Trellix Introduction Video
Trellix Introduction

A living security platform with a pulse that is always learning and always adapting.

Gartner Magic Quadrant for Endpoint Protection Platforms
Gartner MQ (Endpoint)

Download the Magic Quadrant report, which evaluates the 19 vendors based on ability to execute and completeness of vision.

Gartner Marketplace Guide (XDR)
Gartner® Report: Market Guide for XDR

As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."

Trellix Threat Labs Research Report: April 2022

Trellix Threat Labs Research Report: April 2022

Our report on the rise of cyberattacks in the fourth quarter and Ukraine in the start of the new year.

Cyberattacks Targeting Ukraine and HermeticWiper Protections

Cyberattacks Targeting Ukraine and HermeticWiper Protections

Analysis from the Trellix Advanced Threat Research (ATR) team of wipers deployed in Ukraine leading to likely connection between Whispergate, and HermeticWiper.

Trellix CEO

Our CEO on Living Security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

Trellix Introduction Video
Trellix Introduction

A living security platform with a pulse that is always learning and always adapting.

Trellix Security Innovation Alliance Partner Directory

List of partners.


A10 Networks

A10 Networks (NYSE: ATEN) provides Reliable Security Always™ through a range of high-performance solutions that enable intelligent automation with deep machine learning to ensure business critical applications are protected, reliable, and always available. Founded in 2004, A10 Networks is based in San Jose, CA and serves customers globally with offices worldwide.

The A10 Thunder® SSLi® is an SSL/TLS visibility solution that eliminates the encryption-induced security blind spot by decrypting enterprise traffic and enabling security devices to detect and stop encrypted attacks. It can be deployed in a number of different ways, having the ability to decrypt traffic for inline, passive, and ICAP-enabled security devices. The solution, with its security subscriptions, also adds an additional layer of preventive security, all of which can be deployed easily with wizard-driven configuration and management.

Thunder SSLi integrates with the Trellix Network Security Platform (NSP) by intercepting enterprise traffic, decrypting it, and forwarding it to NSP in clear-text. This enables NSP to inspect encrypted traffic easily, and perform advanced intrusion prevention and malware analysis, without compromising performance, so that no malicious content makes it into the network.

Integrated with Trellix Network Security Platform

Absolute Software

Absolute offers uncompromised visibility and near real-time remediation of security breaches at the source. Embedded in more than a billion devices, our Absolute Persistence self-healing endpoint security technology gives IT pros complete control over devices and data. No other technology has the power to withstand user error or malicious attacks, and return devices to an original state of safety and efficacy.

Our cloud-based platform gives IT and security professionals absolute awareness and control of devices, data and applications — whether on or off the network, or in the hands of an unauthorized user. With Absolute, you can enhance IT asset management, protect sensitive data, reduce insider threats, and ensure compliance.

acalvio

Acalvio: Active Defense Powered By Autonomous Deception.
Acalvio's ShadowPlex delivers Active Defense that enables organizations to detect and respond fast to cyber threats inside the network. The AI-Driven solution is effective against zero-day threats and nation-state threat actors inside the network.

Acalvio ShadowPlex and Trellix ePO, Version: 5.10.0 (on-premises)

AccessData

Whether it’s for investigation, litigation, or compliance, AccessData® offers industry-leading solutions that put the power of forensics in your hands. For over 30 years, AccessData has worked with more than 130,000 clients in law enforcement, government agencies, corporations, and law firms around the world to understand and focus on their unique collection-to-analysis needs. The result? Products that empower faster results, better insights, and more connectivity.

AccessData products now support the latest versions of Trellix Disk Encryption. Because of this partnership with Trellix, AccessData users can now take a full disk encrypted image and decrypt within the FTK suite of solutions, including Forensic Toolkit (FTK), AD Lab, and AD Enterprise 7.2. This helps ensure an organization’s confidential data remains secure, while enabling access when necessary for conducting a forensic investigation.

Allen Corporation of America

Allen Corporation of America provides cybersecurity research, technology, and training solutions to organizations and individuals tasked with detecting and investigating cybercrimes. Allen Corporation’s Advanced Threat Identification-Preemptive Defense (ATI-PD)™, efficiently enforces authorized use policies and protects against insider threats.

By leveraging the investments that organizations have made in Trellix endpoint protection suites, extending the one security agent and centralized management view provided by Trellix ePO, and utilizing the enforcement features of Trellix Host Intrusion Prevention, ATI-PD helps companies protect their critical assets and save time and money. ATI-PD leverages the signature database of one of the industry’s leading malware discovery tools for forensic investigations, WetStone Technologies™ Gargoyle Investigator™, enabling ATI-PD to detect and block the execution of thousands of malicious programs and tools in categories such as steganography, hacker toolkits, encryption, keyloggers, wireless surveillance, password crackers, and anti-forensics.

Allen Corporation Advanced Threat Identification-Preemptive Defense (ATI-PD) software version 1.0 and Trellix Host Intrusion Prevention software and Trellix ePO, with Trellix Agent on Windows workstations and servers [EOL].

Anomali

Anomali delivers innovative and effective technologies and solutions to address cybersecurity challenges for organizations of all sizes. Through trust, collaboration, and communication, Anomali strives to implement intelligence-driven solutions to achieve its vision: a more secure world.

Trellix Enterprise Security Manager

Appgate

Appgate is a secure access company providing solutions for people, devices and systems based on the principles of Zero Trust. Our defensive solutions are informed by sophisticated offense-oriented capabilities, machine learning, and telemetry gathered across billions of connections monitored and millions of threats mitigated.

Request information

Aruba Networks

Aruba Networks is a leading provider of next-generation network access solutions for the mobile enterprise. The company's Mobility-Defined Networks empower IT departments to support #GenMobile, a new generation of tech-savvy users who rely on mobile devices for every aspect of work and personal communication. Aruba delivers a secure mobility experience by automating infrastructure-wide performance optimization and security actions that previously required manual IT intervention. The results are dramatically improved security, higher productivity, and lower operating costs.

Aruba has partnered with Trellix to deliver an end-to-end enterprise risk mitigation and management solution by integrating with the Trellix SIEM solution. Aruba's ClearPass, a security and management solution, is a Trellix SIEM supported device. ClearPass is an ultra-scalable, high-availability AAA solution with policy management, guest network access, device on-boarding, and device health checks, with a complete understanding of context. It leverages a user's role, device, location, application-use, and time-of-day to execute custom security policies, accelerate device deployments, and streamline network operations across wired, wireless and VPNs. Both the Trellix SIEM solution and ClearPass are positioned as Leaders in Gartner Magic Quadrants, and used together deliver enterprise-class network access.

Aruba Networks ClearPass 6.6x and Trellix Enterprise Security Manager.

Atos

A global leader in digital transformation, Atos provides end-to-end hybrid cloud, big data, cybersecurity, and digital workplace solutions and is the Worldwide Information Technology Partner for the Olympic and Paralympic Games.

Trellix and Atos have partnered to provide a cloud access security broker (CASB) service that combines best of breed technology from Trellix MVISION Cloud and Atos cybersecurity products: Trustway for data protection and Evidian for access management. The combined offer ensures greater control to customers for their data encryption and identity and access management needs across multicloud environments. Atos is now the first partner certified by Trellix SIA for MVISION Cloud products. Customers can now seamlessly experience the single sign-on, authentication, and data encryption capabilities provided by Atos products while securing their SaaS, PaaS, and IaaS cloud environments with Trellix MVISION Cloud.

Request information

Atos Trustway and Evidian and Trellix MVISION Cloud

Attivo Networks

Attivo Networks is an innovator in deception technology for cybersecurity defense that detects intrusions inside the network, data center, and cloud in real time before the data is breached. Leveraging high-interaction deception techniques, the Attivo BOTsink Solution lures bots and advanced persistent threats to reveal themselves, without generating false positives. Designed for efficiency, there are no dependencies on signatures, database lookup, or heavy computation to detect and defend against cyberthreats. Attivo solutions capture full forensics and provide the threat intelligence to shut down and protect against future attacks.

The Attivo BOTsink solution is now available as an integrated solution with the Trellix Network Security Platform (NSP). BOTsink adds insight Trellix NSP providing detailed forensic information on attacker methods, malicious domains, and provides snort signatures based on botnet behavior that can be used to block infected systems from exfiltrating valuable company data or other malicious intent.

Request information

Attivo BOTsink and Trellix Network Security Platform and Trellix Enterprise Security Manager

Axis Security Application Access Cloud

Axis Security's Application Access Cloud introduces an amazingly simple and secure solution for zero trust network access (ZTNA) to enable access to any application for any user, anywhere. Built on a zero trust, agentless-first approach, Application Access Cloud enables more use cases, covering more apps than any other access solution. Axis eliminates the need for VPNs, VDI's, network changes, or agents on every device.

Reduce risk by significantly minimizing the attack surface as users never touch the network, or vulnerable applications. By collecting and analyzing real-time user behavior, Application Access Cloud continuously ensures the right users access the right apps.

The Application Access Cloud easily solves even difficult use cases such as zero trust access for remote employees with BYOD, employees of an acquisition or outside contractors, partners, and 3rd parties. This ZTNA cloud service is reimagined from the ground up to be simple — making application access fast to deploy, easy to use, and more secure than ever before.

https://www.axissecurity.com
Watch Video
Request information

beyondtrust

BeyondTrust is the worldwide leader in Privileged Access Management (PAM), empowering organizations to secure and manage their entire universe of privileges. Our integrated products and platform offer the industry's most advanced PAM solution, enabling organizations to quickly shrink their attack surface across traditional, cloud and hybrid environments.

The BeyondTrust Universal Privilege Management approach secures and protects privileges across passwords, endpoints, and access, giving organizations the visibility and control they need to reduce risk, achieve compliance, and boost operational performance. Our products enable the right level of privileges for just the time needed, creating a frictionless experience for users that enhances productivity.

