Partnerships

Careers & Development

Compliance

Events & Awards

OT Security

Machine Learning

Explore the concept of IT-OT convergence and its impact on enterprises: learn about IT/OT integration, its benefits, types, and security challenges, followed by strategies for a holistic cybersecurity approach to enhance operational efficiency and resilience.

Live the IT/OT Convergence, Enhance Security!

The average cost of a data breach is a whopping €3.18 million (or $3.86 million at the time of writing this article). As intruders on enterprise networks increased dramatically, it’s now critical to detect and eliminate threats before any real damage is done. This makes robust Network Detection and Response (NDR) vital to cyber security.

Next-Gen Network Detection & Response

Ransomware is one of the most worrying cybersecurity threats for organisations worldwide. In February 2022, the Cybersecurity and Infrastructure Security Agency (CISA) issued a Cybersecurity Advisory cautioning organisations against the "increased ransomware threat" in 2022. Without proper security controls in place, any organisation is vulnerable to the catastrophic impact of ransomware attacks.

Ransomware and the Need for NDR to Provide Robust Protection

IT security managers rely on Zero Trust, but its practical effectiveness is being challenged by Advanced Persistent Threats worldwide – read about effective security strategies by Klaus Nemelka.

Network Detection & Response (NDR): The Silent Champion of Zero Trust Security

The Vulnerability of Zero Trust: Lessons from the Storm 0558 Hack

Boosted by the continual advancement of digital technologies, cyberattacks are increasing in number and sophistication. The variety of legacy and modern IT systems in use, the interconnection of appliances (that used to run isolated), and the vast number of third-party suppliers are increasingly challenging to holistically protect the IT landscape.

SOC Visibility Triad and the role of NDR solutions

Is your OT security really cyber threat proof? Read about the optimal solution against hackers in OT, thanks to metadata analysis and deep packet inspection.

OT Security by Philipp Lachberger on the Exeon Blog

How Network Detection & Response (NDR) Monitors OT Environments

Discover why 44% of organizations plan to replace SIEMs in 2025, and how Network Detection and Response (NDR) enhances SOCs with advanced threat detection, cost efficiency, and scalability. For more about how to extend the effectiveness of your SOC, watch the following recorded webinar.

Who is improving modern SOCs? SIEM vs NDR

Our Professional Services Engineers explain all about their exciting roles as we are looking to hire an additional PS engineer to protect more and more enterprise networks from cyber threats.

Harald Beutlhauser on what it means to be a PS Engineer in cyber security

A Day in the Life of a Security Engineer

From all types of ransomware to their devastating impact on businesses, read about how to protect your organization and which solutions keep your network hacker-free.

Ransomware Protection: How to Protect Your Business from Cyber Extortion

Discover how to strengthen your SOC's defenses by overcoming common deficiencies like incomplete visibility, log analysis challenges, and slow incident response. With advanced analytics, machine learning, and seamless threat intelligence integration, NDR is a comprehensive solution to evolving cyber threats. Is your security team ready for the cyber challenges ahead?

Major SOC Mistakes and What You Can Do to Avoid Them

Endpoint devices like desktops, laptops, and mobile phones enable users to connect to enterprise networks and use their resources for their day-to-day work. However, they also expand the attack surface and make the organisation vulnerable to malicious cyberattacks and data breaches.

Why Organizations Need Both EDR and NDR for Complete Network Protection

Read about the pros and cons of the multi and single-vendor approaches, why the best-of-breed strategy may be the securest way and how to maximize corporate cybersecurity. Klaus Nemelka touches on various integrations around SIEM, EDR, NDR and more!

Best-of-Breed Done Right

A wide-spread cyber-attack against multiple government agencies, critical infrastructure providers and private sector organizations such as FireEye was made public this December. The attackers breached their victims' IT networks by compromising the software supplier SolarWinds, which allowed them to install a Remote Access Trojan (RAT) through SolarWinds' software update mechanism. In this blog you learn how ML-based detection mechanisms contain such attacks before signatures or Indicators Of Compromise (IOCs) are publicly known.

Detecting the highly evasive Sunburst attack using an (old) ML model

The updated Directive on Security of Network and Information Systems (NIS) presents numerous challenges for critical infrastructure operators, particularly in terms of complying with the new requirements and adapting to the evolving cybersecurity landscape. CCO Gregor Erismann provides corporations with critical details about the new EU-wide cybersecurity legislation.

