Trellix, a cybersecurity company that provides the future of extended detection and response (XDR), has announced the expansion of its XDR platform. Trellix XDR enables the company’s 40,000+ customers to improve their cyber resilience, maximize the value of their existing security tools, and shorten the mean time to detection and response.
“We have the most comprehensive XDR platform in the industry,” said Bryan Palma, CEO, Trellix. “Legacy security information and event management (SIEM) technology has failed to modernize security operations. We are confident Trellix XDR fills this critical gap.”
The upgraded XDR engine, which will be available in the fourth quarter of 2022, will provide security operations teams with enhanced playbooks for guided investigations, improved threat intelligence through the integration of McAfee and FireEye assets, and the launch of Trellix Event Fabric. Trellix Event Fabric connects disparate security data sources from any cloud provider, allowing security analysts to access and correlate data from virtually any location. This combination of machine learning and automation enables security operations teams to improve mean time to detection while decreasing mean time to response.
“Trellix XDR gives us more visibility and context into threats,” said Kate Downing, Senior Director Security & Risk, Clario. “Events that would have not been addressed before, surface to a higher level of awareness, allowing our security teams to quickly focus and eliminate any further impact, thereby reducing the severity and scope of the attack.”
XConsole streamlines the user experience across Trellix XDR by providing security operations teams with a single interface. Customers can maximize their investments in native Trellix technologies and third-party security tools by delivering a common operating picture. Analysts and responders can quickly baseline their overall threat posture by leveraging a single user interface that provides visibility across network, endpoint, data, email, and cloud attack surfaces. XConsole, which will be available in early 2023, will serve as the control center for Trellix XDR.
“Trellix XDR, now incorporating a unified security operations console, brings it all together by ingesting data from all technologies in an organization,” said Dr. Ali Baghdadi, Senior Vice President & Chief Country Executive, Ingram Micro. “This easy-to-use platform is very attractive to our customers.”
Trellix Endpoint, which will be available in early 2023, combines the best McAfee and FireEye technologies in endpoint protection, detection and response, and forensics to deliver best-in-class layered endpoint defense.
This first step on the XDR journey provides:
Trellix Network Investigator, now available to all customers, provides a holistic solution to detect, investigate and address threats across the kill chain. By combining our existing machine learning modules, event-based packet capture, and network traffic hunting into a single solution, customers can rapidly deploy NDR capabilities across their existing Trellix network products. Using signals from Trellix Intrusion Prevention System, Trellix Network Security, and Trellix Network Forensics products to identify activity after initial infection, customers are now able to prevent lateral movement and data exfiltration. In combination with triage and investigation features, the Trellix NDR solution immediately applies patching to protect against further exploitation. Trellix Network Investigator is complemented by our Detection as a Service subscription. Available now for all Trellix Intrusion Prevention System customers, and deployable with SaaS and private cloud options, customers receive zero-day protection and malware analysis.
The Advanced Research Center assembles a top-tier team of security researchers, analysts, and responders to generate novel insights and actionable real-time intelligence. Trellix technology is powered by cutting-edge threat indicators by leveraging security telemetry from the market’s network of sensors and unparalleled industry intelligence. The Advanced Research Center provides continuous adversarial research, threat intelligence, product updates, and machine learning algorithms to Trellix’s 40,000 customers.