With a heritage of innovation and a staunch commitment to customers, BeyondTrust solutions are easy to deploy, manage, and scale as businesses evolve. We are trusted by 20,000 customers, including 70 percent of the Fortune 500, and a global partner network. Learn more at
Request information

PowerBroker for Windows with Trellix ePolicy Orchestrator, Trellix Enterprise Security Manager and Trellix Data Exchange

Boldon James

For over 30 years Boldon James software has helped organizations manage sensitive information securely and in compliance with legislation and standards. The Boldon James Classifier products classify and protectively mark emails, documents, and files from to improve data loss prevention and reduce archiving costs. Boldon James is a wholly-owned subsidiary of QinetiQ, with offices in the US, Europe, and Australia, and channel partners worldwide.

Boldon James Classifier integrates with Trellix data loss prevention products to reduce the risk of data loss. Classifier captures the user's knowledge of the business value of data, in the form of visual and metadata markings applied to messages and documents. This user perspective can then be used to supplement automated content scanning, in order to deliver more accurate data loss prevention outcomes with fewer false positives, improved user acceptance, and greater risk reduction.

Boldon James Classifier is integrated with Trellix ePolicy Orchestrator and Trellix Data Exchange Layer, providing real-time actionable intelligence and the ability to initiate critical data loss prevention activity throughout the line of Trellix products. With Trellix Data Exchange Layer, Boldon James Classifier can share activity events in real-time with Trellix Enterprise Security Manager, which can monitor, correlate, and analyze user classification and data handling. By analyzing this user activity, Trellix Enterprise Security Manager can detect suspicious behavior, report activity through Trellix ePolicy Orchestrator dashboards, and automatically launch remedial actions to tackle insider threats arising from negligent or deliberate actions.

BowBridge

BowBridge Software is a leading provider of content security solutions for mission-critical SAP applications. The AntiVirus Bridge products secure file transfers and data feeds into SAP applications and protect them from malware and other content-based threats, such as cross-site scripting and active content. BowBridge content security products have been certified multiple times by SAP and it has a wealth of experience in securing the most complex SAP implementations.

With BowBridge’s latest generation of solutions, customers worldwide benefit from the integration of Trellix virus scan technology into AntiVirus Bridge for SAP solutions. The combination delivers high performance and maximum protection in the most demanding enviroments. AntiVirus Bridge will feed content security related events directly into Trellix ePolicy Orchestrator (Trellix ePO). This will allow customers to monitor and report on their SAP infrastructure without having to access the SAP system, resulting in a more streamlined and consolidated security view.

BowBridge Antivirus Bridge for SAP solutions 3.0 and Trellix ePolicy Orchestrator.

BUFFERZONE

BUFFERZONE defends endpoints from known and unknown zero-day threats, ransomware, drive-by downloads, and file-less malware by isolating browsers, untrusted applications, email attachments, and removable media in a virtual container. BUFFERZONE seamlessly integrates with Trellix ePolicy Orchestrator (Trellix ePO), and you can easily install and update BUFFERZONE using Trellix ePO agent tasks. From the Trellix ePO software policy catalog, you can define, distribute, and update BUFFERZONE endpoint policies for groups or individuals. Additional BUFFERZONE features include:

  • Secure bridge: A configurable CDR process for safely disarming and extracting data from the container, enabling secure and compliant collaboration.
  • Network separation with passport enforcement: Enforced by the organizational proxy server, endpoint connections to the internet use separate networks from connections to internal, trusted resources.
  • Upload blocker: As part of an organizational DLP strategy, BUFFERZONE can require browser uploads to be from an isolated location without any data from internal sources.
  • Endpoint intelligence: Detailed syslog format reporting and SIEM integration identifies and tracks attacks.

BUFFERZONE 4.1 and above (current version: 5.4) and Trellix ePO (versions 4.6 and 5.1x)

Check Point

Check Point Software Technologies is one of the largest globally network security vendors, providing industry-leading solutions and protecting customers from cyberattacks with an unmatched catch rate of malware and other types of threats. Check Point offers a complete security architecture defending enterprises — from networks to mobile devices — in addition to comprehensive and intuitive security management. Check Point protects over 100,000 organizations of all sizes.

Check Point and Trellix will combine forces to provide a leading solution for continuous monitoring, workflow optimization, and maximum security for enterprises. Through seamless integration techniques, Check Point’s next generation threat prevention platform will share information with Trellix's suite of products to provide the most comprehensive end-to-end security from the network perimeter to the endpoint. Trellix Data Exchange Layer will share security intelligence in real-time so these threats can automatically be blocked by Check Point’s next generation threat prevention platform.

Request information

Trellix ePO, ESM and DXL with Check Point’s Next Generation Threat Prevention

Cicada

Cicada Security technology developed the first data protection technology to responsively detect and prevent data exposure on an active endpoint device against physical threat. Cicada Physical Data Protection (PDP) technology uses behavioural analysis and device-resident trigger technologies to ensure locally stored, cloud, or network accessible data present on laptops, phones, and tablets in use by a mobile workforce cannot be accessed by an unauthorized party, in the event that the device is stolen or tampered with.

Cicada PDP effectively addresses critical security gaps which remain unaddressed by other endpoint security platforms. When integrated with Trellix Data Exchange Layer, Cicada PDP enables authentication, encryption, data loss prevention, and other endpoint security technologies with the visibility to detect and respond to reported risks.

Cicada PDP with Trellix ePolicy Orchestrator and Trellix Data Exchange Layer

Cisco

Cisco Systems is an industry leader in security solutions that extend from network to branch and cloud. By focusing on an integrated architectural approach, Cisco provides solutions that are open to easily share critical security information enabling automated policy enforcement which simplifies the management and scalability of security solutions, effectively protecting customers. This holistic approach enables Cisco to collaborate with technology partners to deliver a complete range of integrated cybersecurity solutions.

Request information

Cisco Email Security Appliance and Trellix Advanced Threat Defense. Cisco Identity Service Engine/pxGrid and Trellix ePolicy Orchestrator/Data Exchange Layer

Cloudera

Cloudera delivers the modern data management and analytics platform built on Apache Hadoop and the latest open source technologies. The world’s leading organizations trust Cloudera to help solve their most challenging business problems with Cloudera Enterprise, the fastest, easiest and most secure data platform available for the modern world. Customers efficiently capture, store, process, and analyze vast amounts of data, empowering them to use advanced analytics to drive business decisions quickly, flexibly, and at lower cost than has been possible before.

Cloudera’s Enterprise Data Hub for cybersecurity is designed to detect previously unseen threats early in the attack chain—helping organizations avoid financial and reputational damage. Unlike traditional solutions that provide signature and correlation analysis across subsets of security data, Cloudera Enterprise Data Hub can ingest, store, and analyze any volume or variety of data. This allows for behavior-driven analytics that can detect the smallest changes in user or system behavior—traditionally the most reliable indicators of compromise. It works seamlessly with existing cyber defenses, allowing organizations to quickly deploy and improve their security posture with no disruption.

Cloudera Enterprise Data Hub and Trellix Enterprise Security Manager

Cofense

Cofense, formerly known as PhishMe, is the leading provider of human-driven phishing defense solutions for organizations concerned with their susceptibility to sophisticated cyberattacks. Cofense delivers a collaborative, cooperative approach to cybersecurity by enabling organization-wide response to the most used attack vector—phishing. Cofense serves customers of all sizes across multiple industries including financial services, energy, government, healthcare, technology, and manufacturing, as well as other Global 1000 entities that understand how engaging user behavior will improve security, aid incident response, and reduce the risk of compromise.
Cofense Triage allows security operations and incident responders to automate the identification, remediation, and sharing of phishing-specific threats. The combination of human reporters and analysis identify attacks that evade perimeter defenses and enable a rapid response. Cofense Triage will integrate with Trellix Enterprise Security Manager to enhance incident response and intelligence workflow.

Cofense Triage also integrates with Cofense Intelligence, a human-verified and enriched phishing attack and threat data source. Cofense Intelligence can also be integrated into Trellix Enterprise Security Manager and supports STIX and JSON. The end result is that customers using Trellix Enterprise Security Manager can receive phishing intelligence data and reported phishing human intelligence that integrates and enhances the SOC and incident response team workflow against the threat of phishing.

Cofense Triage 1.5 or above, Cofense Intelligence with Trellix Enterprise Security Manager 9.5.1 or above and Trellix ePolicy Orchestrator

CryptoVision

CryptoVision provides hardware-based signature and authentication solutions with a strong commitment to ease of use, flexibility, and security on crypto smart cards and USB tokens. As optimal personal sensitive data protection and storage devices, hardware tokens are widely integrated with CryptoVision’s own or third-party software solutions dealing with PKI-based model of information security.

CryptoVision is committed to open standards and plans to provide a security solution that combines the strengths of Trellix Endpoint Encryption with the protection of secret keys offered by their smart card product line CryptoCard multiSIGN family.

CryptoCard MultiSIGN with Trellix endpoint encryption solutions

CTERA

CTERA delivers the industry’s first private cloud IT-as-a-Service platform for storing, syncing, sharing, protecting, and governing data across endpoints, remote offices, and servers. Deployed by Global 1000 enterprises and leading cloud service providers, CTERA transforms private or public cloud infrastructure into scalable, secure, business-critical file services to address the storage, data protection, and collaboration needs of business users.

CTERA was founded upon the belief that enterprise organizations would require the benefits of cloud-based file management without the security compromises associated with traditional SaaS offerings. The CTERA Enterprise File Services Platform is optimized for complete security and privacy, deployable on an organization’s cloud infrastructure of choice, behind their firewall, and with no third-party access to data, keys, authentication, etc. The CTERA platform is tightly integrated with Trellix to provide comprehensive protection for data as it travels across endpoints, offices, and the cloud.