NIS2 Guide: Network Monitoring for Critical Infrastructure

Navigating the Impact of NIS2 on Network Monitoring for Critical Infrastructure: A Comprehensive Guide

Today, companies collect huge amounts of security-relevant data for cyber monitoring. But the problem lies in efficiently analyzing this data - especially across different data sources. Extended Detection and Response (XDR) reveal new possibilities with the help of AI.

XDR – A new weapon in the fight against cyber threats

More than hundreds of thousands of Microsoft Exchange servers have been hacked globally, whereas the DACH region seems to be highly affected. This article explains how ExeonTrace can help to detect the intrusion through automated and manual network analysis.

How ExeonTrace can help detect the Microsoft Exchange hack

Find out how to catch data exfiltration thanks to Machine Learning and why detecting it is crucial to your organization’s IT security, as explained by our Head of Professional Services, Andreas Hunkeler.

How to Catch Data Exfiltration with Machine Learning

The Swiss cybersecurity provider Exeon Analytics AG has set itself the goal of becoming the leading "network detection and response" provider in Europe. Well-known investors see the potential of the Swiss solution and support the project with know-how and funds amounting to more than CHF4 million. The ETH spin-off Exeon already has a wide customer base in Switzerland, including two of the five largest Swiss banks and well-known logistics companies. The first major customers have also already been acquired in Germany and Austria. 

Swiss cyber security company Exeon accelerates European Go-to-Market

Klaus Nemelka, Product Manager and Cyber Security Expert, explains how hackers obtained unauthorized access into Microsoft accounts, what malicious activities they operate and how NDR protects organizations from APTs.

Klaus Nemelka, Product Manager at Exeon, about Machine Learning for Corporate Network Security

The Key to Hacker Happiness

Switzerland's security environment is becoming more complex each year, as the Federal Intelligence Service reports in its annual report. Of particular concern are international terrorism, current military conflicts, and increasing cooperation between various autocracies that cooperate at a political and military level. This development also impacts cyber security in Switzerland, as attacks by state and non-state actors are becoming increasingly frequent and complex.

Blog on the Swiss cybersecurity situation by Klaus Nemelka

The Security State of Switzerland

This article highlights the challenges in monitoring OT environments, suggesting that Network Detection and Response (NDR) solutions offer a non-intrusive and effective way to monitor networks by providing comprehensive visibility and detection capabilities without disrupting operations. The advanced machine learning algorithms identify potential threats and anomalies, making this a preferred method for securing OT environments.

In the Shadow of Traditional IT Security: The Central Role of NDR in Securing OT Networks

Beyond IT Security: The Central Role of NDR in OT Network Protection

Prevention and protection are still considered the means of choice when safeguarding one's own IT systems. However, the fact that this approach is not sufficient can now be read almost daily in the media. Current cases such as the attack on Microsoft Exchange, Colonial Pipeline in the United States or, most recently, Siegfried in Switzerland illustrate the dangers: Business interruptions, loss of trust among customers and partners, product defects or legal consequences.

NDR: The new pillar of cybersecurity

The remote code execution vulnerability against Apache Log4j2 [https://nvd.nist.gov/vuln/detail/CVE-2021-44228] is one of the most severe vulnerabilities we have seen for a long time. It’s so severe because the vulnerability is very easy to exploit and the Log4j logging library is used by many Java applications. Thus, one must assume that nearly any larger organization is potentially affected, either due to software developed in-house or via Java software provided by suppliers. After giving some background, we’ll explain how one can identify exploited systems using our ExeonTrace NDR software in this blog post.

Threat Hunting and Detection of the Log4j Exploit using the ExeonTrace NDR

Learn how to combine a Zero Trust strategy with compliance regulations such as NIS2, DORA, HIPAA, ISG, GDPR and other relevant standards – a serious task and challenge for companies that want to strengthen their security and ensure compliance with legal requirements. The right choice of cyber security tools can make all the difference.

Why Zero Trust and Compliance Go Hand in Hand

Today, most Network Detection and Response solutions rely on traffic mirroring and deep packet inspection (DPI). Traffic mirroring is typically deployed on a single core switch to provide a copy of the network traffic to a sensor which uses DPI to thoroughly analyse the payload. While this approach provides detailed analysis, it requires large amounts of processing power and is blind when it comes to encrypted network traffic. Metadata analysis has been specifically developed to overcome these limitations. By utilising metadata for analysis, network communications can be observed at any collection point and be enriched by information providing insights about encrypted communication.

