CISO Challenge #6
I need to identify shadow IT
Keeping device inventories up to date is highly challenging considering the wide range of tools and devices used in modern enterprises. As a result, it’s highly likely that there’s a considerable number of shadow IT devices in the network. These devices can be an entry door for attackers, as they are often not maintained and thus not patched.
Exeon’s approach
- Existing CMDB can be integrated in ExeonTrace
- Correlation of your device inventory with network activity to identify active devices in the network
- Creation of a new device inventory based on network data flows [in preparation]
Benefits for CISOs and security teams
- Shadow IT detection
- No need to maintain a separate device inventory anymore [in preparation]
- Automated updates of the device inventory based on the network data flows [in preparation]
Why Global Organizations Love ExeonTrace
Comprehensive Visibility
Visibility into your entire IT/OT network and all its interfaces to identify vulnerabilities (exposed services, shadow IT etc.) and malicious attack patterns in real-time.
Unaffected by Encryption
Algorithms are unaffected by encrypted payloads since they are built to detect attack patterns based on metadata and not deep packet inspection.
Light-weight Log Data
Analysis of light-weight network log data instead of data-heavy traffic mirroring. Metadata can be exported from existing network sources (switches, firewalls etc.) without hardware sensors.
100% Swiss
As an established Swiss NDR solution, based on a decade of research at ETH Zürich, we maintain a high level of innovation and privacy, which is incorporated in our ExeonTrace platform.