ICAP Protocol with Trellix Web Gateway

Cubro

Cubro is a leading vendor of network visibility solutions that include network TAPs, Advanced Network Packet Brokers, Bypass Switches and Network Probes, for Service Providers and private and public sector Enterprises worldwide. Our solutions improve security posture while reducing costs by increasing the effectiveness and lifecycle of security devices, improving business continuity, and reducing the TCO while increasing the ROI of security solutions.

Cubro’s products remove network ‘blind spots’ to ensure all relevant network traffic is available for security analysis, filter out unnecessary network traffic for analysis, and provide High Availability capabilities for security solutions. Cubro’s Omnia Advanced Network Packet Broker integrates with the Trellix NSP solution by replicating, aggregating and filtering network traffic collected from network TAPs and SPAN ports and passing the filtered traffic to NSP for intrusion prevention and detection analysis which reduces the time taken to analyse the traffic and extends the lifespan and ROI of the NSP solution. Furthermore, the filtered traffic can be load balanced across multiple NSP devices to maximize business continuity in the event of a scheduled or unscheduled NSP service outage.

Request information

Trellix Network Security Platform

Cyber Observer

Cyber Observer is a continuous end-to-end cybersecurity assessment platform.The single pane orientation integrates security tools into a single intuitive interface that enables organizations to continuously monitor tool performance and maintain alignment with cybersecurity, business, and regulatory frameworks. The platform reduces business losses and audit costs by leveraging technology that performs continuous monitoring and auditing using Continuous Controls Monitoring (CCM) On-premises and in cloud (SSPM and CSPM).

Cyber Observer Version 4.0 engages via APIs and direct database connections and supports multiple Trellix solutions (Trellix Database Security, Trellix Web Security, and Trellix ePO) to ensure maximum coverage that provides a strategic approach to a secure environment. Our proprietary connector-based solution coupled with the Trellix suite helps enterprises better manage their cybersecurity environments while continuously monitoring their cybersecurity ecosystem posture.

Cyber-Ark

CyberArk is the only security company that proactively stops the most advanced cyberthreats that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to lock down privileged accounts and protect against cyberthreats before causing irreparable business damage. CyberArk is trusted by the world’s leading companies to protect their highest value information assets, infrastructure, and applications, while ensuring tight regulatory compliance and audit requirements.

CyberArk Privileged Account Security Solution integrated with Trellix Enterprise Security Manager enables security teams to monitor and protect privileged activity, and gain unified, real-time visibility, enabling the identification of critical security threats associated with privileged account activities. The solution generates exceptional detailed tracking and reporting on all privileged activity, meeting auditing and compliance requirements.

CyberArk Privileged Account Security integrated with Trellix ePolicy Orchestrator (Trellix ePO) provides privileged account security monitoring. CyberArk sends Trellix ePO alerts regarding the usage of privileged account credentials. IT administrators can set policies for alerts to be sent to Trellix ePO based on their most important IT. The solution generates compliance reports directly from the Trellix ePO.

The Trellix Enterprise Security Manager and CyberArk Privileged Threat Analytics integrated solution provides unmatched privileged activity intelligence empowering organizations to quickly identify and disrupt the most critical in-progress attacks.

CyberArk Privileged Account Security Solution with Trellix Enterprise Security Manager and Trellix ePO CyberArk Privileged Threat Analytics with Trellix Enterprise Security Manager

Cythereal

Cythereal unifies your existing security products so detection and response can be achieved faster and more economically at scale. Powered by data science, Cythereal completely automates traditionally resource-intensive manual investigations without adding security staff, playbooks, or additional software on your endpoints. Within minutes, its investigations predict attacks likely to succeed, delivering IOCs and signatures tailored from the actual threats attacking your infrastructure. Its reports and intuitive interface let you visualize your organization's current threats, their severity, and depth of penetration. This automated workflow provides continuous assessment without increasing the footprint of your current security team. With Cythereal's MAGIC Early Warning System (EWS), organizations without a SOC can significantly reduce their risk at a fraction of the cost without increasing staff.

The easy integration between MAGIC EWS with Trellix products allows organizations to quickly and dramatically reduce their risk of breach by advanced threat actors. For customers with existing Trellix products, MAGIC EWS can be deployed in days. This is much faster than similar security automation products that require trained staff to operate, playbooks to be written, and months to deploy. By unifying sensor data to realize automatic informed decision options, MAGIC-driven investigations deliver proactive and predictive prevention and maximize the value of your existing security infrastructure—saving you both time and resources.

Request information

MAGIC EWS 1.0 and Trellix MVISION Insights

D3

D3 SOAR is the first and only security orchestration, automation and response platform with MITRE ATT&CK in its DNA. D3's Automation and ATT&CK Intelligence streamline enrichment and response while eliminating manual tasks and false positives. D3's Orchestration allows SOC operators to coordinate incident response workflows across all tools and assets, ensuring rapid and consistent remediations.

The tight integration between D3 SOAR and Trellix ESM helps SOC and IR teams by improving the speed and quality of investigations, enabling proactive analysis, and dramatically reducing MTTR. Events in ESM trigger detailed playbooks in D3, which automatically act on intelligence and from the security infrastructure and data sources. Playbooks can be built using D3's drag-and-drop Visual Canvas, or through ready-to-deploy apps and runbooks within D3. D3's powerful ATT&CK features extend automation beyond IR, to deeper investigations and threat hunting. By surfacing ultra-rich context about adversarial intent, D3 keeps SOC operators focused on suspicious behaviors and critical threats.

D3 SOAR and Trellix Enterprise Security Manager

DB CyberTech

DB CyberTech pioneered predictive data loss prevention for databases. Its patented technologies are based on deep protocol extraction, machine learning, and behavioral analysis. DB CyberTech provides real-time visibility and continuous situational awareness of all conversations between databases and their connected clients. This is critical because you can’t protect what you can’t see. Through non-intrusive analysis of data in motion, DB CyberTech discovers database assets, classifies high-value structured data, and identifies imminent threats of data loss in the earliest phases of an attack—before any data loss has occurred.

The planned integration with Trellix Data Loss Prevention and Trellix database security solutions will provide continuous full-spectrum data tier visibility and threat detection. In addition, DB CyberTech’s machine learning and behavioral analysis capabilities will integrate with Trellix Enterprise Security Manager to provide additional threat insight on suspicious activity detection. This will in turn be reported through Trellix ePolicy Orchestrator for cross-infrastructure alarm correlation and initiate immediate remediation response.

Request information

DB CyberTech Visibility, Privacy, Security 6.1 and Trellix ePolicy Orchestrator 5.10.0

Deep Secure

Deep Secure is a cybersecurity company that delivers content threat removal. The solution addresses a gap in the market for defeating unknown undetectable content threats without the need to examine or isolate threats. It works by extracting the useful business information from the source data and builds new, clean data to carry the information to its destination.

Deep Secure's Content Threat Removal for Web Gateways and the Anti-Steganography Solution will be integrated with Trellix Web Gateway to completely remove content-borne threats, such as zero day, ransomware and sophisticated steganography exploits, from office productivity formats and image data types during any web upload or download activity. This integration ensures that the web browsing user experience can be maintained whilst providing assured threat free content to the user. The integration between Deep Secure and Trellix uses ICAP to always deliver new rebuilt data to the user's browser.

Request information

Def-Logix

Def-Logix, Inc. is an emerging leader in the provision of Information Assurance, Software Engineering, and Information Technology services to the Defense, Intelligence and Commercial communities. Our mission is to provide innovative technological expertise and solutions to our customers. We offer specialized services in computer and network security and state-of-the-art technology solutions to serve the critical needs of our government and commercial customers. Def-Logix sets itself apart by the caliber of its work and a strong culture of innovation.

Deployable Enhanced Forensics (DEF) - End Node Detector (END) includes cutting edge tools for performing computer/network forensics in the Enterprise. It automatically correlates boundary network events to host systems, and then automatically collects forensic information from effected devices. This information is analyzed by a server to determine if the system has been compromised. DEF-END will be integrated with ePO, with incidents reported back to ePO dashboards where appropriate action can be taken by system administrators or incident responders.

Demisto

Demisto Enterprise is the first security operations platform to combine intelligent automation and collaboration into a single ChatOps interface. Demisto’s automation is provided by DBot which interacts with users via ChatOps for playbook-based workflows, cross-correlation, and information sharing, helping security teams scale while learning how humans are wired together.

The integration helps incident responders optimize usage of Trellix products by automating incident investigations through real-time collaboration and lightning-fast automation of the complete incidence response cycle. The platform helps plan, prioritize, and track response to incidents as they appear in Trellix Enterprise Security Manager. It also provides threat feed providers to enhance incident data with threat and organizational context, automating remediation and response by triggering incident-specific playbook/workflows using Trellix ePolicy Orchestrator.

Demisto Enterprise and Trellix Enterprise Security Manager

DFLabs

DFLabs' mission has allowed security teams to analyze and respond to cyber incidents and get them under control. That means less lag between incidents, breaches, and solutions, limiting the losses caused by cyberattacks. It makes cybersecurity faster with controlled intelligence sharing for global clients.

By combining automation, orchestration, and response in one platform, DFLabs allows cybersecurity teams to react faster. This all-in-one supervised approach reduces the time it takes for an active shut down on an attack and improves recovery from data breaches with collaboration and intelligence sharing.

Digital Defense

Founded in 1999, Digital Defense, Inc. is an industry recognized provider of security assessment solutions, helping organizations defend data and protect brands. The company’s Frontline.Cloud is a cloud-based suite of solutions underpinned by innovative, patented technology, complemented with unparalleled service and support, while its security awareness training promotes security-minded behavior. The company has been designated Best Scan Engine by Frost & Sullivan, ranks 16 in Cybersecurity Ventures World’s 500 Hottest Cybersecurity Companies, and was awarded a five-star review by SC Magazine.

