anomaly handling functionalities. The latest release significantly simplifies both the deployment and seamless operation of NDR in on-premise, cloud and hybrid environments. Like its predecessors, the current release is completely software-based and, unlike traditional solutions, does not require any additional hardware, reducing not only investments but also operating costs. The evolved architecture of the current version of ExeonTrace allows analysts to tailor the solution to their environment at the click of a button, and provides a flexible platform for deploying sophisticated and high-performance AI algorithms for intelligent detection of current threats, including zero-day exploits.
Severe vulnerability in the Spring Framework
Compromised servers are likely to be used as relays and as an entry point for various attacks against corporate networks, such as ransomware attacks. Besides relying on ExeonTrace’s automated detection, Exeon’s customers can retrospectively check the network behaviour of potentially vulnerable servers using the “Client server pairs” visualization, as outlined in our previous post on the detection of Log4j. The ExeonTrace NDR solution itself doesn’t use Spring and is therefore unaffected by the vulnerability.
Third-party cyber risks – and how ExeonTrace can provide complete system transparency
Modern networks have a multitude of third-party systems in use. Consequently, third-party applications have become a security-relevant priority in order to protect one's network. Security teams require complete transparency over their IT/OT network.
ISPIN expands its Managed Security Services with Exeon Analytics
Zurich/Bassersdorf, 15.02.2022 - ISPIN is now working with cybersecurity company and ETH spin-off Exeon Analytics to expand its Managed Security Services with the Network Detection & Response (NDR) platform ExeonTrace. Customers now benefit from Exeon's advanced network analytics as well as individual consulting and support from ISPIN's experienced cybersecurity experts.
Network Detection & Response establishes itself as central cybersecurity pillar
"Network Detection & Response" has quickly established itself as the leading method for identifying hackers in networks at an early stage, before they cause any damage. Network Detection & Response" is thus becoming an increasingly central pillar of a modern cybersecurity architecture. The Swiss provider Exeon Analytics AG alone has tripled its customer base over the past year.
Deep Packet Inspection vs. Metadata Analysis of NDR solutions
Today, most Network Detection and Response solutions rely on traffic mirroring and deep packet inspection (DPI). Traffic mirroring is typically deployed on a single core switch to provide a copy of the network traffic to a sensor which uses DPI to thoroughly analyse the payload. While this approach provides detailed analysis, it requires large amounts of processing power and is blind when it comes to encrypted network traffic. Metadata analysis has been specifically developed to overcome these limitations. By utilising metadata for analysis, network communications can be observed at any collection point and be enriched by information providing insights about encrypted communication.
Threat Hunting and Detection of the Log4j Exploit using the ExeonTrace NDR - Part II
In this blog post, we explain how to work with threatfeeds in ExeonTrace for the detection of devices compromised through the Log4j vulnerability. Our first blog post provides you with more technical background information.
Threat Hunting and Detection of the Log4j Exploit using the ExeonTrace NDR
The remote code execution vulnerability against Apache Log4j2 [https://nvd.nist.gov/vuln/detail/CVE-2021-44228] is one of the most severe vulnerabilities we have seen for a long time. It’s so severe because the vulnerability is very easy to exploit and the Log4j logging library is used by many Java applications. Thus, one must assume that nearly any larger organization is potentially affected, either due to software developed in-house or via Java software provided by suppliers. After giving some background, we’ll explain how one can identify exploited systems using our ExeonTrace NDR software in this blog post.
NDR Evaluation Criteria
An NDR solution allows an enterprise to strengthen its security defence against advanced cyberthreats and other non-malware attacks. As more enterprises opt to leverage cloud technologies and IoT devices in their IT environment, having an NDR solution is a must for any company that wants to become cyber resilient in today's information age.
The importance of Diversity in Cybersecurity
Women are significantly underrepresented in cybersecurity. Even though this trend is shifting, today, women only represent about a quarter of the cyber workforce. Considering the explosive growth and consequential talent shortage in cybersecurity, it is crucial to encourage more women into the cyber industry.
SOC Visibility Triad and the role of NDR solutions
Boosted by the continual advancement of digital technologies, cyberattacks are increasing in number and sophistication. The variety of legacy and modern IT systems in use, the interconnection of appliances (that used to run isolated), and the vast number of third-party suppliers are increasingly challenging to holistically protect the IT landscape.
