ExeonTrace vs. Darktrace
Smarter Network Detection Without Blind Spots
Darktrace relies on data-heavy traffic mirroring and deep packet inspection for its network analytics. Consequently, dedicated tapping/hardware sensors need to be installed and customers must provide terabits of mirrored packet payloads, whose analysis requires significant processing power.
Since these payloads are increasingly encrypted, Darktrace is limited in its analysis capabilities and has to resort to metadata analysis. Additionally, Darktrace can only analyze network data transmitted over the core-switch, leaving significant blind spots.
Capabilities
Powerful Machine Learning algorithms
ExeonTrace is equipped with supervised and unsupervised machine learning algorithms designed to analyse billions of network connections and detect sophisticated cyberattacks, such as APT, ransomware and lateral movement.
Darktrace applies both supervised and unsupervised appliance-based machine learning algorithms, which are limited by system resources.
Metadata analysis, unaffected by encryption
ExeonTrace’s specialised algorithms were specifically built for the analysis of metadata and thus are completely unaffected by encrypted network traffic and increasing bandwidths.
Darktrace relies on deep packet inspection of mirrored packed payloads; however, as payloads are increasingly encrypted, this significantly limits their analysis capabilities.
Holistic visualisation of IT network
ExeonTrace provides complete visibility into all network communications passing through any physical, virtualised or cloud networks.
Darktrace only provides visibility into network traffic that is transmitted over the core-switches, which support traffic mirroring.
Analysis of light-weight log data: no traffic mirroring, no additional hardware
ExeonTrace relies on the analysis of light-weight network log data instead of data-heavy traffic mirroring. Metadata can be exported from existing network infrastructure (firewalls, virtual/core switches, DNS, secure web gateways, clouds) without any hardware sensors.
Darktrace relies on data-heavy traffic mirroring as a source for network analytics, meaning the customer must provide terabits of mirrored packet payloads. In today’s high-bandwidth networks, this approach requires dedicated tapping or mirroring infrastructure to the hardware NDR sensors.
Efficient Log data storage – minimal storage needs with full data control
ExeonTrace stores historical data for later inspection in graph databases and reduces input log data by a factor of 100, making it optimal for high-bandwidth networks.
Darktrace’s deep packet inspection and storage of historical data requires a tremendous amount of processing power and storage space, which can significantly hinder network performance.
Why Global Organizations Love ExeonTrace
Comprehensive Visibility
Visibility into your entire IT/OT network and all its interfaces to identify vulnerabilities (exposed services, shadow IT etc.) and malicious attack patterns in real-time.
Unaffected by Encryption
Algorithms are unaffected by encrypted payloads since they are built to detect attack patterns based on metadata and not deep packet inspection.
Light-weight Log Data
Analysis of light-weight network log data instead of data-heavy traffic mirroring. Metadata can be exported from existing network sources (switches, firewalls etc.) without hardware sensors.
100% Swiss
As an established Swiss NDR solution, based on a decade of research at ETH Zürich, we maintain a high level of innovation and privacy, which is incorporated in our ExeonTrace platform.
Dramatically reduce false alerts thanks to advanced detection
Exeon’s future-proof next-generation NDR solution takes a different approach. ExeonTrace relies on the analysis of light-weight log data, which can be exported from existing network infrastructure (Core Switches, Virtual Switches, Cloud logs, Firewalls etc.). Consequently, ExeonTrace’s algorithms require no hardware sensors, are unaffected by encryption and require minimal storage needs (data volume reduced by a factor of 100). All while providing complete visibility into all IT/OT network data and flows; this includes monitoring all connection points (on-premise and cloud) in an intuitive GUI.
Christian Keller
CISO, SWISS Airlines
As the Swiss national airline, we are driven by a passion for exceptional performance, in the spirit of our guiding principles. A stable and secure IT is the most important basis for an excellent customer service. For the security of SWISS IT, we use Exeon as a central cybersecurity tool, fully managed by our long-term partner Reist Telecom AG. A perfect combination and solution to monitor our network and quickly detect any kind of anomalies.
Head IT Security
PostFinance AG
PostFinance has chosen ExeonTrace because of its open and future-proof architecture. Not needing any hardware sensors and being able to control data flows, we didn’t have to make any significant changes to our existing infrastructure. We are also convinced by the cooperation with the competent and technically outstanding Exeon team.
Nils Planzer
CEO & Owner, Planzer
As CEO and owner of a fast moving logistics company, I cannot afford any system interruptions due to cyber incidents. With ExeonTrace, we have found a Swiss solution to monitor our network and quickly detect cyber threats.
Why our customers continue to choose us over traditional NDR providers:
Supervised & Unsupervised ML algorithms
ExeonTrace is equipped with supervised and unsupervised machine learning algorithms designed to analyse billions of network interactions and detect sophisticated cyberattacks, such as APT, ransomware and lateral movement.
Metadata analysis unaffected by encryption and increasing bandwidths
Unlike NDR providers relying on deep packet inspection, ExeonTrace is entirely unaffected by traffic encryption and increasing bandwidths since its algorithms were specifically built for the analysis of metadata.
Holistic visibility into entire IT/OT network
By relying on Metadata Analysis, ExeonTrace provides complete visibility into all network communications passing through any physical, virtualised or cloud networks.
Analysis of light-weight log data
Analysis of light-weight log data (NetFlow/sFlow/syslog) instead of data-heavy traffic mirroring. Metadata can be exported from existing network sources (switches, firewalls etc.) without hardware sensors.
Efficient log data storage
By reducing input log data by a factor of 100, our specialised algorithms support light-weight storage of historical data for later inspection, making ExeonTrace optimal for high-bandwidth networks.