Integrations with Data Exchange Layer, Trellix ePolicy Orchestrator, and Trellix Enterprise Security Manager will enable more informed decisions, automation of remediation, and faster, more accurate responses.

Request information

Dragos

Dragos has a global mission: to safeguard civilization from those trying to disrupt the industrial infrastructure we depend on every day. The expert practitioners who founded Dragos were drawn to this mission through their decades of experience in the US Military and Intelligence Community going head-to-head with cyber attackers who threaten the world’s industrial infrastructure. Our solutions combine advanced technologies for asset identification, threat detection and response with the battle-honed insights of our elite team of industrial control systems (ICS) cybersecurity experts. We arm enterprises with the tools to identify threats and respond to them before they become significant breaches. Dragos currently protects hundreds of organizations and provides the industrial control systems community with select free technology products, research and thought leadership. Dragos is privately held and headquartered in the Washington, DC area.

Visit dragos.com for more information or follow us on Twitter or LinkedIn.
Request information
Watch Now

Dragos Platform and Trellix Enterprise Security Manager

Dropbox

Dropbox is a technology company that builds simple, powerful products for people and businesses. 500 million people around the world use Dropbox to work the way they want, on any device, wherever they go. With 200,000 businesses on Dropbox Business, it’s transforming everyday workflows and entire industries. Dropbox creates products that are easy to use and are built on trust. When people put their files in Dropbox, they can trust they’re secure and their data is their own.

Exabeam

Exabeam is a user behavior analytics solution that leverages activity data to quickly detect modern cyberattacks, prioritize security incidents, and accelerate effective response. Exabeam not only improves security, but also transforms SOC efficiency and productivity. By operating on existing data and requiring no agents or network taps, Exabeam delivers value immediately.

The combination of Exabeam and Trellix Enterprise Security Manager provides market-leading capability to both collect and analyze enterprise activity data, and to respond quickly and effectively to threats. Exabeam collects events from Trellix Enterprise Security Manager, applies behavioral analytics to add context, and provides context. Exabeam can also invoke workflows to enforce response policies and procedures. Customers get the leading data collection, correlation, and workflow capabilities of Trellix Enterprise Security Manager, enhanced with the behavioral analytics context of Exabeam.

Exabeam and Trellix Enterprise Security Manager

Extreme Networks

Extreme Networks, Inc. delivers software-driven networking solutions that help IT departments everywhere deliver the ultimate business outcome: stronger connections with customers, partners, and employees. It provides solutions from wired to wireless, desktop to data center, on premise or through the cloud. Trellix and Extreme Networks are integrating ExtremeControl and Trellix ePolicy Orchestrator and Trellix Data Exchange Layer products for enhanced visibility and control of system endpoints, so users can connect securely anywhere and anytime.

Fasoo

Fasoo has built a worldwide reputation as an enterprise digital rights management (ENTERPRISE DIGITAL RIGHTS MANAGEMENT) solution provider with industry-leading solutions and services. Fasoo Enterprise Digital Rights Management allows organizations to prevent unintended information disclosure or exposure, ensuring a secure information-sharing environment, to better manage workflows and simplify secure collaborations both internally and externally. Fasoo has successfully retained its leadership in the Fasoo Enterprise Digital Rights Management market by deploying enterprise-wide solutions for more than 1,100 organizations, securing more than 2 million users. Fasoo is seeing continuous improvement in its global market position, based on its unique technology, ongoing R&D, and strategic approach to comprehensive product capabilities. Fasoo is also planning for future expansion through new business models, including database security (Solidbase), static code analysis (Sparrow), and content platform solutions.

Trellix Data Loss Prevention scans, detects data, and enforces appropriate actions using contextual awareness to reduce the risk of losing sensitive data through exfiltration. When sensitive data has been legitimately sent to authorize users outside the organization, Fasoo Enterprise Digital Rights Management protects the data from subsequent transfers to unauthorized users. Fasoo Enterprise Digital Rights Management integrated with Trellix Data Loss Prevention forms an essential solution to protect sensitive data, both within and outside of the organization. Considering most data leaks originate from insiders who have or had authorized access to sensitive documents, organizations must enhance existing security infrastructures with data-centric security solutions to persistently protect data in use. This integrated solution enables organizations to allow Trellix Data Loss Prevention to scan DRM-protected documents and apply policies; enforce policy engines to encrypt (reclassify) as DRM-protected documents; and secure data persistently to reduce the risk of losing sensitive data from both insiders and outsiders.

Fasoo Enterprise Digital Rights Management and Trellix Data Loss Prevention

Fidelis Cybersecurity

Fidelis Cybersecurity helps organizations emerge stronger and more secure. Developed and used by cyber experts from the DoD, US Intel Communities, Managed Security Providers, and Fortune 100 companies, Fidelis Cybersecurity defends private and public global enterprises from the next high-profile security breach. We have built some of the most secure environments, and Fidelis Elevate has been relied upon to find, stop, or remediate some of the world’s most high-profile security attacks in both the commercial and government sectors.

Trellix Endpoint combined with Fidelis Network Detection and Response (Fidelis Network or NDR) provide a powerful solution to help customers quickly discover, disrupt, respond, and stop network and endpoint threats. When combined with Trellix EDR, Fidelis can automate responses and escalate the priority of any network detection that evades endpoint detection and becomes active. The integration can also trigger manual and automated responses at the endpoint, providing a more global response. Fidelis Deception is an optional addition that builds an automated decoy network based on terrain to help engage, find and neutralize adversaries earlier.

FireMon

FireMon, formerly Secure Passage, provides enterprise security management software that gives companies deeper visibility and tighter control over their network security infrastructure. A leading provider of firewall policy, risk, and compliance management solutions, FireMon’s flagship product, Security Manager, simplifies and automates the analysis of configuration and change management processes to enhance security, optimize performance, and speed compliance reporting. Security Manager analyzes changes and performs audits in real time, simplifies policy management, and enforces configuration governance across firewalls, switches, routers, and other network devices. Security Manager is the only solution on the market that can be customized to meet the unique audit and compliance reporting requirements for networks of all sizes, while enabling IT organizations to do more with less effort. Enterprise-strength deployments of Security Manager around the world support more than 40,000 active security devices.

FireMon Security Manager helps keep Trellix Firewall Enterprise running smoothly with a complete configuration management solution. Wizard-based discovery monitors device configurations and verifies their current state, usage, and connections. FireMon Security Manager also monitors the complete Trellix Firewall Enterprise infrastructure, where it checks for user editing events and captures a full audit trail of operations. Enforcement points are monitored for policy installations and inefficiencies, as well as usage.

View video
Request information

Forcepoint

Forcepoint’s portfolio of products safeguards users, data, and networks against the most determined adversaries, from accidental or malicious insider threats to outside attacks, across the entire threat lifecycle. Forcepoint protects data everywhere — in the cloud, on the road, in the office — simplifying compliance and enabling better decision-making and more efficient security. Forcepoint empowers organizations to concentrate on what’s most important to them while automating routine security tasks.

The Forcepoint Stonesoft Next Generation Firewall (NGFW) meets both demands by integrating application control, sophisticated evasion prevention, and an intrusion prevention system into a single solution that is cost-effective and easy to deploy. It has a proven capability to identify advanced evasion techniques that evade other devices, and deliver exfiltration protection using both application and endpoint intelligence. Forcepoint Stonesoft NGFW is fully integrated with Trellix ePolicy Orchestrator for management, and with Trellix Data Exchange Layer, Trellix Threat Intelligence Exchange, and Trellix Advanced Threat Defense for threat analysis orchestration.

Forcepoint Stonesoft NGFW and Trellix Enterprise Security Manager, Trellix ePolicy Orchestrator, Trellix Data Exchange Layer, Trellix Threat Intelligence Exchange, Trellix Advanced Threat Defense, and Intel Security Controller

ForeScout

ForeScout offers Global 2000 enterprises and government organizations the unique ability to see devices, including non-traditional devices, the instant they connect to the network. It lets you control these devices and orchestrate information sharing and operation among disparate security tools to accelerate incident response. Unlike traditional security alternatives, ForeScout achieves this without requiring software agents or previous device knowledge. The company’s solutions integrate with leading network, security, mobility, and IT management products to overcome security silos, automate workflows, and enable significant cost savings. More than 2,000 customers in over 60 countries improve their network security and compliance posture with ForeScout solutions.

The ForeScout Extended Module for Trellix ePolicy Orchestrator (Trellix ePO) provides bi-directional integration between ForeScout CounterACT and Trellix ePO. This integration improves security and operational efficiency, simplifies risk and compliance management, and provides IT security managers with superior visibility and control of both managed and unmanaged endpoints on the network. In addition, ForeScout’s solution helps organizations save time by automating installation of security agents, including those from Trellix, and verifies that those agents are healthy and up-to-date.

ForeScout Extended Module 2.8 and Trellix ePolicy Orchestrator
ForeScout CounterACT and Trellix Enterprise Security Manager

Fortinet

Fortinet secures enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network. The Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. More than 320,000 customers worldwide trust Fortinet to protect their businesses.

Fortinet plans to integrate with Trellix Enterprise Security Manager to provide a solution that leverages Fortinet’s best-in-class network security and Trellix Enterprise Security Manager’s advanced capabilities to deliver performance, actionable intelligence, and solution integration at the speed and scale required for security organizations. The joint solution will enable customers to use Trellix Enterprise Security Manager for prioritizing, investigating, and responding to threats, and leverage the Fortinet FortiGate firewalls and Fortinet Security Fabric to enforce network compliance and gain end-to-end visibility of their endpoints and network infrastructure.

