location
contact us

Would you like to learn more?

Send me a message

Send me a message

R&D

Exeon Analytics AG
Grubenstrasse 12
8045 Zürich
Switzerland

 

Registered office

Exeon Analytics AG
Hofackerstrasse 14
CH-8032 Zürich
Switzerland
MWST-Nr.: CHE-196.534.272

 

Exeon Threat Report - Order a security review

You want full visibility of your network? You want to understand, what is in your network and where your data flows? Then you need a security review! Our ExeonThreatReport security review assesses the security state of your internal network by analyzing web proxy log data (your internal devices' outgoing web traffic) and/or flow and DNS log data.

ExeonTrace's big data algorithms and machine learning extract hidden information from millions of network records. This enables the quick detection and containment of data breaches as well as full visibility of your network.


ExeonTrace is easy and light-weight to deploy, as it loads network log data from Splunk, Elasticsearch or raw files. Our engineers deploy ExeonTrace on-site in your data center, analyze your network traffic and provide you with our Exeon Threat Report.


Project timeline

nullnullnull

Setup and configuration of ExeonTrace for your corporate network.

Our engineers analyze one week of log data.

Our engineers provide a report  with the findings.

 

Please enter your information below to download.

Download

Download

Analyzers

Package 1: Secure Web Gateway Analysis 
Analysis of the web activities of your internal devices.

  • APT attack detection:
    • Hidden HTTP (S) - based command and control channels
    • Malware using Domain Generation Algorithms (DGAs)
  • Detection of hidden data leaks such as browser plugins or software collecting data
  • External shadow IT: Detection of unauthorized cloud services and uploads
  • Unauthorized and outdated devices: Clustering of the activities from machine-to-machine (M2M) devices for outlier detection
  • Identification of unregistered and unauthenticated proxy access
  • Correlation with selected threat feeds (blacklists)

Requirements: The log data is stored in Elasticsearch, Splunk or as raw les. Web traffic logs recoded by SSL/TLS-intercepting secure web gateway (proxy logs).


Package 2: Flow and DNS Analysis 
Analysis of your internal & external network traffic.

  • APT attack detection:
    • Lateral movement: Unwanted cross talking inside your corporate   network
    • Horizontal and vertical scanning activities inside your corporate network
    • Malware using Domain Generation Algorithms (DGAs)
  • Covert DNS: Hidden data leakage via Domain Name System (DNS)
  • Discovery of unusual services in your network
  • Discovery of mis-configurations in your firewalls allowing access to internal services
  • Correlation with selected threat feeds (blacklists)

Requirements: Firewall(s) capable of exporting NetFlow v5/v9 or IPFIX log data. DNS logs recorded by a resolver or network sensor. Flow and DNS log data is stored in Elasticsearch, Splunk or directly sent to ExeonTrace.