location
contact us

Would you like to learn more?

Send me a message

Send me a message

R&D

Exeon Analytics AG
Grubenstrasse 12
8045 Zürich
Switzerland

 

Registered office

Exeon Analytics AG
Hofackerstrasse 14
CH-8032 Zürich
Switzerland
MWST-Nr.: CHE-196.534.272

 

ExeonTrace - machine learning solution for cyber security

ExeonTrace effectively identifies gaps in IT security perimeters and detects anomalies in millions of IT data points (log data). Contrary to other solutions, ExeonTrace is able to analyze and correlate various log data sources and thus represents a holistic solution for your organization.

Main advantages

null

Best-in-class algorithms for network traffic analysis
Our ML algorithms can identify cyber attacks and breaches among millions of regular network activities.

null

You remain in control of your data
ExeonTrace is a software-only solution and can be deployed on-site or in the cloud.

null

Easy and light-weight to set up
ExeonTrace is operational on your network from day one.

null

Integration into your existing environment
ExeonTrace analyzes existing log data and integrates with Splunk and Elasticsearch

 

ExeonTrace Subscription

Would you like to use ExeonTrace to protect your company?

Our annual subscription includes:

  • Software license
  • A support package including service days for setup, training and support through our engineers

The pricing depends on the chosen analysis packages and the number of active internal IP addresses.

ExeonTrace analyzes and correlates:

  • Network traffic logs (Proxy, Flow and DNS)
  • Event logs (Windows events, active directory logs)
  • Configuration management database (CMDB)


Please enter your information below to download.

Download

Download

Analyzers

Package 1: Secure Web Gateway Analysis 
Analysis of the web activities of your internal devices.

  • APT attack detection:
    • Hidden HTTP (S) - based command and control channels
    • Malware using Domain Generation Algorithms (DGAs)
  • Detection of hidden data leaks such as browser plugins or software collecting data
  • External shadow IT: Detection of unauthorized cloud services and uploads
  • Unauthorized and outdated devices: Clustering of the activities from machine-to-machine (M2M) devices for outlier detection
  • Identification of unregistered and unauthenticated proxy access
  • Correlation with selected threat feeds (blacklists)

Requirements: The log data is stored in Elasticsearch, Splunk or as raw les. Web traffic logs recoded by SSL/TLS-intercepting secure web gateway (proxy logs).


 

 

Package 2: Flow and DNS Analysis 
Analysis of your internal & external network traffic.

  • APT attack detection:
    • Lateral movement: Unwanted cross talking inside your corporate   network
    • Horizontal and vertical scanning activities inside your corporate network
    • Malware using Domain Generation Algorithms (DGAs)
  • Covert DNS: Hidden data leakage via Domain Name System (DNS)
  • Discovery of unusual services in your network
  • Discovery of mis-configurations in your firewalls allowing access to internal services
  • Correlation with selected threat feeds (blacklists)

Requirements: Firewall(s) capable of exporting NetFlow v5/v9 or IPFIX log data. DNS logs recorded by a resolver or network sensor. Flow and DNS log data is stored in Elasticsearch, Splunk or directly sent to ExeonTrace.