Garland

Garland Technology is the leading network tap manufacturer and provides physical connection between the network and your in-band security applications. Garland Technology's network taps guarantee 100% visibility and network access by ensuring every bit, byte, and packet is fed to your security and monitoring appliances. With a full product line of network access tools, including network taps in bypass, aggregation/regeneration, and breakout modes as well as hybrid bypass taps with packet broker and filtering capabilities to protect and manage edge-of-network inline appliances. Network capabilities support 1G/10G/40G and 100G.

The partnership with Trellix Network Security Platform provides customers with 100% data visibility and access for their next-generation intrusion prevention system. Garland Technology Bypass taps and EdgeLens family supports the intrusion prevention lifecycle from evaluation and learning your network, to optimization with live data, full validation, and anytime off-line access for trouble-shooting, updates, and maintenance—all with tapping the live network only once.

Garland Bypass Tap 1GB and 10GB and Garland Edgelens 1GB and 10GB with Trellix Network Security Platform

Getvisibility

Getvisibility enables organizations to understand and secure their sensitive information and align to multiple regulatory standards. Getvisibility’s dual approach to data classification, allows end users to classify documents as they are created, aided by AI suggestions. Once classified, the suitable level of protection is then applied. Our AI engine then verifies end user activity and provides reporting on misclassification and unusual activity. Meanwhile, using state-of-the-art machine learning algorithms, we combine natural language processing with neural networks and optical character recognition. This allows us to discover and classify unstructured data across organizations with unparalleled accuracy and speed without affecting server performance. The Getvisibility reporting suite enables data remediation through tactical reporting on issues such as duplicate data, redundant obsolete or trivial data (ROT), data retention, access permissions and much more. Through the Getvisibility Data Risk Score, organisations have access to multi-layered data risk reports, applicable stakeholders at varying levels and with tangible metrics and recommendations.

Integration between Trellix and Getvisibility allows Trellix products to read data labelled by Getvisibility and apply protection rules based on classification labels. Getvisibility’s discovery and classification solution is integrated with Trellix ePolicy Orchestrator and Trellix Data Exchange Layer, instantaneously enabling data protection activity throughout the line of Trellix products. Getvisibility provides end user activity reporting with the Trellix Security manager via the Trellix Data exchange Layer, including user misclassifications and blocked activity. This enables organisations to quickly apply remediations around retraining, negligence or possible insider threats as this suspicious behaviour can be analysed by Trellix enterprise Security Manager and reported via Trellix ePolicy Orchestrator dashboards.

GuruCul

Gurucul Risk Analytics (GRA) is a Unified Security and Risk Analytics platform. GRA leverages over 1,500 Machine Learning Models powered by data science to produce actionable risk intelligence. GRA does not rely on signatures, rules or patterns. It is intended – from the ground up – to identify zero-day threats and is designed to provide both contextual and situational awareness. The solution detects and stops malicious behavior before cyber criminals or rogue insiders can do harm. GRA can ingest data from any source out-of-the-box and allows for open choice in big data platforms.

Integrating GRA with Trellix Enterprise Security Manager (ESM) provides for a complete view of risk by correlating advanced SIEM events with identity-centric behavioral risk analytics. The seamless integration will provide an actionable risk intelligence framework to defend against malicious events such as malware, insider threats, or other unforeseen risks. Trellix ESM and GRA can create predictive models to see patterns of emerging risk such as disgruntled employees, or an ID that was stolen or hacked and used to steal IP. GRA provides visualizations and metrics directly to non-technical end-users to take immediate action on serious risky events quickly.

GuruCul GRA and Trellix Enterprise Security Manager

IBM Security

Trellix Threat Intelligence Exchange (TIE) acts as a reputation broker to enable adaptive threat detection and response. It combines local intelligence from security solutions across your organization, with external, global threat data, and instantly shares this collective intelligence across your security ecosystem, enabling solutions to exchange and act on shared intelligence.

This integration with IBM Resilient automatically searches Trellix TIE for reputation when IOCs and artifacts are tracked within the Resilient IRP, alerting the incident response team to significant IOCs. This ensures that security analysts can operationalize threat intelligence data in real time, allowing them to focus energy on investigation and response.

Illusive

With Illusive’s early, reliable detection, advanced persistent threats (APTs) become manageable events. Typically, APTs are the hardest to detect and derail because attackers silently slip past even the best-tuned security controls, establish a foothold in a network, and move undercover toward their targets. If there are warning signs, SOC teams, drowning in alerts and IT data, can easily miss them. By the time the adversary is revealed, the incident has become a full-blown business crisis. Developed by some of the world’s leading cyberwarfare experts with decades of hands-on experience, Illusive applies a deep understanding of how attackers think and operate to better stop these threats.

Illusive will be integrating with Trellix ePolicy Orchestrator (ePO), Advanced Threat Detection (ATD), and Enterprise Security Manager (ESM). Upon detection of malicious actors, the Illusive solution will capture the attacking executable and send it over for detonation in Trellix ATD. In addition, the incident information will be forwarded to Trellix ESM to provide the SOC with incident response information based on Illusive's forensics capabilities.

Imprivata

Imprivata is a leading independent vendor focused on simplifying and securing user access. By strengthening user authentication, streamlining application access, and simplifying compliance reporting across multiple computing environments, customers can align security with user workflows and realize substantial productivity gains, while lowering IT costs. Headquartered in Lexington, MA, Imprivata partners with over 200 resellers, and serves the access security needs of more than 1,000 customers around the world.

Imprivata OneSign Authentication Management, Single Sign-On, and Secure Walk-Away products have been tested for compatibility with Trellix's Endpoint Encryption for PCs (EEPC) product. Starting from the initial system boot, the joint solutions provide secure,seamless access and single sign-on to applications and other network resources, and protect unattended workstations from unauthorized access.

Imprivata OneSign 4.5 Authentication Management, Single Sign-On, and Secure Walk-Away with Trellix Endpoint Encryption and Windows XP.

IntSights

IntSights Cyber Intelligence is redefining cybersecurity with the industry’s first and only enterprise threat management platform that transforms tailored threat intelligence into automated security operations. Our groundbreaking data-mining algorithms and unique cyber reconnaissance capabilities continuously monitor an enterprise's external digital profile across the surface as well as the deep and dark web, categorize and analyze millions of threats, and automate the risk remediation lifecycle—streamlining workflows, maximizing resources, and securing business operations.

Mimecast

A leading cybersecurity provider and Trellix Partner that helps tens of thousands of organizations worldwide make email safer, restore trust and strengthen cyber resilience.

  • Enhanced email security to further protect against phishing, malware attacks and impersonation attempts
  • Web security to ensure your users remain safe online
  • Continuity with a 100% SLA on availability - keep users communicating during an email migration or downtime
  • A multipurpose archive and data protection for both remediation, corporate governance and compliance
  • Awareness training to educate your users on the best practice when tackling the modern emerging threats
  • DMARC enforcement and brand protection to protect against the fraudulent web domains you own and don't own
All delivered through one simple interface and designed to help you stand strong in the face of cyberattacks, compliance risk, human error and technical failure. Whether you choose one, some, or all of the services in the Mimecast suite, we make it easy to do business with us.

Minerva

Minerva Labs is an innovative endpoint security solution provider that protects enterprises from today’s stealthiest attacks without the need to detect threats first, all before any damage has been done. Minerva’s Anti-Evasion platform blocks unknown threats that bypass existing defenses by deceiving the malware and controlling how it perceives its environment. Without relying on signatures, models or behavioral patterns, Minerva’s solution deceives the malware and causes it to disarm itself, thwarting it before the need to engage costly security resources.

Minerva Anti-Evasion Platform integrates with Trellix ePolicy Orchestrator and the Data Exchange Layer (DXL) to prevent malware infections that use evasive techniques without duplicating security approaches. Minerva’s software can be deployed and managed within the Trellix ePO environment to strengthen endpoint security on both modern and legacy systems without management overhead or performance concerns. To facilitate “single pane of glass” oversight, the infections prevented by Minerva can be seen in the Trellix ePO dashboard. This avoids the complexity and costs of introducing a new process into the organization.

Minerva Anti-Evasion Platform and Trellix ePolicy Orchestrator and DXL

MobileIron

MobileIron provides the secure foundation for companies around the world to transform into mobile-first organizations.

MobileIron complements the Trellix product portfolio with its ability to deliver mobile-specific data to Trellix solutions. Companies need comprehensive visibility into their mobile environment, which is increasingly critical as traditional computing endpoints evolve into mobile-oriented architectures. By combining MobileIron with Trellix technologies, enterprises can effectively integrate mobile security data with a broader view of threats against the enterprise. This allows for more effective orchestration of responses along with the ability to better protect users and correct compromises when they are discovered.

Read the following solution briefs for more details:
Request information

MobileIron Core v9.2 and MobileIron Sentry v8.5 with Trellix DLP Prevent 10.0

Monet+

MONET+ is a major central European player in the payment solutions industry. MONET+ ranks among the leading suppliers of smart card-based systems on the Czech and Slovak IT markets, providing comprehensive, sophisticated solutions that meet strict compliance and security standards. MONET+ focuses on secure transaction systems and related products, such as secure communication and client authentication. MONET+ solutions are used by companies in the banking sector, large supermarket chains, private companies, and state administration offices. Thousands of users use MONET+ products and solutions daily to securely access their working and user environment.

MONET+ will integrate ProID+, its two-factor authentication product, with Trellix Endpoint Encryption. ProID+ enables secure access to systems via microchip-embedded cards. ProID+ provides strong authentication for end users and single sign-on to any application throughout the enterprise, and delivers implementation of Public Key Infrastructure (PKI) to customer's IT systems. Using the CryptoPlus architecture, which supports a wide range of applications within organizations, ProID+ customers can easily build secure information systems.

