CISO Challenge #4

I need better threat detection than static IOCs

Static IOCs only detect already known malware. A bit more advance attackers actively avoid detection by IOCs and malware signatures by frequently changing their malware and command&control infrastructure. Thus, IOC-based detection is always one step behind.

Exeon’s approach
Exeon’s approach

ExeonTrace uses supervised and unsupervised machine learning models to detect suspicious behaviours. These behaviours typically stay the same, even when attackers change their malware or command&control infrastructure
Typical detection pattern includes Internal reconnaissance, C&C channels, lateral movement, and data leakage
IOCs can be correlated with the network data as well
Benefits for CISOs and security teams
Benefits for CISOs and security teams

Avoid always being “one step behind attackers” thanks to machine learning-based detection that is much harder to avoid by attackers
Higher threat detection accuracy

Future-proof NDR approach

Combining the best from traditional NDRs and SIEMs

ExeonTrace works with light-weight log data as SIEMs do, while traditional NDRs rely on traffic mirroring. For the data analysis, ExeonTrace provides specialised detection algorithms for network log data - like traditional NDRs.

pic ciso challenge

Other challenges you might have:

Unique benefits of ExeonTrace

Comprehensive visibility

Comprehensive visibility

Visibility into your entire IT/OT network and all its interfaces to identify vulnerabilities (exposed services, shadow IT etc.) and malicious attack patterns in real-time.

Not affected by encryption

Not affected by encryption

Algorithms are unaffected by encrypted payloads since they are built to detect attack patterns based on metadata and not deep packet inspection.

Light-weight log data

Light-weight log data

Analysis of light-weight network log data instead of data-heavy traffic mirroring. Metadata can be exported from existing network sources (switches, firewalls etc.) without hardware sensors.

Developed in Switzerland

Developed in Switzerland

As an established Swiss NDR solution, based on a decade of research at ETH Zürich, we maintain a high level of innovation and privacy, which is incorporated in our ExeonTrace platform.