Trellix Advanced Correlation Engine
Detect threats based on what you value.
Find threats that defy rules-based detection
Real-time and Historical Threat Detection
Get zero-day threat detection. Analyze events for immediate threat and risk detection to determine if your organization was exposed to a specific attack.Get zero-day threat detection. Analyze events for immediate threat and risk detection to determine if your organization was exposed to a specific attack.
Rule-based Event Correlation
Correlate all logs, events, and network flows together—along with contextual information such as identity, roles, vulnerabilities, and more—to detect patterns indicative of a larger threat.
Risk Score Correlation
In rule-less correlation systems, detection signatures are replaced with a simple, one-time configuration, providing real-time threat detection.
Real-time Tracking and Alerting
Receive notifications if specific users, groups, applications, servers, or subnets are threatened.
Performance Where You Need It
Get the processing power required to support rich event correlation across your entire enterprise.
Simplified Deployment
Streamline event correlation and startup. Trellix Advanced Correlation Engine does not require rule updates or signature tuning.
Product Features
Historical Threat Analysis
Use audit trails and historical replays to support forensics, compliance, and rule tuning. Keep a complete audit trail of risk scores to analyze threat conditions over time.
No Performance Impact
Because Trellix Advanced Correlation Engine is a self-contained appliance or virtual offering, there’s absolutely no performance impact on Trellix Enterprise Security Manager.
Deployment Options
Trellix Advanced Correlation Engine is available in both appliance and virtual deployments.