Morphisec

Morphisec is the industry leader for endpoint protection against in memory and fileless attacks with its Moving Target Defense technology, which instantly and deterministically stops the most dangerous unknown and evasive threats while allowing companies to cut operational costs. With a true prevention-first approach to stopping zero days with no false positives, Morphisec eliminates the complexity and burden for organizations struggling to respond to cyberattacks. Morphisec traps are deterministic as malicious and therefore means it has bypassed all other detection, scanning tools. Therefore 100% no-false positives provides very high-fidelity, actionable threat intelligence including attack description, full attack timeline from its earliest stages and internal memory information about the attack that is instantly visible from Trellix ESM.

Morphisec adds its advanced threat prevention capabilities and the rich forensic event data that is integrated directly into Trellix ESM platform and management console. The added preventative capability from Morphisec gives operators a significant value-add on top of Trellix's own endpoint suite for reporting through Trellix ESM. Because Morphisec can prevent a high volume of advanced, fileless attacks, it complements Trellix's detection and exploration capabilities across devices, subsequently supporting large-scale incident response. This creates additional value and residual efficacy for Trellix customers to cover a larger landscape of unknown threats.

Niksun

NIKSUN deploys world-class drill down forensics to allow users to Know the Unknown®. The threat of cyber attack is real. Traditional approaches are not enough for today’s cybersecurity risks, and new tools and solutions are often necessary to provide adequate protection. NIKSUN has developed a patented state-of-the-art technology to simultaneously capture, inspect, mine, correlate and store everything traversing the network at multi-gigabit rates.

The NIKSUN NetDetector® & NetDetectorLive® cybersecurity appliances complement the Trellix Network Security Platform (NSP). NIKSUN appliances provide increased network visibility by capturing and storing all packet data providing the ability to analyze, inspect, and correlate all data traversing the network at multi-gigabit rates. The joint Trellix NSP and NIKSUN integrated solution will provide a best-of-breed approach for cyber intrusion, prevention, and advanced network forensic capabilities. The integration will permit immediate drill down to packet level information for granular forensic analysis through the Trellix NSP console. This capability, combined with Niksun’s super fast search and actionable intelligence and the Trellix NSP platform, will rapidly identify vulnerabilities such as zero-day threats and Advanced Persistent Threats (APTs), so that appropriate mitigation steps can be quickly taken.

Request information

NIKSUN NetDetector Alpine, NetDetectorLive, and NetOmni 4.3.1, Trellix Network Security Platform and Trellix Enterprise Security Manager

Nutanix

Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix enterprise cloud platform delivers the agility, pay-as-you-grow economics and operational simplicity of the public cloud, without sacrificing the predictability, security and control of on-premises infrastructure. Nutanix solutions leverage web-scale engineering and consumer-grade design to natively converge compute, virtualization and storage into a resilient, software-defined solution that delivers any application at any scale.

NXLog

NXLog was established to develop IT security tools, with event log collection solutions being the primary focus. Using NXLog’s products, customers can build a secure, flexible, and reliable log infrastructure that satisfies the highest IT requirements of any organization and enables them to achieve regulatory compliance, easily identify security risks and policy breaches, or analyze operational problems. Its log collection technology allows harvesting event data on all major operating systems and can handle data sources that others cannot cope with, giving total insight into what's happening in IT systems. NXLog is known for its exclusive log collection capabilities and is chosen and trusted by security experts and partners who also rely on our technology.

The inclusion of NXLog Enterprise Edition version 4.1 in the Trellix Security Innovation Alliance is evidence of a mutual commitment to empower security teams by strengthening their IT defenses. Integrating with Trellix Enterprise Security Manager, a leader in the Gartner Magic Quadrant for SIEM, NXLog Enterprise Edition version 4.1 allows analysts to feed event log data of all formats. Through secure and reliable log data collection offered by NXLog, teams can be assured that their log data collection needs are covered to manage potential security incidents for further prioritization and management.

OPSWAT

OPSWAT is a software company that provides solutions to secure and manage IT infrastructure. Founded in 2002, it delivers solutions and technologies that protect organizations from threats and help secure digital data flow. OPSWAT helps protect some of the world’s critical operations: critical infrastructure, government agencies, and financial institutions.

The joint solution allows any Trellix Web Gateway user to leverage the power of OPSWAT’s Metadefender ICAP Server solution. Through the ICAP integration, all traffic will first be filtered by Metadefender, which offers high-class protection for known vulnerabilities, known and unknown threats, and for all zero-day threats embedded in productivity files, which will be sanitized through the data sanitization engine.

Panasonic Security

Panasonic Security is built on a heritage of providing evidential quality CCTV footage, delivering the highest image quality in all environmental conditions using reliable, advanced technology cameras and image recording systems developed over the last 50 years. Its continuously expanding range of security products contain a variety of intelligent features, many of which can be seamlessly integrated to create a complete, reliable, and cost effective security system.

Panasonic Security provide a variety of products to cater to a wide range of applications; from a fully integrated security system to single items such as security cameras, access control systems, fire alarms, and video intercom.

Picus Security

Picus Security offers a new paradigm with its continuous security validation approach and fills an important gap in the security assessment and risk remediation field. Picus provides the required insight on enterprises’ readiness to cyberattacks by continuously testing defence layers with real cyberattacks in production environment. This red-team automation approach helps enterprises to use their security investment to its full potential.

Picus will intensify efforts to provide continuous monitoring and validation of security controls provided by Trellix technologies. Integration with Trellix Network Security Platform will enable assessment and verification of Trellix Network Security Platform policies running in customers’ networks. Trellix Network Security Platform customers may also initiate on-demand assessments following a configuration change, update, upgrade, or physical maintenance. Integration with Trellix Enterprise Security Manager will provide risk based vulnerability prioritization.

Proofpoint

Proofpoint, Inc. helps the most successful companies in the world protect and govern their most sensitive business data. Proofpoint is an innovative security-as-a-service vendor that delivers data protection solutions to help organizations protect their data from attacks and enable them to effectively meet the complex and evolving regulatory compliance and data governance mandates.

Proofpoint email security solutions are being integrated with Trellix management and intelligence solutions: Trellix ePolicy Orchestrator, Trellix Enterprise Security Manager, Trellix Threat Intelligence Exchange, and Data Exchange Layer. These integrated solutions will enable customers to enjoy the benefits of reduced overhead through consolidated management, sharing of security intelligence information between systems, and rapid time to resolution with security event correlation.

Trellix Enterprise Security Manager, Trellix Data Exchange Layer

Pulse Policy Secure (PPS)

Pulse Secure provides easy, comprehensive software-driven Secure Access solutions for people, devices, things and services that improve visibility, protection and productivity for our customers. Our suites and SaaS platform integrate cloud, mobile, application and network access to enable hybrid IT in a Zero Trust world. Over 24,000 enterprises and service providers entrust us to empower their mobile workforce to securely connect to applications and information across the data center and multi-cloud while ensuring business compliance.

Both Pulse Policy Secure (PPS) and Trellix® ePolicy Orchestrator (ePO®) focus on centralized endpoint visibility, security management and control. Granular endpoint visibility and automatic enforcement of policies are critical for a healthy security posture across an enterprise. Together, Pulse Policy Secure and Trellix ePO help users to automate the enforcement of their policies, always uphold endpoint compliance, limiting risk of threats spreading, while limiting the administrative burden so security teams can focus on strategic tasks.

Trellix ePolicy Orchestrator

Rapid7

Rapid7 is a leading provider of security data and analytics solutions that enable organizations to implement an active, analytics-driven approach to cybersecurity. Rapid7 combines its extensive experience in security data and analytics, and deep insight into attacker behaviors and techniques to make sense of the wealth of data available to organizations about their IT environments and users. Its solutions empower organizations to prevent attacks by providing visibility into vulnerabilities and to rapidly detect compromises, respond to breaches, and correct the underlying causes of attacks.

Rapid7 is integrating Nexpose, the leading vulnerability management toolset, with Trellix ePolicy Orchestrator and Trellix Data Exchange Layer. This will enable organizations to see the risks that are present on and off their network and drive action towards remediating those risks.

Rapid7 Nexpose and Metaspoloit Pro are integrated with Trellix Enterprise Security Manager
Rapid 7 Nexpost is integrated with Trellix Data Exchange Layer

Raz-Lee

Raz-Lee Security is a leading international provider of security, auditing, and compliance (SOX, PCI, HIPAA, etc.) solutions for the IBM i. Raz-Lee’s customers include companies of all sizes, from SMBs to enterprises in all vertical markets and industries. Raz-Lee’s iSecurity suite of products includes both infrastructure security solutions that protect network access, monitor and report on system activities, manage user profiles and authorities, and track software changes, as well as application security solutions which audit database activity, provide real-time alerts when critical business data changes, enable business intelligence analysis of application data changes, and much more. iSecurity has full multi-LPAR management capabilities and works in both green-screen and full GUI modes.

iSecurity’s integration with Trellix Database Activity Monitoring (DAM) will entail collection and transfer of DB2 activity originating on the IBM i. The Trellix sensor running on an external Linux machine will receive events from iSecurity, evaluate each event, and communicate with the DAM server to apply policy rules and report on the events. As such, iSecurity will enable multiplatform users of Trellix DAM to incorporate database and security-related information originating from IBM i systems, resulting in increased security visibility and faster time to problem resolution.

Request information

Raz-Lee Firewall 16, Raz-Lee Audit 12, Trellix Database Activity Monitor, and Trellix Enterprise Security Manager.

ReversingLabs

ReversingLabs provides cybersecurity software for analyzing and classifying unknown file content on enterprise networks. Solutions are powered by next generation automated static analysis, the proprietary RHA functional similarity algorithm, and the world's largest file reputation repository. This technology provides a rich resource of critical and actionable information to SIEMs and other security solutions. Capable of analyzing over 1 million unique files per day per server ReversingLabs is more than a sandbox. It adds another layer of protection beyond traditional advanced analysis solutions. It also provides an activity log for all files moving across the network (internal and external IP addresses) regardless of the data flow direction (inbound, outbound, or lateral). Its automatic retrospection analysis supports security teams and forensics investigations providing instant notification on any file that has been seen before and whose disposition has changed.

