Trellix Security Platform Integrations

Detect threats at any point in your workflow. Inspect your cloud infrastructure and the business logic of the data in your cloud apps. Validate your files and content with the latest threat intelligence and multiple dynamic machine learning, AI, and correlation engines. Easily integrate across your trusted cloud services, web applications, and collaboration tools. Scan files, hashes, and URLs for potential malware in a live virtual environment without risking your internal assets. Incorporate Detection as a Service into your SOC workflows, SIEM analytics, data repositories, applications and much more. Determine the possibility of secondary or combinatory effects across multiple phases of the cyber-attack chain to discover never-before-seen exploits and malware. Submit MD5 hashes or local files with our easy-to-use Chrome plug-in that easily integrates into existing toolsets or workflows.

Protects sensitive information across top threat vectors. Trellix Data Loss Prevention (DLP) delivers unprecedented protection for sensitive and proprietary information from the keyboard to the cloud. Get industry-leading discovery and classification, deploy policies across top threat vectors, respond to events in real-time, coach users, and generate reports. Trellix DLP offers a convenient single console to manage deployment, administer policies, monitor events in real-time, and get out-of-the-box reports to ensure compliance.

Trellix Data Encryption products secure devices and removable media to ensure that only authorized users can access the information they contain. Deploy encryption policies through a single management console, while monitoring encryption status and generating compliance reports. Choose from an extensive catalog of policy options to secure information across devices, files, and removable media - easily managed from a single location. Trellix Native Drive Encryption centralizes and simplifies management of both BitLocker and FileVault into a central console that is available on-premises or via SaaS. This saves time and resources for organizations managing multiple operating systems, since reporting and administrative tasks like encryption key and pin management are centralized.

Keep your email infrastructure and users safe— whether on-premises or in the cloud. Identify and mitigate advanced email threats—including ransomware, business email compromise (BEC), and phishing—with Trellix Email Security. You’ll get leading detection and response capabilities to build a trusted, resilient email environment. Identify current threats quickly and accurately with prioritized alerts to help analysts take immediate action. Keep your email safe—whether it’s hosted on-premises or in the cloud—with leading sandbox technology, AI, and machine learning. Connect with as many as 650 Trellix solutions and third-party products to deliver insights and create a unified, living security ecosystem. Minimize the risk of breaches and identify, isolate, and protect against advanced URL and attachment-based attacks with this on-premises solution. Choose Advanced Threat mode to unearth malicious URLs with custom plug-ins, or Full Hygiene mode to reduce impersonation, BEC, and more.

Endpoint threat detection, investigation, and response—modernized. Reduce the time to detect and respond to threats. Trellix EDR helps security analysts quickly prioritize threats and minimize potential disruption. Guided investigation automatically asks and answers questions while gathering, summarizing, and visualizing evidence from multiple sources—reducing the need for more SOC resources. Cloud-based deployment and analytics enables your skilled security analysts to focus on strategic defense, instead of tool maintenance. Benefit from implementing the right solution for you. Use an existing Trellix ePolicy Orchestrator (Trellix ePO) on-premises management platform or SaaS-based Trellix ePO to reduce infrastructure maintenance. Remove administration overhead, allowing more senior analysts to apply their skills to the threat hunt and accelerate response time.

Uniform visibility into disparate, multi-cloud infrastructure through a single console. Reduce risk of cloud security misconfiguration resulting in exposure and compliance violation. Proactive cloud security posture using machine learning to intelligently detect anomalies. As companies continue the rush to the cloud, new threats bring additional challenges to cyber defense. At the same time, cyber security teams must shift from being perceived as a bottleneck to an enabler of business. Learn from seasoned experts, with real world examples of how to move at the speed of cloud while keeping your organization secure. Cloud-native governance of microsegmentation policies via cloud-native firewalls and security controls. Orchestrated remediation of compliance failures & governance of desired-state security policies.

Advanced persistent threats (APTs) to control points, servers, and fixed devices via remote attack or social engineering make it increasingly difficult to protect your business. Trellix Application Control helps you outsmart cybercriminals and keeps your business secure and productive. Ensure that only trusted applications run on devices, servers, and desktops. As users demand more flexibility to use applications in their social and cloud-enabled business world, Trellix Application Control gives organizations options to maximize their whitelisting strategy for threat prevention. For unknown applications, Trellix Application Control provides IT with multiple ways to enable users to install new applications: User Notifications and user self-approvals. Prevents zero-day and APT attacks by blocking the execution of unauthorized applications. Use inventory search and pre-defined reports to quickly find and fix vulnerabilities, compliance, and security issues in your environment.

Trellix Database Security finds and protects sensitive information in databases from accidental leakage and intentional exposure while maintaining security, optimizing performance, and managing access. Discover sensitive and proprietary information in databases across the environment. Improve regulatory compliance by blocking unauthorized access to sensitive data. Address vulnerabilities quickly, with little to no downtime. Monitor, log, and control database access, in addition to identifying and blocking potential threats before they can damage the environment. Perform automated scans to find supported databases and the sensitive data they contain. Identify and prioritize known vulnerabilities, and receive detailed remediation advice. Protect databases from known and unknown vulnerabilities without downtime. Stop intrusions and other exploits before they impact your environment.

A single-pane view helps consolidate management across physical, virtual, and hybrid-cloud environments. Benefit from secure workloads all the way from on-prem to cloud, across the board. Automates the defense of elastic workloads to eliminate blind spots and deliver advanced threat defense. Leverage advanced host-based workload defense optimized specifically for virtual instances to avoid straining overall infrastructure. Avail virtual machine-optimized threat defenses that help deliver multilayer countermeasures. Gain awareness and protect your virtualized environment and network from external malicious sources. Comprehensive countermeasures, including machine learning, application containment, virtual machine-optimized anti-malware, whitelisting, file integrity monitoring, and micro-segmentation, to protect your workloads. Helps assign and manage all workloads automatically with the ability to import AWS and Microsoft Azure tag information into Trellix ePO.

Giving customers a unique insight into malicious files, domains, and IP detections seen worldwide. Advanced Threat Landscape Analysis System (ATLAS) data is aggregated from various Trellix data sources to provide the latest global emerging threats with enriched data such as industry sector and geolocation. ATLAS correlates these threats with campaign data containing research from Trellix’s Advanced Research Center (ARC) and Threat Intelligence Group (TIG), as well as open source data, to provide a dedicated view for campaigns consisting of events, dates, threat actors, IOCs, and more. Enables customers with unique global insight into the malicious threat detections seen worldwide by Trellix. Geospatially enabled situational awareness. Utilizes the Trellix telemetry data collected worldwide. Highlights current and emerging threats by highlighting those of particular interest by type, industry sector, geolocation, most seen, etc.