Person using a tablet with a digital network globe overlay, symbolizing Deep Packet Inspection and Metadata analysis.

Deep Packet Inspection vs. Metadata Analysis of NDR solutions

Besides the general discussion about the benefits and challenges of using machine learning algorithms for threat detection, detection engineers face their own benefits and challenges when building detections. In this blog, these aspects are outlined from a detection engineer's perspective and the corresponding questions that come up during use case development.

Blog on machine learning security detection by Andreas Hunkeler

Machine Learning Algorithms from a Detection Engineers' Perspective

The digital transformation has connected formerly isolated OT networks to IT, which brings opportunities and new security challenges: integration means that OT systems are increasingly exposed to threats, which requires robust security measures such as Zero Trust. Network Detection and Response and its AI detects and responds to these threats in real-time, protects OT environments, and improves Zero Trust security.

Zero Trust is Good, Control is Better 

Learn how air-gapping as a security measure protects digital resources and networks by isolating them from external connections to ward off hackers, malware and other threats. Despite the benefits, there can also be security problems, which is why the right configuration is crucial for an effective cyber security solution.

Not Only Love is in the Air

Imagine if, back in 2010, we had the AI technologies we have today. Would airports have rushed to implement body scanners? With more intelligent AI, it’s clear that security could have been enhanced without compromising personal privacy. This same logic applies to cybersecurity today. With AI-powered NDR solutions, you can enjoy better protection without invasions of privacy.

Data Privacy in Cyber Security - Exeon Blog by Simon Sommerhalder

The Privacy Dilemma in Cybersecurity

Manager liability for undetected cybersecurity incidents in Europe varies depending on the legal framework and industry – here, Michael Tullius goes through the corporate requirements and applicable sanctions for DORA and NIS2, as well as how to best comply and ensure long-term security. Cyber-resilience starts here!

Michael Tullius on NIS2 and DORA compliance

NIS2 and DORA: Managers Are Liable for Cybersecurity

Zurich, September 22, 2022 - With ExeonTrace, the Swiss security company Exeon Analytics offers an intrusion detection solution that goes far beyond the capabilities of traditional intrusion prevention systems (IPS). In particular, ExeonTrace can detect zero-day attacks, against which IPS solutions cannot provide protection due to their signature-based detection. While such systems are suitable for automated detection and defense against known attacks, they must be complemented by other security solutions for comprehensive protection. 

Reliable intrusion prevention even for encrypted network traffic and zero-day attacks

Zero Trust principles effectively secure both IT & OT environments and meet many regulatory requirements (NIS/NIS2, DORA). This approach enhances cyber resilience, protects critical infrastructure, and mitigates cyber threats. Here's how to apply Zero Trust to improve OT network security and compliance!

Extending NIS and DORA to OT Networks: A Zero Trust Approach

Due to complex and distributed IT processes, rising personnel costs and an increasing need for IT security solutions, more and more companies are opting for Managed Security Services (MSS). In this case, an IT service provider takes over the development and operation of a suitable, individually adapted security architecture consisting of individual IT security services. However, there are significant differences between the individual Managed Security Service Providers (MSSP). To better understand what distinguishes the MSS offering of our successful partner Ensec, we asked its CTO Rolf Scheurer for an interview.

Managed Security Services with Ensec and Exeon

In almost every industry, start-ups have an innovative edge over larger enterprises. European start-ups, in particular, are excelling as "innovation wunderkinds" in the B2B space. In the cybersecurity industry, scale-ups like Exeon Analytics are setting new standards for innovation-led growth and product development.

Why Cybersecurity Start-ups are winning the Innovation Race

Incident response encompasses a range of measures and technologies that help companies be prepared for security incidents and detect and minimize them as early as possible. A well-prepared IR plan improves a company's ability to respond and strengthens its overall security posture. The goal is to respond faster and minimize damage.

