Correlation Engine: AI to combine and correlate relevant data across all available data sources. To give you the fullest picture for visibility, threat detection, assessment, investigation, hunting, and response.
SecurityDB: Graph database to efficiently store processed and enriched security data with minimal data volume – up to 50x less than raw log data! For great scalability and the ability to keep a long event history.
Alerting System: ExeonTrace’s core threat alerting system, as well as a REST API to feed alerts into other systems like your ticketing system, SIEM, SOC platform or SOAR.
Incident Handling: Resolve issues directly in ExeonTrace’s UI.
Incident Assessment: Algorithms to automatically assess and prioritize detected security incidents. To minimalize false alarms and helping your team focus on the right cases.
Dashboard & Reporting: Customizable Dashboard, Analytics and Reporting of the various incidents, as well as a general, intuitive UI to run the ExeonTrace solution.
Data Lake (optional): Do you already have a Data Lake in Splunk or Elasticsearch to combine and store all your raw event logs? Great, we’ll gladly use it.
If you don’t, or only partially, you can employ ExeonTrace’s powerful and cost-effective Data Lake.