Newsletter
location
contact us

We are here for you!

Send me a message

Send me a message

Exeon Analytics AG

Grubenstrasse 12
CH-8045 Zürich
Switzerland

ExeonThreatReport - Order a security review

You want full visibility of your network? You want to understand what is in your network and where your data flows? Then you need a security review! Our ExeonThreatReport security review assesses the security state of your internal network by analyzing web proxy log data (your internal devices' outgoing web traffic) and/or flow and DNS log data.

ExeonTrace's big data algorithms and machine learning extract hidden information from millions of network records. This enables the quick detection and containment of data breaches as well as full visibility of your network.


ExeonTrace is easy and light-weight to deploy, as it loads network log data from Splunk, Elasticsearch or raw files. Our engineers deploy ExeonTrace on-site in your data center, analyze your network traffic and provide you with our ExeonThreatReport.


Project timeline

 

 

null

Setup and configuration of ExeonTrace for your corporate network.

null

Our engineers analyze one week of log data.

null

Our engineers provide a report  with the findings.

Please enter your information below to download.

Download

Download

Analyzers

Package 1: Proxy/secure web gateway analysis 
Analysis of the web activities of your internal devices.

  • APT attack detection:
    • Detecting hidden HTTP(S) - based command and control channels
    • Detecting malware using Domain Generation Algorithmms (DGAs)
  • Detection of hidden data leaks such as browser plugins or software collecting data
  • External shadow IT: Detection of unauthorized cloud services and uploads
  • Unauthorized and outdated devices: Clustering of machine-to-machine (M2M) devices for outlier detection
  • Identification of unauthenticated proxy access
  • Correlation with selected threat feeds (blacklists)

Requirements: The log data is recorded by an SSL/TLS-intercepting secure web gateway. Proxy logs stored in Elasticsearch, Splunk or as raw files.


Package 2: Flow and DNS analysis 
Analysis of your internal & external network traffic.

  • APT attack detection:
    • Detecting lateral movement: Expansion of malicious software in your network
    • Detecting horizontal and vertical scanning inside your corporate network
    • Detecting malware using Domain Generation Algorithms (DGAs)
    • Detecting covert DNS channel: Hidden data leakage via Domain Name System (DNS)
  • Network visibility
    • Discovery of unusual services in your network
    • Discovery of undesired/malicious access to internal services
    • Identification of misconfigured devices
    • Understand communication of critical networks
  • Correlation with selected threat feeds (blacklists) and CMDB information (internal shadow IT)

Requirements: Firewalls/switches capable of exporting NetFlow v5/v9/IPFIX log data or Corelight sensors. DNS logs recorded by our network sensor or your DNS resolvers. Log data can be stored in Elasticsearch, Splunk or directly sent to ExeonTrace.


We use cookies to help you use our website. To find out more about cookies, see our Privacy Policy.