Incident Response - Exeon Blog by Melissa Rabe

Incident Response: Why Focus on Prevention & Detection First

Phishing attacks evolved far beyond fake emails and scams, now targeting users with techniques that bypass even advanced defenses like MFA. As attackers exploit session hijacking, HTML smuggling, and browser-in-the-browser deception, tools like EDR, XDR, and SIEM increasingly fall short—mainly when attackers use trusted credentials and legitimate system tools.

Phishing and lateral movement - Exeon blog

Phishing Despite Active MFA: How Lateral Movement Begins

In this article, we share some ideas on how to detect and hunt the exploitation (meaning the abuse) of network device vulnerabilities and how a Network Detection and Response (NDR) supports such analysis.

Exeon's Blog on Incident Response: How to Detect & Hunt Network Exploitation

How to Use ExeonTrace to Detect the Exploitation of Network Device Vulnerabilities

Cybersecurity recruitment and organic growth means excitement and challenges as a new year unfolds: more on the successes and goals from the COO of a fast evolving Swiss network security monitoring organisation.

Exeon in 2023 – Skills, Growth & Challenges

The integration of external data sources into the Network Detection & Response solution ExeonTrace has been significantly simplified thanks to the integration of numerous parsers.
The result? An even higher level of visibility across all network activity and data flows.

Press Release: Exeon Analytics Simplifies Integration of Data Sources

To strengthen their systems against cyber-attacks, EU financial institutions must meet DORA requirements. One way to efficiently achieve this is by implementing a Zero Trust strategy – here are the 10 key points for your implementation, as well as 5 reasons why ExeonTrace is highly suited to the DORA (and even NIS2!) directives.

New on the Exeon blog: DORA compliance thanks to Zero Trust

How Zero Trust Makes You DORA-Compliant

The EU Commission's regulation Digital Operational Resilience Act (DORA) was published as a law affecting financial enterprises – read about how it affects Switzerland and the EU, as well as proposed IT security measures.

Everything EU & Swiss Companies Should Know About DORA (Digital Operational Resilience Act)

The Swiss IT security company Exeon Analytics warns against trusting third-party applications unconditionally, regardless of whether they are contract developments or standard solutions from renowned manufacturers. The problem with such applications is that they often require extensive authorisations or receive them unnecessarily. At the same time, such third-party software usually acts as a black box without transparency into the individual actions or data streams. 

Exeon recommends consistent monitoring of third-party applications

Based on the 2024 Allianz Risk Barometer results, how can you best protect your organization from cyber-attacks? Our Senior Security Consultant describes robust, future-proof cybersecurity measures and why management needs to be involved. One hint: AI!

2024 Allianz Risk Barometer: Heightened Alarm on Cyber Threats

Here is all about the XZ Utils and liblzma backdoor and why the best way to foster your security strategy against supply chain attacks and Zero-Day exploits is with an AI-powered Network Detection & Response solution for complete visibility of the network’s communication.

Look Who Entered Your Library!

Supply chain attacks, increasingly prevalent and posing significant threats to IT security, target software or hardware suppliers to indirectly infiltrate organizations. Here are 5 ways to prevent these attacks with advanced monitoring technologies like machine learning-based Network Detection & Response (NDR) for early detection and mitigation.

Philipp Lachberger on how to stop supply chain cyber attacks

How to Monitor & Stop Supply Chain Attacks

Enter FeedMeter—a platform designed to simplify this process. FeedMeter collects, normalizes, and aggregates threat intelligence feeds while continuously evaluating them using eight descriptive metrics to approximate feed quality.

Smarter Cyber Threat Intelligence: FeedMeter

FeedMeter: Smarter Threat Intelligence

OT communication involves continuous data transmission for device status, differing from IT communication patterns, and are best detectable by Network Detection & Response solutions using machine learning for anomaly detection in network and administrative behavior.

OT Security & Network Behavior Analytics Blog

Using Behavior Analytics to Detect Changes to your OT Environment

The emergence of sophisticated malware such as Octo2 poses a significant challenge for cyber security professionals. With its advanced features, such as enhanced remote access capabilities, advanced obfuscation techniques, and new Domain Generation Algorithm, Octo2 is an example of an always faster-evolving threat landscape.

Octo2: The Evolution of A Dangerous Malware Family

The Swiss "Network Detection & Response" provider Exeon Analytics is strengthening its market development with Luca Forcellini as Senior Channel Manager. Forcellini is a proven industry expert and was most recently with Boll Engineering, a leading security distributor.