The ReversingLabs N1000 Network File Flow Analysis sensor analyzes all web, FTP, and email payloads. Regardless of port or traffic direction, every extracted file is analyzed and logged. N1000 integration forwards ‘interesting events’ to Trellix Enterprise Security Manager via CEF logs. The appliance monitors all configurable traffic. Extracted files are classified in real-time and recursively unpacked removing obfuscation and all internal files and objects. Using advanced hashing techniques this technology neutralizes effects of polymorphism identifying similarities to known malware and goodware, classifying unknown threats.

The ReversingLabs N1000 Network File Flow Sensor Appliance and Trellix Enterprise Security Manager

SailPoint

SailPoint brings the power of identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster, and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency, and compliance to enterprises with complex IT environments. SailPoint's customers are among the world’s largest companies in virtually every industry.

SanDisk

SanDisk has been transforming digital storage with breakthrough products and ideas that push the boundaries of what’s possible. Its flash memory technologies are used by many of the world's leading data centers, embedded in the most advanced smartphones, tablets, and laptops. From handheld devices to hyper-scale data centers, SanDisk is expanding the possibilities of storage.

Safeguard data and stay compliant with Trellix data protection solutions and SanDisk Self-Encryption Solid State Drives which are designed for strong hardware-based data encryption for endpoint data loss prevention. Hardware-based data encryption found on SanDisk Solid State Drives provide the maximum data protection for corporate data or sensitive consumer data such as found in regulated industries such as healthcare and government. All SanDisk Solid State Drives have been validated with the drive encryption software component available in three Trellix data and endpoint protection suites, and is managed through Trellix ePolicy Orchestrator.

SanDisk Self-Encryption Solid State Drives with Trellix ePolicy Orchestrator

SAS

SAS security analytics software leverages advanced behavioral analytics and machine learning to help security teams enhance defenses, reduce risk, and improve productivity. SAS solutions maximize security resource effectiveness, driving better insights, and priorities through deep network visibility and accurate detection of suspicious behavior, while expanding human observation and decision-making power through analytics.

SAS security analytics offerings will integrate via the Trellix Data Exchange Layer, providing a security analytics platform proven to scale across enterprise data and extract greater value from security investments. Preparing, integrating, and analyzing solution data with network traffic, user, and business context, the platform will deliver comprehensive, continuous insight into network, entity, and peer group behaviors. Additionally, customers can build, deploy and monitor analytic models for repeatable, reliable and precise decision-making.

.

SAS Cybersecurity version 2.1 and above with Trellix DXL and ePolicy Orchestrator

Seclore

Seclore offers the market’s first fully browser-based Data-Centric Security Platform, which gives organizations the agility to use best-of-breed solutions to discover, identify, protect, and track the usage of data wherever it goes, both within and outside the organization’s boundaries. The ability to automate the Data-Centric Security process enables organizations to fully protect information with minimal friction and cost. Over 6,000 companies in 29 countries are using Seclore to achieve their data security, governance, and compliance objectives.

Seclore enhances the protection of confidential information provided by Trellix Data Loss Prevention (Trellix DLP) solutions, by extending the jurisdiction of DLP beyond the enterprise perimeter, adding granular usage permissions, and providing the full tracking and audit records needed for compliance. Also, as part of its Data-Centric Security Platform, Seclore provides the most advanced, most secure, and most connected Rights Management, protecting sensitive files in transit, at rest, and even in use.

Request information

Seclore Rights Management, Seclore Data Classification, Seclore Policy Manager, and Desktop Client are all integrated with the latest versions of Trellix DLP Endpoint Discovery, Trellix DLP Endpoint Cloud Protection, and Trellix ePolicy Orchestrator.

SecMaker

SecMaker is the leading supplier of smart card-based security solutions to companies, public agencies, and organizations in the Nordic region. Its solutions protect and safeguard information, systems, and data traffic for more than 1 million business users in Scandinavia. SecMaker has 20 years of experience in IT security for complex environments.

SecMaker offers complete security solutions for IT in cooperation with other key players in the industry. It cooperates in development projects with manufacturers of platforms, thin clients, smart cards, and card readers. It also takes an active role in achieving international standardization of smart card-based security. It’s developing tomorrow’s security solutions based on PKI and smart cards.

SecureCo

SecureCo offers a software-defined data delivery network to provide superior assurance and confidentiality for internet transmissions using stealth, deception, and obfuscation. Our solutions protect both data-in-transit and the systems and end users whose connected activity might otherwise make them vulnerable. SecureCo’s zero trust technology is designed to hold up against the toughest cyber adversaries in untrusted network environments, going beyond encryption to anonymize and cloak data transmissions. SecureCo complements existing government and enterprise security solutions, making their sensitive data-in-transit and endpoints much harder for threat actors to find, observe and disrupt.

SecureCo will be integrating its CONNECT product with the Trellix ePolicy Orchestrator (ePO) and the MVISION Cloud CASB solution. With this integration, SecureCo CONNECT will be able to provide Trellix customers with obfuscated internet data routing between their protected device endpoints and their secure cloud services. These obfuscated connections not only provide multiple layers of encryption security, but are designed to camouflage customer data transmissions to avoid detection and interception.

Securonix

Securonix provides a leading information risk intelligence platform for security and compliance professionals. The platform consumes identity, access, and activity information from any source and then uses behavior, access, and identity risk analytics to continuously identify the highest risk users, resources, and activity in the environment for proactive management. At the enterprise application level, such as SAP and Oracle, Securonix goes deeper to automatically and continuously identify and fingerprint sensitive data for data loss protection while monitoring high-risk activity and access.

Trellix DLP, ePO, and NitroSecurity customers can use Securonix to extend their visibility, monitoring, and critical data protection into key enterprise applications while enriching their security management with advanced identity, access, behavior analysis, and dynamic policies. This integrated Trellix-Securonix solution extends valuable coverage to an enterprise’s critical applications while focusing the output down to an actionable set through analytics.

Securonix Identity Intelligence 3.1, Securonix Threat & Risk Intelligence 3.1, Securonix Application Intelligence 3.1, Trellix Data Loss Prevention, and Trellix Enterprise Security Manager

ServiceNow

ServiceNow helps the modern enterprise operate faster and be more scalable. Its service model defines, structures, and automates the workflows, removing dependencies on email and spreadsheets to transform the delivery and management of services for the enterprise. ServiceNow enables service management for every department in the enterprise including IT, security, and human resources.

ServiceNow Security Operations will integrate with Trellix Enterprise Security Manager and Trellix ePolicy Orchestrator to send action or data requests and visualize security posture through customizable dashboards. This will allow IT to enable faster response to security incidents and import intelligence data to assist in making incident remediation more efficient. It then automatically creates new incidents from security alerts and streamlines response efforts with workflows and automation.

Request information

ServiceNow Security Operations integrates with Trellix Enterprise Security Manager and ePolicy Orchestrator

Siemplify

The Siemplify Security Operations Platform is available to Trellix customers directly from the MVISION ePolicy Orchestrator (ePO). Trellix customers are able to experience the benefits of SOAR, a breakout technology that enables security operations teams to work more effectively and efficiently by seamlessly automating and orchestrating the multitude of tools and processes required to triage, investigate and respond to cyber threats at scale. SOAR technology from Siemplify is a natural complement and will help Trellix organizations with SOCs to maximize the value from their Trellix investment by reacting to threats faster, seamlessly expanding their security capabilities, and delivering better results through their SOC.

Product Name and Version: Siemplify Security Operations Platform (v5.5 and later)
Trellix Solution: MVISION ePolicy Orchestrator (ePO)

Request information

Network Security & Management

Spirion

Spirion (formerly Identity Finder) is the leading provider of sensitive data risk reduction solutions. The company's flagship product, the Spirion data platform, accurately finds all sensitive data, anywhere, anytime, and in any format on endpoints, servers, fileshares, databases, and in the cloud with practically zero false positives. For more than a decade, Spirion has been helping organizations eliminate and prevent sensitive data sprawl by reducing the sensitive data footprint by 99% or more and operationalizes data protection policies and controls to meet a broad range of compliance requirements from PCI to PII to HIPAA and beyond. Spirion is used by thousands of organizations among leading firms in the healthcare, public sector, retail, education, financial services, energy, industrial, and entertainment markets.

When Spirion integrates with Trellix Total Protection for Data Loss Prevention, customers can accurately classify their sensitive data assets and leverage Trellix endpoint technology for corporate policy enforcement.

Spirion version 8.x and later, and Trellix Total Protection for Data Loss Prevention

Splunk> Phantom

The Splunk Phantom platform combines security infrastructure orchestration, playbook automation, and case management capabilities to integrate your team, processes, and tools. Splunk Phantom’s flexible app model enables you to connect and coordinate complex workflows across your team and tools. Powerful abstraction allows you to focus on what you want to accomplish, while the platform translates that into tool-specific actions.

Splunk Phantom integrates with Trellix Enterprise Security Manager and Trellix ePolicy Orchestrator (Trellix ePO) to make security operations smarter, faster, and stronger. Security events ingested from Trellix Enterprise Security Manager trigger the automated execution of playbooks on the Splunk Phantom platform. Phantom Playbooks automate workflows for threat investigation, indicator hunting, containment with Trellix ePO, remediation, and other scenarios.

Trellix Enterprise Security Manager and Trellix ePolicy Orchestrator with Phantom and Phantom Playbook

SPP

SPP is a value-added technology driven solution provider based in Vienna, Austria. SPP was founded in July 1987 to distribute standard software products to the Austrian market and serve as the local representation for key software manufacturing vendors, while delivering high customer satisfaction.