Why ExeonTrace is the NDR of choice for CISOs of industry-leading companies across Europe
Corporate IT networks are the foundation of today's information age and protecting them is a crucial element to ensure the proper functioning of IT solutions. As most organisations become heavily dependent on computer networks to facilitate work operations, a disruption in network service can have catastrophic consequences on the affected entity.
How does the analysis of existing network log data secure your IT infrastructure?
We are often asked what exactly differentiates ExeonTrace from other Network Detection and Response (NDR) solutions. Our numerous conversations with security professionals show they find ExeonTrace’s data analysis approach most convincing.
The Importance of an NDR Solution to Early Detect Supply Chain Attacks in Corporate Networks
Digital transformation has witnessed a boost in recent years, especially in the wake of the COVID19 pandemic, which accelerated the adoption of digital technologies by several years in just a few months. Integrating digital technology in business has brought significant benefits. However, it also opened the door wide for new security risks and vulnerabilities.
IS4IT and Exeon Analytics AG agree on service partnership
IS4IT Group, a leading provider in the field of cyber security, and the Swiss security expert Exeon Analytics, headquartered in Zurich, have concluded a joint service partnership. The company will provide service and support in Germany for Exeon. The two providers signed a corresponding agreement in June.
NDR: The new pillar of cybersecurity
Prevention and protection are still considered the means of choice when safeguarding one's own IT systems. However, the fact that this approach is not sufficient can now be read almost daily in the media. Current cases such as the attack on Microsoft Exchange, Colonial Pipeline in the United States or, most recently, Siegfried in Switzerland illustrate the dangers: Business interruptions, loss of trust among customers and partners, product defects or legal consequences.
Next-Gen Network Detection & Response
The average cost of a data breach is a whopping €3.18 million (or $3.86 million at the time of writing this article). As intruders on enterprise networks increased dramatically, it’s now critical to detect and eliminate threats before any real damage is done. This makes robust Network Detection and Response (NDR) vital to cyber security.
Attack on MS Exchange Server: BSI declares "red" alert for the first time in seven years
Cyber attacks are becoming more frequent and more serious. The most recent example is the worldwide attack on Microsoft's Exchange Server: In March, hackers infiltrated the system via four security holes. This allowed them to log in as administrator without a password and thus read emails or access passwords and devices of their victims in the network. An estimated 250,000 systems were affected - 30 per cent of them in the DACH region. The fact that so many companies in German-speaking countries fell victim to the attack is no coincidence. In many places the necessary security awareness is still lacking.
Swiss cyber security company Exeon accelerates European Go-to-Market
The Swiss cybersecurity provider Exeon Analytics AG has set itself the goal of becoming the leading "network detection and response" provider in Europe. Well-known investors see the potential of the Swiss solution and support the project with know-how and funds amounting to more than CHF4 million. The ETH spin-off Exeon already has a wide customer base in Switzerland, including two of the five largest Swiss banks and well-known logistics companies. The first major customers have also already been acquired in Germany and Austria.
Visibility NOW - complete visibility of network activities, faster than ever before
Cyber attacks are becoming more and more frequent and the damage caused to companies is correspondingly greater. Exposed entry points for hackers (Microsoft Exchange, SolarWinds, etc.) are just the tip of the iceberg. Phishing activities on employees are also becoming increasingly sophisticated. In short, whether hackers are active in your network is only a matter of time - if they're not already in it. Fast, reliable and holistic network monitoring for early detection of anomalies is therefore more important than ever.
How ExeonTrace can help detect the Microsoft Exchange hack
More than hundreds of thousands of Microsoft Exchange servers have been hacked globally, whereas the DACH region seems to be highly affected. This article explains how ExeonTrace can help to detect the intrusion through automated and manual network analysis.
Cyberattack on Swiss fintechs: surveillance can prevent fatal consequences
Zurich, February 15, 2021 - Various media are reporting today on a warning from the cybersecurity company Eset. The latter had reported that the hacker group "Evilnum" has been targeting Switzerland fintech companies since December 2020. With so-called spear phishing emails, i.e. attacks against selected targets in the company, recipients are to be tricked into clicking on a link to a ZIP file and extracting it.
Exeon strengthens Executive Team with experienced Chief Marketing Officer
Exeon is expanding its Executive Management with an experienced Chief Marketing Officer. Gregor Erismann, who will take up the position on February 1, 2021, was previously a member of the Executive Board and CMO of the digital agency Namics. With this move, Exeon strengthens its Go-to-Market with the aim of becoming Europe's leading provider of Network Detection & Response solutions.