Luca Forcellini becomes Senior Channel Manager at Exeon

From the role of machine learning driven network security solutions to the benefits of ML within a cybersecurity set-up and concrete examples, Senior Cyber Security Analyst Andreas Hunkeler explains the application of ML and what is yet to come for organisations to detect cyber threats and protect their networks.

Machine Learning in Network Security: Protecting organisations from cyberthreats

The Future of Network Security: Predictive Analytics and ML-Driven Solutions

Exeon, alongside partner Netcor GmbH, looks back at a tremendeous IT security event where network security expert Michael Tullius presented to various IT leaders, engineers and SOC personnel on the beneficial deployment of a Network Detection and Response tool.

SecIT 2023: An Outlook on a Secure Future

With the analysis of metadata instead of the otherwise common Deep Packet Inspection (DPI), the Swiss cybersecurity company Exeon Analytics is establishing a modernised and future-proof Network Detection & Response (NDR) solution in the European market. The metadata analysis is - in contrast to the established DPI-based procedures - not affected by encrypted data traffic. This is relevant as modern cyber attacks such as APTs, ransomware and lateral movements rely heavily on encrypted communications for attack instructions from remote command and control (C&C) servers

Exeon revolutionises NDR through metadata analysis 

Intrusion incidents have become very common in recent years, with widescale cyberattacks affecting organisations virtually every week. Threat actors are constantly trying to break into enterprise networks and compromise business assets. To prevent a breach from occurring, many companies employ Intrusion Prevention Systems (IPS). In order to identify and prevent threats, these solutions rely on signature-based detection, which allows for automatic intrusion detection. However, this approach can cause various blind spots and weaknesses in network protection. Network Detection and Response (NDR) can overcome these drawbacks for more reliable and holistic protection against intrusions. 

How Network Detection and Response (NDR) Fills the Security Gaps of Intrusion Prevention Systems (IPS) 

While cloud solutions typically provide high security standards, some prioritize on-premises for full control over security measures, higher performance, reliability independent of internet connectivity, and better customizability, with the decision between the two hinging on factors like budget constraints and regulatory compliance, particularly critical in the financial sector where conducting a comprehensive risk assessment is crucial.

To Cloud or Not to Cloud 

NIS2 was intended to set a new standard for cybersecurity in the EU. However, local law implementation has been delayed in several countries, impacting security in those companies affected by and exposed to regulatory uncertainty and increasing the responsibility of organizations to better ensure cyber resilience themselves.

Blog Preview - Klaus Nemelka on NIS2 implementation

How to Stay Secure While NIS2 Takes Its Time

Various national and EU-wide regulations have tightened cybersecurity monitoring and reporting requirements for companies. This makes it essential to prioritize the monitoring, detection and reporting of cyber incidents. Read how to achieve compliance and what the ISG (Informationssicherheitsgesetz) requires companies to establish within an ISMS.

All about the new DSG cybersecurity requirements in Switzerland and how it compares to NIS2.

How NIS2 and ISG Shape Cybersecurity in Switzerland & the EU

How do you prevent advanced ransomware such as Akira? Klaus Nemelka explains how machine learning-based network monitoring is the ultimate way to uncover unknown attacks without pre-defined use cases. Read how to detect this new multi-OS ransomware most efficiently.

How to Detect the New Multi-OS Ransomware Akira

Akira Ransomware: Understanding the Global Threat and How to Protect Your Business

Organizations choose managed services for cybersecurity. Providers monitor and manage security systems, while security operations centers (SOC) analyze data and respond to threats.

Why Customers Love ExeonTrace (as a Managed Solution)

The Swiss cybersecurity company Exeon Analytics and the German EnBW Cyber Security GmbH have reached an agreement under which EnBW Cyber Security will distribute the Network Detection & Response (NDR) solution ExeonTrace in Germany and use it as a technical solution for the customers of its Security Operation Centre (SOC).

EnBW Cyber Security is partnering up with Exeon Analytics for managed service operations in Germany 

The Swiss security company Exeon Analytics was awarded the Cybersecurity & Privacy Solution of the Year Award sponsored by PwC at the Cyber Security Week in Luxembourg. A high-calibre jury awarded the prize to the Network Detection & Response (NDR) solution ExeonTrace for demonstrating excellence at all levels - from strategy to execution.

