Future-proof Network Detection & Response

ExeonTrace’s future-proof approach is based on metadata analysis and therefore does not require any traffic mirroring. ExeonTrace’s algorithms are especially built for the analysis of encrypted data which cannot be analysed with traditional Network Detection & Response (NDR) solutions.

ExeonTrace also allows for the analysis of multiple data sources including native cloud applications and is therefore the leading solution for highly virtualised and distributed networks.

Our AI sees hidden cyber threats, anywhere

Future-proof security that keeps your data 100% confidential.
Network

Network

Apps

Apps

OT

OT

IoT

IoT

Cloud

Cloud

Asset Inventory

Asset Inventory

In a more schematic way, this is how ExeonTrace works:

Light-weight network log data

E.g. data from firewalls, NetFlow, Secure Web Gateways, IPFIX, native clouds (Google, Amazon, Azure)

ExeonTrace algorithms

Full representation of IT activities

Stored in graph database with data reduction compared to input data by the factor x100

Used for

Visibility

High-end visualisation, intuitive GUI, fast and interactive drilldowns

Anomaly Detection

Supervised and unsupervised ML models, expert use cases, threat correlation, integrate additional logs

Response

Graphic representation of security incidents, incident prioritisation, API triggering alerting and response

Combining the best from traditional Network Detection & Response solutions and SIEMs

ExeonTrace works with light-weight log data as SIEMs do, while traditional Network Detection & Response solutions rely on traffic mirroring. For the data analysis, ExeonTrace provides specialised detection algorithms for network log data - like traditional NDRs.

Why ExeonTrace is the most advanced AI-driven cyber protection

Traditional NDR
ExeonTrace
SIEM
Data collection
Data analysis
Data visualisations
Log data storage
Threat detection
Expensive traffic mirroring
Light-weight log data
Specialised detection algorithms for network log data
Manual data analysis
Intuitive data visualisations
No data visualisations
Limited long-term storage functionalities
Significant data reduction*

Log data by x100

Raw traffic by x10'000

Very expensive due to data volume
Relying on network traffic only
Holistic detection covering different data sources

(incl. system and application logs)

ExeonTrace compared to Traditional Network Detection & Response

ExeonTrace relies on network log data instead of traffic mirroring

ExeonTrace is specifically built for the analysis of meta data.

ExeonTrace doesn’t effect network performance

Larger companies that use traditional NDR report a decrease of their network performance due to the bandwidth required for mirroring. Since ExeonTrace uses very light-weight logs there is no such effect on the network performance.

ExeonTrace requires no hardware sensors

ExeonTrace is applied virtually: it uses logs from existing network infrastructure (proxy, NetFlow, cloud flow logs, etc.). No hardware/agents required.

ExeonTrace enables full visibility into HTTP(S)

Proxy analysis provides full visibility into HTTP(S) (traditional NDR solutions are blind when it comes to HTTPS details).

ExeonTrace gets log data from many collection points

Instead of getting the data only from core switches, ExeonTrace integrates log data from many and distributed collection points, which results in detailed visibility and superior analytics.

ExeonTrace compared to SIEM

ExeonTrace brings intuitive data visualisation

ExeonTrace takes the data, transforms it into algorithms, and then stores it in the graph database which allows customers to reduce the typical data volume by about a factor of 100.

ExeonTrace brings ready-made use cases

With ExeonTrace one does not have to write complicated queries because we bring ready-made visualisations and use cases.

ExeonTrace is faster when it comes to navigating the data

ExeonTrace works with its graph database, while the SIEM will always have to search the old logs.

ExeonTrace brings advanced detection

SIEMs are missing algorithms that contain network specific knowledge (that ExeonTrace provides).

It's all in the metadata

Watch how the analysis of existing network data secures your IT infrastructure. See how lightweight log data is used to monitor and protect large, complex environments.

ExeonTrace in action

Watch this malware attack demonstration to see precisely how ExeonTrace works to detect advanced threats.