Trellix Expands XDR Platform to Transform Security Operations

Trellix XDR unifies endpoint, network, and data detection and response with a simplified security operations experience

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced the expansion of its XDR platform. Trellix XDR enables the company’s 40,000+ customers to build greater cyber resiliency, maximize the value of their existing security tools, and reduce mean time to detection and response.

“We have the most comprehensive XDR platform in the industry,” said Bryan Palma, CEO, Trellix. “Legacy security information and event management (SIEM) technology has failed to modernize security operations. We are confident Trellix XDR fills this critical gap.”

Trellix XDR

Arriving in the fourth quarter of 2022, the upgraded XDR engine provides security operations teams with enhanced playbooks for guided investigations, upgraded threat intelligence through the integration of McAfee and FireEye assets, and the launch of Trellix Event Fabric. Trellix Event Fabric bridges disparate security data from any cloud provider allowing security analysts to access and correlate data from anywhere. This combination of machine learning and automation allows security operations teams to reduce mean time detection and improve mean time to response.

“Trellix XDR gives us more visibility and context into threats,” said Kate Downing, Senior Director Security & Risk, Clario. “Events that would have not been addressed before, surface to a higher level of awareness, allowing our security teams to quickly focus and eliminate any further impact, thereby reducing the severity and scope of the attack.“

Trellix XConsole

XConsole simplifies the user experience across Trellix XDR providing a single interface for security operations teams. Delivering a common operating picture allows customers to maximize their investments in native Trellix technologies and third-party security tools. By leveraging a single user interface, analysts and responders can quickly baseline their overall threat posture through added visibility across network, endpoint, data, email, and cloud attack surfaces. Available early in 2023, XConsole becomes the control center for Trellix XDR.

“Trellix XDR, now incorporating a unified security operations console, brings it all together by ingesting data from all technologies in an organization,” said Dr. Ali Baghdadi, Senior Vice President & Chief Country Executive, Ingram Micro. “This easy-to-use platform is very attractive to our customers.”

 Trellix Endpoint

Arriving early 2023, Trellix Endpoint unifies the best of McAfee and FireEye technologies across endpoint protection, endpoint detection and response, and forensics to deliver best-in-class layered endpoint defense.

This first step on the XDR journey provides:

• multi-stage ransomware prevention
• identity detection and response to prevent credential theft and abuse
• attack surface management to prioritize threats that matter
• digital forensics and incident response to quickly find root causes.

Trellix Network Detection & Response (NDR)

Trellix Network Investigator, now available to all customers, provides a holistic solution to detect, investigate and address threats across the kill chain. By combining our existing machine learning modules, event-based packet capture, and network traffic hunting into a single solution, customers can rapidly deploy NDR capabilities across their existing Trellix network products.  Using signals from Trellix Intrusion Prevention System, Trellix Network Security, and Trellix Network Forensics products to identify activity after initial infection, customers are now able to prevent lateral movement and data exfiltration. In combination with triage and investigation features, the Trellix NDR solution immediately applies patching to protect against further exploitation. Trellix Network Investigator is complemented by our Detection as a Service subscription. Available now for all Trellix Intrusion Prevention System customers, and deployable with SaaS and private cloud options, customers receive zero-day protection and malware analysis.

Trellix Advanced Research Center

The Advanced Research Center brings together an elite team of security researchers, analysts, and responders to produce novel insights and actionable real-time intelligence. Leveraging security telemetry from Trellix’s network of sensors in the market coupled with unparalleled industry intelligence, ensures Trellix technology is powered by cutting edge threat indicators. The Advanced Research Center provides Trellix’s 40,000 customers with continuous adversarial research, threat intelligence, product updates, and machine learning algorithms.

Additional Resources

• Trellix Xpand Live Media Kit