CISO Challenge #4

I need better threat detection than static IOCs

Static IOCs only detect already known malware. A bit more advance attackers actively avoid detection by IOCs and malware signatures by frequently changing their malware and command&control infrastructure. Thus, IOC-based detection is always one step behind.

Exeon’s approach

: ExeonTrace uses supervised and unsupervised machine learning models to detect suspicious behaviours. These behaviours typically stay the same, even when attackers change their malware or command&control infrastructure
: Typical detection pattern includes Internal reconnaissance, C&C channels, lateral movement, and data leakage
: IOCs can be correlated with the network data as well

Benefits for CISOs and security teams

: Avoid always being “one step behind attackers” thanks to machine learning-based detection that is much harder to avoid by attackers
: Higher threat detection accuracy

Future-proof NDR approach

Combining the best from traditional NDRs and SIEMs

ExeonTrace works with light-weight log data as SIEMs do, while traditional NDRs rely on traffic mirroring. For the data analysis, ExeonTrace provides specialised detection algorithms for network log data - like traditional NDRs.

Other challenges you might have:

CISO Challenge #1

I don’t know exactly what is happening in my network

More

CISO Challenge #2

Network traffic encryption makes my tools, which rely on deep packet inspection, become blind

More

CISO Challenge #3

Writing and maintaining SIEM use cases for network log data is cumbersome

More

Why Global Organizations Love ExeonTrace

Comprehensive Visibility

Visibility into your entire IT/OT network and all its interfaces to identify vulnerabilities (exposed services, shadow IT etc.) and malicious attack patterns in real-time.

Unaffected by Encryption

Algorithms are unaffected by encrypted payloads since they are built to detect attack patterns based on metadata and not deep packet inspection.

Light-weight Log Data

Analysis of light-weight network log data instead of data-heavy traffic mirroring. Metadata can be exported from existing network sources (switches, firewalls etc.) without hardware sensors.

100% Swiss

As an established Swiss NDR solution, based on a decade of research at ETH Zürich, we maintain a high level of innovation and privacy, which is incorporated in our ExeonTrace platform.