CISO Challenge #5
My current tools (e.g. IDS) create too many false alerts
The overload through false positives is a major concern of SOCs as they are spending time to investigate on issues with little or no relevance. In addition, relevant incidents risk to be overseen in the great number of alerts.
Exeon’s approach
- Aggregation of various data sources to increase the alert quality
- Holistic endpoint threat score
- Integration of existing sources/tools through API for additional data correlation
- Network zones can be prioritised / de-prioritised
Benefits for CISOs and security teams
- Less false alerts
- Focus of the SOC team on relevant incidents
- High alert quality and efficient handling relieving the security team
Why Global Organizations Love ExeonTrace
Comprehensive Visibility
Visibility into your entire IT/OT network and all its interfaces to identify vulnerabilities (exposed services, shadow IT etc.) and malicious attack patterns in real-time.
Unaffected by Encryption
Algorithms are unaffected by encrypted payloads since they are built to detect attack patterns based on metadata and not deep packet inspection.
Light-weight Log Data
Analysis of light-weight network log data instead of data-heavy traffic mirroring. Metadata can be exported from existing network sources (switches, firewalls etc.) without hardware sensors.
100% Swiss
As an established Swiss NDR solution, based on a decade of research at ETH Zürich, we maintain a high level of innovation and privacy, which is incorporated in our ExeonTrace platform.
