xNexus

xNexus

An Automotive xNexus with XDR capabilities and multilayered visibility

xNexus
Strategic Foresight

Strategic Foresight

Anticipate, prepare for, and visualize potential threats powered by VicOne's Automotive Security Foresight (ASF)

Beyond a Single Vector

Beyond a Single Vector

Leverages cybersecurity threat intelligence and AI/ML, correlating data across multiple layers detecting attacks

Data Agnostic

Data Agnostic

Support OEM's existing data from vehicle and server and tomorrow's advanced IDPS on ECUs

Uncover and mitigate automotive security threats

The xNexus is a cloud-based extended detection and response (XDR) platform for vehicle security operations center (VSOC) that provides superior protection and performance over connected vehicles. Powered by VicOne's proven Automotive Security Foresight (ASF), xNexus collects high-fidelity telemetry from vehicle endpoints and prevents advanced cybersecurity threats in real time, all while supporting compliance of UNECE WP.29/R155.

Uncover and mitigate automotive security threats
Foresights to Mitigate Risk

Foresights to Mitigate Risk

Look beyond future short-term threats and onto longer-term strategic planning with xNexus. The xNexus powered by VicOne's Automotive Security Foresight (ASF) is an evidence-based knowledge developed and refined for 30+ years, and includes a large number of in-house researchers, automotive partners, law enforcement, independent researchers from the ZDI. This combination has given rise to its global success in timely collecting, processing, and analyzing data from potential cyber threats, resulting in enhanced planning, detection, reaction, and mitigation of sophisticated cyberattacks.

Automotive

Security Foresight (ASF)

Automotive Industry Partners

Automotive Industry Partners

World’s largest vendor-agnostic bug bounty program

World’s largest vendor-agnostic bug bounty program

Partnerships w/Law Enforcement

Partnerships w/Law Enforcement

Threat News . CVE . Vulnerability Study . 3rd Party security Source

Threat News . CVE . Vulnerability Study . 3rd Party security Source

This knowledge benefits VSOC teams to clearly predict, investigate, and hunt potential threats with high correlation accuracy to WP.29 R155's list of threats and attack methods.

  • Attack Matrix Mapping. Map known attacks to the Automotive Attack Matrix (inspired by MITRE ATT&CK)
  • 450+ Internal Researchers (leveraging Trend Micro)
  • Collaboration with Zero-Day Initiative and the 10,000+ independent researchers
  • Automotive partners (AUTOSAR, MIH Consortium, etc.)
  • Global law enforcement cooperation (Interpol, FBI, etc.)

Reduced Time to Detect Threat Correlations

  • xNexus defends vehicles without compromising speed and performance by collecting and correlating deep activity data across multiple vectors, enabling cross-layered detection and investigation. With an overall contextual view, events that seem benign on their own suddenly become meaningful, enabling timely response by VSOC teams.

  • Incident Detection:
    Incident alerts. Enable rapid investigation and response by drilling down to the execution profile and identifying the scope of the impact, while also prioritizing and processing alerts by severity.

  • Advanced Security Analytic Engine (SAE):
    The advanced Security Analytic Engine (SAE) detects and tracks attackers across one or more layers so security teams can quickly visualize the story of an attack and respond faster and more confidently.

Reduced Time to Detect Threat Correlations
Streamline Communications

Streamline Communications

  • When an incident arises, it's critical for cross teams to timely communicate and investigate while utilizing the same language. With the xNexus, incident responders can easily collaborate, identify potential threats and immediately work across teams to mitigate these issues.

  • - Attack Mapping. Map known attacks to the Automotive Attack Matrix (inspired by MITRE ATT&CK).

  • - WP.29/R155 Annex 5 Mapping. See your security risks trends in each categories.

  • - Detailed Anomaly (RCA) Events. Conveniently audit abnormal values from a given time period for further hunting.

Enabling Timely Threat Response

  • Deep endpoint and attack visibility that displays anomaly timelines enable fast response times and can minimize the damage from malicious activities. With the Anomaly Analytic Engine and a focused incident response team, threats can be responded immediately when an incident occurs.

  • Anomaly Detection:
    - Context Analytic Engine. Detects behaviors and events that violate rules by using a defined whitelist.
    - Anomaly Analytic Engine. Observing abnormal behaviors and events through machine learning.

Enabling Timely Threat Response

Supports Various Data Sources

Work with data received from heterogeneous data sources. Whether from our xCarbon (IDPS) or an OEM’s cloud-based data, the platform is flexible to provide detection and response.

Supports Various Data Sources

Other Features

Native End-to-End Solution
Native End-to-End Solution
E2E security ensures a high level of security during data collection and transit.
Integration with Vulnerability Management Plus
Integration with Vulnerability Management Plus
Visualize Software Bill of Materials (SBOM) vulnerabilities and malware & backdoor threats from within a sandbox.
Policy Builder
Policy Builder
Add anomaly detection rules and sweep existing vehicles.
Latest Hacking News
Latest Hacking News
Stay updated with the latest hacking news.
API Integration
API Integration
Conveniently integrates with existing SIEM tools.

Use Case

Detecting Electronic Power Steering ECU Firmware Modification

Detecting Electronic Power Steering ECU Firmware Modification

Use Case
Protecting a Telematics Control Unit From Remote Attacks

Protecting a Telematics Control Unit From Remote Attacks

Use Case

Blog

DEKRA collaborate with VicOne to create Integrated services for vehicle cybersecurity certification
July 1, 2022

DEKRA collaborate with VicOne to create Integrated services for vehicle cybersecurity certification

DEKRA and VicOne announced their partnership in providing joint solutions for automotive suppliers to compliance with new international regulations and standards in vehicle security.

VicOneVicOne

Read More

Investigating the Benefits and Risks of Connected Car Technologies
June 29, 2022

Investigating the Benefits and Risks of Connected Car Technologies

While today’s modern vehicles promise an increased level of connectivity to improve user experience and safety, cybercriminals could still abuse these improvements to wreak havoc on the road and steal personal data from users, thus making dynamic security for connected cars paramount.

VicOneVicOne

Read More

ISO/SAE 21434: Setting a New Standard for Cars of the Future
June 24, 2022

ISO/SAE 21434: Setting a New Standard for Cars of the Future

The past decade has ushered in a new age in vehicle connectivity and improved the way cars and humans interact with each other. But it has also opened cybersecurity gaps that require an appropriate standard for the automotive industry to protect connected cars from attacks.

VicOneVicOne

Read More

Start your journey to better automotive cybersecurity