Detecting the highly evasive Sunburst attack using an (old) ML model
A wide-spread cyber-attack against multiple government agencies, critical infrastructure providers and private sector organizations such as FireEye was made public this December. The attackers breached their victims' IT networks by compromising the software supplier SolarWinds, which allowed them to install a Remote Access Trojan (RAT) through SolarWinds' software update mechanism. In this blog you learn how ML-based detection mechanisms contain such attacks before signatures or Indicators Of Compromise (IOCs) are publicly known.
Cyber attacks threaten financial stability
The global financial stability is increasingly at risk thorugh cyber attacks, claims the IMF according to a recent report. The authors argue that cyber attacks become easier to undertake, increasingly sophisticated and, as an effect, much more prevalent.
XDR – A new weapon in the fight against cyber threats
Today, companies collect huge amounts of security-relevant data for cyber monitoring. But the problem lies in efficiently analyzing this data - especially across different data sources. Extended Detection and Response (XDR) reveal new possibilities with the help of AI.
Prevention is only half the battle
When a company realizes that its protection concept has failed, it is often already too late. What to do? The Network Detection and Response (NDR) concept offers a new arsenal for cyber defense. Cybersecurity has so far been focusing on preventive measures. Once an attacker managed to get past these measures, the company network lays defenseless in front of them. Today, thanks to AI-supported network monitoring, such attacks can now be stopped, before it is too late.
Detect and eliminate cyber threats before damage occurs
In this interview, originally published by IT-markt, our CEO and Founder David Gugelmann talks about how Exeon strengthens the cybersecurity within companies with our AI-supported network monitoring.
Exeon takes the next step towards a comprehensive cybersecurity offering
Exeon extends the ExeonTrace detection & response solution. ExeonTrace can now evaluate network, system and application log data for AI-supported detection of cyber threats. ExeonTrace automatically links this data and provides the analyst with an overall view.
Exeon is featured in the latest issue of Handelszeitung
Read full article of “Digital Watchdog: Exeon Analytics’ software raises alarm when cybercriminals hack a network.” Discover how criminals target the IT infrastructure of a state or a company through an advanced persistent threat (APT) and how Exeon’s alarm system which is designed purely as a software-as-a-service (SaaS) solution protects leading companies.
Exeon amongst the Top 5 Swiss Startups
Every year the crème de la crème of the Swiss Start-up scene meets in Zurich for the annual Swiss Startup Award ceremony. What a night! We are thrilled to be named among the Top 5 Swiss startups by the industry event of the year: Top 100 Swiss Startup Award. A big thank you to our customers, team and investors for their ongoing trust and support.
Switzerland is becoming a leading player in cybersecurity technologies
Smart Cyber Security made in Switzerland! That is what Exeon stands for. Thanks to DreamLab, Datastore AG and Swiss Cyber Security Days for making the diversity of Swiss Cybersecurity solutions visible! Check out the Swiss Cybersecurity Start-Up Map.
Zurich as a cybersecurity Hotspot?
The expert panel consisting of SIX, Cyverse and Exeon Analytics agree: Yes! For our CEO David Gugelmann the main competitive advantage of Zurich is clear: “Zurich is home to engineers who have received a world-class education.” Read the whole article or re-watch the webinar in the following link.
HZ Interview, "How the startup Exeon gets through the corona crisis"
David Gugelmann, CEO & Founder of Exeon Analytics in the Podcast "upbeat" of HZ handelszeitung.ch/upbeat. Interview also available in Apple Podcast and Spotify (video and article in German).
The March issue of the BILANZ business magazine contains an exciting article about Exeon and our CEO aka "Crime-Stopper" David Gugelmann. You can read the article in the following link
Exeon Analytics’ contribution to the NATO Cyber Defense Conference (CyCon 2019). Our research paper “Detection of Malicious Remote Shell Sessions”, to which researchers from ETH Zürich, Kudelski Security, armasuisse W+T and Exeon Analytics contributed, has been presented at this year’s CyCon. The publication is available in the following link.
Winner of the Kapsch Factory1 Program
We are proud to be winner of the factory1 program and are very happy to push forward our international expansion with Kapsch Group, a leading operator of critical infrastructure networks.
Interview with Swisscom Startup Challenge Alumni
Swisscom interviewed the StartUp Challenge alumni Exeon Analytics, Dotphoton and AAAccell. You can find the article in the following link.