Trellix Introduction Video

Trellix Introduction

A living security platform with a pulse that is always learning and always adapting.

XDR Solution Brief

XDR Solution Brief

Learn how an XDR ecosystem that’s always adapting can energize your enterprise.

Gartner Magic Quadrant for Endpoint Protection Platforms

Gartner MQ (Endpoint)

Download the Magic Quadrant report, which evaluates the 19 vendors based on ability to execute and completeness of vision.

Gartner Marketplace Guide (XDR)

Gartner® Report: Market Guide for XDR

As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."

Prime Minister’s Office Compromised

Prime Minister’s Office Compromised

Multi-stage cyberespionage campaign targeting high-ranking government officials overseeing national security policy and defense industry.

January 2022 - Threat Report

Trellix Threat Report: January 2022

Our new company’s first threat report features research on Log4j, prevalent ransomware, APT tools, ATR malware data, targeted clients, customer sectors, and MITRE ATT&CK techniques.

McAfee Enterprise and FireEye emerge as Trellix

McAfee Enterprise and FireEye emerge as Trellix

Two trusted leaders in cybersecurity have come together to create a resilient digital world.

Trellix CEO

Our CEO on living security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

Trellix Advanced Threat Research

What We Do

At Trellix Advanced Threat Research (ATR), our goal is to identify and illuminate a broad spectrum of threats in today's complex landscape. ATR researchers are responsible for research in nearly every vertical of threat, including those targeting financial, retail, medical, industrial controls and many other industries. We have experts in vulnerability and threat research who find and report critical vulnerabilities in popular hardware and software and who use a global network of endpoints to track malware campaigns as well as the nation-states and malicious actors behind them.

Our red team incorporates and builds upon the techniques, tactics, and procedures (TTPs) uncovered by our researchers while performing engagements where the robustness of both our products and infrastructure are continuously being tested. And our Operational Intelligence team operates globally around the clock, keeping watch of the latest cyber campaigns and actively tracking the most impactful cyber threats. These findings are fed back into the solutions that ultimately power Trellix’s products.

View the Tools & Techniques Library

Threat Report April 2022

April 2022 Report

Our report on the rise of cyberattacks targeting critical infrastructure in the fourth quarter and Ukraine in the start of the new year.


Trellix researchers investigate the attack surfaces in autonomous vehicles as well as the machine learning algorithms and physical-to-digital attacks related to them.

Learn More

Critical Infrastructure

Trellix researchers investigate multiple areas of critical infrastructure implementations, including human machine interface (HMI) software, programmable logic controllers (PLCs), and network protocols, such as MODBUS, ICCP, and others.

Learn More

Healthcare and Medical Devices

Our research explores medical devices, networks, protocols, and security practices to help healthcare organizations innovate securely.

Learn More

Software-Defined Radio

Our research looks at radio frequency, including near-field communications (NFC and RFID) and wireless transmissions to determine potential impacts to network and proximity devices.

Learn More

Browser, Operating System & Enterprise Software

By discovering and disclosing critical vulnerabilities in the world’s most popular software, the Trellix threat labs team continuously reduces the overall attack surface for one of the most attractive targets for cybercriminals.

Learn More

Consumer Electronics & IOT

Our researchers look for vulnerabilities in consumer devices to identify threats and guide manufacturers toward more secure products, reducing the potential for attackers to gain access to home or business networks.

Learn More