 Exeon wins the PwC Cybersecurity & Privacy Solution of the Year Award

Corporate IT networks are the foundation of today's information age and protecting them is a crucial element to ensure the proper functioning of IT solutions. As most organisations become heavily dependent on computer networks to facilitate work operations, a disruption in network service can have catastrophic consequences on the affected entity.

Why ExeonTrace is the NDR of choice for CISOs of industry-leading companies across Europe

Modern networks have a multitude of third-party systems in use. Consequently, third-party applications have become a security-relevant priority in order to protect one's network. Security teams require complete transparency over their IT/OT network.

Third-party cyber risks – and how ExeonTrace can provide complete system transparency

Risk-based alerting (RBA) is a strategy that uses data analysis and prioritization to issue alerts or notifications when potential risks reach certain predefined levels. Find out how to best utilize it for improved security – even against the most advanced attackers.

Enhancing Security Detection: Revolutionizing Risk-Based Alerting

How does Network Detection and Response (NDR) massively bolster defenses against zero-day exploits? Learn about the limitations of traditional security measures and how advanced analytics and real-time monitoring detect and mitigate emerging threats, illustrated through a detailed analysis of the Ivanti Connect Secure VPN exploit.

Uncovering Blind Spots: The Crucial Role of NDR in Zero-Day Exploit Detection

Obfuscation is used to protect software and sensitive data by making code and information difficult to understand, but it can also be exploited by malware authors. Methods such as encryption, replacing data with placeholders, and inserting meaningless code, are employed to achieve it, while advanced detection systems like ExeonTrace avoid the need for obfuscation by being invisible in the network.

Obfuscation: Good to Protect, Hard to Detect

Crowdstrike's faulty update caused global IT outages, affecting 8.5 million Windows devices and numerous critical infrastructures such as airports, banks, healthcare, and government institutions. As cybercriminals attempted to exploit the situation, we present thorough analysis and methods to prevent and detect such incidents from happening.

A Wrap-Up of 07-19

As we celebrate our company's eighth birthday, it's a perfect time to reflect on the journey we've taken together at Exeon. To mark this special occasion, we posed one question to each member of our management team, diving into their personal experiences, challenges faced, and vision for the future. Join us as we delve into their unique insights and celebrate the milestones we've achieved together.

Happy 8th Birthday, Exeon!

The DORA enforcement date is quickly approaching. As DORA addresses cybersecurity, ICT risks, and digital resilience, affected companies should check their cybersecurity practices and operational resilience. Here’s how to ensure full DORA compliance and cybersecurity for your organization and IT systems, along with the new DORA checklist.

Last Call for DORA

Women are significantly underrepresented in cybersecurity. Even though this trend is shifting, today, women only represent about a quarter of the cyber workforce. Considering the explosive growth and consequential talent shortage in cybersecurity, it is crucial to encourage more women into the cyber industry.

The importance of Diversity in Cybersecurity

In this blog post, we explain how to work with threatfeeds in ExeonTrace for the detection of devices compromised through the Log4j vulnerability. Our first blog post provides you with more technical background information.

Threat Hunting and Detection of the Log4j Exploit using the ExeonTrace NDR - Part II

Digital transformation has witnessed a boost in recent years, especially in the wake of the COVID19 pandemic, which accelerated the adoption of digital technologies by several years in just a few months. Integrating digital technology in business has brought significant benefits. However, it also opened the door wide for new security risks and vulnerabilities.

The Importance of an NDR Solution to Early Detect Supply Chain Attacks in Corporate Networks

"Network Detection & Response" has quickly established itself as the leading method for identifying hackers in networks at an early stage, before they cause any damage. Network Detection & Response" is thus becoming an increasingly central pillar of a modern cybersecurity architecture. The Swiss provider Exeon Analytics AG alone has tripled its customer base over the past year.

Network Detection & Response establishes itself as central cybersecurity pillar

DLL sideloading exploits how Windows applications handle Dynamic Link Library files. When a program loads a DLL, it searches for the required file in specific directories. Attackers exploit this by placing a malicious DLL in the same directory as the executable and tricking the application into loading the malicious version instead of the legitimate version. This allows attackers to execute arbitrary code, often with elevated privileges, and remain undetected. 

What is DLL sideloading and how to detect it.

