Trellix has announced the expansion of its XDR platform. Trellix XDR enables the company’s 40,000+ customers to build greater cyber resiliency, maximise the value of their existing security tools, and reduce mean time to dEetection and response, the company states.
Bryan Palma, CEO Trellix, says, “We have the most comprehensive XDR platform in the industry. Legacy security information and event management (SIEM) technology has failed to modernise security operations. We are confident Trellix XDR fills this critical gap.”
Arriving in the fourth quarter of 2022, the upgraded XDR engine provides security operations teams with enhanced playbooks for guided investigations, upgraded threat intelligence through the integration of McAfee and FireEye assets, and the launch of Trellix Event Fabric.
Trellix Event Fabric bridges disparate security data from any cloud provider allowing security analysts to access and correlate data from anywhere. This combination of machine learning and automation allows security operations teams to reduce mean time detection and improve mean time to response, the company states.
XConsole simplifies the user experience across Trellix XDR providing a single interface for security operations teams. Delivering a common operating picture allows customers to maximise their investments in native Trellix technologies and third-party security tools.
By leveraging a single user interface, analysts and responders can quickly baseline their overall threat posture through added visibility across network, endpoint, data, email, and cloud attack surfaces. Available early in 2023, XConsole becomes the control centre for Trellix XDR.
Arriving early 2023, Trellix Endpoint unifies the best of McAfee and FireEye technologies across endpoint protection, endpoint detection and response, and forensics to deliver best-in-class layered endpoint defence.
This first step on the XDR journey provides:
- Multi-stage ransomware prevention
- Identity detection and response to prevent credential theft and abuse
- Attack surface management to prioritise threats that matter
- Digital forensics and incident response to quickly find root causes.
Trellix Network Detection & Response (NDR)
Trellix Network Investigator, now available to all customers, provides a holistic solution to detect, investigate and address threats across the kill chain.
By combining our existing machine learning modules, event-based packet capture, and network traffic hunting into a single solution, customers can rapidly deploy NDR capabilities across their existing Trellix network products.
Using signals from Trellix Intrusion Prevention System, Trellix Network Security, and Trellix Network Forensics products to identify activity after initial infection, customers are now able to prevent lateral movement and data exfiltration.
In combination with triage and investigation features, the Trellix NDR solution immediately applies patching to protect against further exploitation. Trellix Network Investigator is complemented by our Detection as a Service subscription.
Available now for all Trellix Intrusion Prevention System customers, and deployable with SaaS and private cloud options, customers receive zero day protection and malware analysis.
Trellix Advanced Research Center
The Advanced Research Center brings together a team of security researchers, analysts, and responders to produce novel insights and actionable real-time intelligence.
Leveraging security telemetry from Trellix's network of sensors in the market coupled with unparalleled industry intelligence, ensures Trellix technology is powered by cutting edge threat indicators.
The Advanced Research Center provides Trellix’s 40,000 customers with continuous adversarial research, threat intelligence, product updates, and machine learning algorithms.