How to Detect DLL Sideloading

Compromised servers are likely to be used as relays and as an entry point for various attacks against corporate networks, such as ransomware attacks. Besides relying on ExeonTrace’s automated detection, Exeon’s customers can retrospectively check the network behaviour of potentially vulnerable servers using the “Client server pairs” visualization, as outlined in our previous post on the detection of Log4j.
The ExeonTrace NDR solution itself doesn’t use Spring and is therefore unaffected by the vulnerability.

Severe vulnerability in the Spring Framework

Swiss IT security company Exeon Analytics has enhanced the ExeonTrace NDR platform with cloud connectivity and new anomaly handling functionalities. The latest release significantly simplifies both the deployment and seamless operation of NDR in on-premise, cloud and hybrid environments. Like its predecessors, the current release is completely software-based and, unlike traditional solutions, does not require any additional hardware, reducing not only investments but also operating costs. The evolved architecture of the current version of ExeonTrace allows analysts to tailor the solution to their environment at the click of a button, and provides a flexible platform for deploying sophisticated and high-performance AI algorithms for intelligent detection of current threats, including zero-day exploits.

Exeon simplifies the deployment of Network Detection and Response

From January 1, 2025, a reporting obligation for cyberattacks on critical infrastructure came into force, regulated by the Information Security Act and the Cyber Security Ordinance. This aims to increase national resilience to cyber threats, recognize attack patterns at an early stage and promote the exchange of information. What does this cover and are you prepared? 

Exeon Blog: The new Swiss reporting obligation for cyberattacks

The New Reporting Obligation for Cyberattacks in Switzerland

The EU Cyber Resilience Act (CRA) aims to enhance cybersecurity for digital products sold within the EU by requiring compliance with strict security standards. Enacted in October 2024, it mandates that manufacturers ensure their products, including software and IoT devices, are secure throughout their lifecycle. It complements the NIS2 Directive, focusing on supply chain security and proactive vulnerability management.

Cyber Resilience Act (CRA) is Here to Stay

I need better threat detection than static IOCs

Whitelisting systems in SIEMs is risky and inconvenient

I am required to store network log data, but the huge data volume makes this very expensive

Writing and maintaining SIEM use cases for network log data is cumbersome

I don’t know whether I can trust the third-party applications in my network

My current tools (e.g. IDS) create too many false alerts

My SOC is flooded with alerts for networks that are irrelevant (e.g. guest WLANs) - Relevant alerts get lost

It is cumbersome for security analysts to analyse the data stored in the SIEM

I need to identify shadow IT

I don’t know exactly what is happening in my network

I can’t do traffic mirroring in my own or my outsourcer’s network

Network traffic encryption makes my tools, which rely on deep packet inspection, become blind

We are pleased to be attending the cyberrevolution 2023 in Frankfurt on November 14th. cyberevolution 2023 is a must-attend event for all cybersecurity professionals who not only want to learn about the use of traditional and unconventional cyber defense methods and strategies, but also gain a better understanding of the growing importance of cybersecurity for businesses.

Cyberevolution 2023, Frankfurt

Exeon will participate in the conference for the protection of critical  infrastracture in Leipzig from November 6 to 7. Over these two conference days, protekt provides a platform to discuss current topics in cyber and information security as well as the physical protection of companies and critical infrastructure facilities. Together with our partners EnBW Cyber Security and Versatus, we will be on-site to engage with experts, representatives of the security industry, and officials from federal, state, and local governments.



protekt in Leipzig

We look forward to welcoming you to our joint CyberBreakfast in Vienna on May 28, 2024. Together with our partner NTT DATA, we will present new solutions for AI-based network monitoring (NDR) and talk about a range of topics (in German).

Your Cyber Security Knowledge Base

What is Zero Trust?

What is Network Detection and Response (NDR)?

What is SOAR?

What are the latest cybersecurity regulations?

More Informative Pages

IDS

IPS

EDR

XDR

APT

Malware

Machine Learning

CDR

Downloadables

Comprehensive Guide to Detecting APTs

How NDR protects 2,6 million clients' data and an entire banking network

KuppingerCole Executive Review on NDR

More from Exeon's Security Specialists

Everything EU & Swiss Companies Should Know About DORA (Digital Operational Resilience Act)

How to Monitor & Stop Supply Chain Attacks

2024 Allianz Risk Barometer: Heightened Alarm on Cyber Threats