For the last 10 years SPP’s core competencies are IT-security, enterprise content management, change and transport management for SAP-customers, as well as operational intelligence (log-management and SIEM solutions). SPP works mostly with the IT-departments from major enterprise accounts. It provides services in the area of product evaluation, planning, implementation, support, and training, so our customers can focus on the operation and day-to-day business of their IT-infrastructure.

SSH

As the inventor of the SSH protocol, SSH Communications Security has a twenty-year history of leading the market in developing advanced security solutions that enable, monitor, and manage encrypted networks. Over 3,000 customers across the globe trust the company’s encryption, access control, and encrypted channel monitoring solutions to meet complex compliance requirements, improve their security posture, and save on operational costs.

CryptoAuditor is a network-based, inline virtual appliance that has the capability to control, monitor, and audit encrypted administrator sessions, as well as file transfers. Because CryptoAuditor requires no agents to be deployed or access portal to go through, it is fast to implement and has no impact on end user experience or workflows. When coupled with Trellix Web Gateway, you can apply data loss prevention and antivirus functionality to encrypted sessions running through SSH (SFTP), RDP, or HTTPS.

CryptoAuditor 1.5 and Trellix Web Gateway, Trellix Enterprise Security Manager

Swimlane

Swimlane is a security automation and orchestration company with a platform that empowers organizations to manage, respond to, and neutralize cyberthreats with the adaptability, efficiency, and speed necessary to combat today’s rapidly evolving cyberthreats. By automating time-intensive, manual processes and operational workflows and delivering powerful, consolidated analytics, real time dashboards, and reporting from across your security infrastructure, Swimlane maximizes the incident response capabilities of over-burdened and understaffed security operations.

Integration with Swimlane allows Trellix Enterprise Security Manager and Trellix ePolicy Orchestrator customers to automatically initiate and execute incident response workflows in response to any alarm. Importing security event data from Trellix Enterprise Security Manager and Trellix ePolicy Orchestrator into Swimlane delivers consolidated event details from multiple platforms for rapid investigation and alarm triage, helping to ensure a faster incident response and greater return on investment from the entire security infrastructure.

Request information

Integrated with Trellix Enterprise Security Manager and ePolicy Orchestrator

Thales

Thales Security is the industry leader in data security solutions that span physical, virtual, and cloud environments. Thales Security helps over 1,300 customers, including 17 of the Fortune 30 and many of the world’s most security conscious government organizations, to meet compliance requirements and protect what matters — sensitive data. The company’s scalable solution protects any file, any database, and any application — within enterprise data center, cloud, and big data environments — with a high performance, market-leading Thales Security Data Security Platform that incorporates application and transparent encryption, access controls and security intelligence.

Thales Security has partnered with Trellix to extend the data-security coverage of Trellix Database Activity Monitoring (DAM) and Trellix Enterprise Security Manager (ESM). Thales Security adds another layer of security to Trellix DAM by preventing unauthorized users and processes from accessing or viewing the database files through transparent encryption, key management, and access controls. Thales Security provides granular audit logs on file-level access of sensitive data that provides valuable contextual information used by Trellix ESM for compliance reporting or alerting on suspicious and unusual behavior at the file-level.

Read the following solution briefs for more details:

Thales Security Data Security Manager 5.2.1, Thales Security Transparent Encryption 5.2.1, Thales Security Application Encryption 5.2.1, and Trellix Database Activity Monitor; Thales Security Data Security Manager 5.2.1, Thales Security Transparent Encryption 5.2.1, Thales Security Application Encryption 5.2.1, and Trellix Enterprise Security Manager

ThreatConnect

ThreatConnect unites cybersecurity people, processes, and technologies behind a cohesive intelligence-driven defense. Built for security teams at all maturity levels, the ThreatConnect platform enables organizations to benefit from their collective knowledge and talents; develop security processes; and leverage their existing technologies to identify, protect, and respond to threats in a measurable way. Companies and agencies worldwide use ThreatConnect to maximize the value of their security technology investments, combat the fragmentation of their security organizations, and enhance their infrastructure with relevant threat intelligence.

ThreatConnect Platform with Trellix Enterprise Security Manager

ThreatQuotient

ThreatQuotient understands that the foundation of intelligence-driven security is people. The company’s open and extensible threat intelligence platform, ThreatQ, empowers security teams with the context, customization, and prioritization needed to make better decisions, accelerate detection, and response and advance team collaboration. Leading global companies use ThreatQ as the cornerstone of their threat operations and management system, increasing security effectiveness and efficiency.

The ThreatQ platform provides Trellix SIEM installations with visibility into security events and creates a place for security analysts to research and make informed decisions about security events on their network. The combined solution helps security and vulnerability analysts work more effectively to identify and stop unwanted traffic on their networks.

Read the solution briefs below for more details:

Request information

ThreatQ Threat Intelligence Platform with Trellix Enterprise Security Manager

TITUS

HelpSystems is a people-first software company focused on helping exceptional organizations Build a Better ITTM. Providing security and automation software to simplify critical IT processes, and give customers peace of mind. Offering best-of-breed data classification solutions (Titus and Boldon James) tailored to specifically fit customer requirements or circumstance. Data classification from HelpSystems gives you both a foundation for your wider security posture and competitive advantage.

HelpSystems data classification identifies and classifies emails and documents at the point of creation, in motion, or at rest. When integrated with Trellix ePO, policies can be applied based on the granular metadata provided by HelpSystems data classification, enhancing DLP functionality. Discover and appropriately protect sensitive data in the cloud with Trellix MVision Cloud and Titus, and reduce threats when contextual metadata supplied by HelpSystems data classification is sent to Trellix ESM for review and correlation.

Toshiba Storage Device Division (SDD)

Toshiba Storage Device Division, a division of Toshiba America Information Systems, is a market leader in the development, design, and manufacturing of small form factor 2 1/2" and 1 1/8" hard disk drives for original equipment manufacturers, value-added resellers, value-added dealers, systems integrators, distributors, and retailers in the United States. Toshiba SDD also offers a line of personal storage devices that enable consumers to quickly and easily back up personal digital content and entertainment libraries.

Toshiba and Trellix integrates Toshiba’s self-encrypting drive technologies with Trellix data security solutions. Toshiba products will comply with the Trusted Computing Group’s trusted storage device specifications.

Toshiba Self-Encryption Drive with Trellix Data Loss Protection

trapx

TrapX is a leader in the delivery of deception-based cyber security defense. Its solutions rapidly detect and defend against new zero-day and APT attacks in real time. It enables a proactive security posture, fundamentally changing the economics of cyberdefense by shifting the cost to the attacker.

DeceptionGrid automates the deployment of a network camouflaged malware traps that are intermingled with your IT resources. DeceptionGrid traps malware, signals a high confidence alert, and triggers Trellix security. DeceptionGrid’s real-time automation passes injected malware directly to Trellix Advanced Threat Defense, which then performs a complete analysis of the threat and leverages the benefits of the full Trellix product suite to defend your enterprise. Trellix Advanced Threat Defense and TrapX enable you to reduce the time to breach detection for the most sophisticated and advanced threats.

TrapX DeceptionGrid and Trellix Advanced Threat Defense, Trellix ePolicy Orchestrator, Trellix Data Exchange Layer

Tukan IT

Tukan IT is the provider of the GREENmod solution which raises employee awareness of security issues and the importance of information they process. Organizations’ security departments may lack the ability to replace business departments and indicate methods of classifying information that may be implemented in data loss prevention (DLP) systems.

Tukan GREENmod integrates with Microsoft Office applications, enforcing the classification of each created document before saving it on the computer’s disk. Similarly, Tukan GREENmod prevents sending an email that has not been classified. The solution adds metadata to files and emails and will enable a DLP system to apply a relevant security policy adequate for the protected content.

GreenMod with Trellix ePO and Trellix Agent

Tychon

Tychon was created to break the silos between cybersecurity and systems management with a single console that can address the challenges faced by both teams across an enterprise. Tychon has any and all endpoints covered.

Tychon is a suite of modules fully integrated into Trellix ePolicy Orchestrator and can provide real-time situational awareness of your organization’s network within the familiarity of your existing platform. Deploying Tychon to your enterprise requires minimal changes to existing host and network device configurations, reducing complexity while providing secure communication with FIPS 140-2 compliant encryption. The host-based endpoint journal provides always-on endpoint monitoring, recording, and indexing capability. Data and file types continuously recorded are completely configurable. Tychon generates, records, and indexes a fuzzy hash of all files providing for automatic searching and termination for variants of indicators of compromise and vulnerabilities and provides a proactive vulnerability mitigation platform that alleviates risk by informing users. It provides real-time monitoring of software migrations and upgrades leveraging a high-speed data exchange layer fabric providing instant endpoint visibility.

Tychon with Trellix ePolicy Orchestrator and Trellix Data Exchange Layer

Versa

Versa Networks, the leader in Secure SD-WAN, combines full-featured SD-WAN, complete integrated security, advanced scalable routing, genuine multi-tenancy, and sophisticated analytics to meet WAN Edge requirements for small to extremely large enterprises and Service Providers. Versa Secure SD-WAN is available on-premises, hosted through Versa-powered Service Providers, cloud-delivered, and via the simplified Versa Titan cloud service designed for Lean IT.

Versa Secure SD-WAN integrates with Trellix's suite of cloud security solutions to provide an easy way for customers to increase visibility and control over advanced threats, vulnerabilities, and risks whether on-premises, hosted, or in the cloud. Versa provides advanced routing and multi-tenant segmentation to take full advantage of Trellix's security analytics and detection capabilities, dynamically stopping malicious activity and cutting down operational and IT costs.

Versa Secure SD-WAN and Trellix Secure Web Gateway

Virtru

Virtru is a data security company that eliminates the trade-off between data protection and ease of use. More than 8,000 organizations trust the Virtru Data Protection platform to easily protect and control sensitive information regardless of where it’s been created, stored, or shared. Only Virtru comes with patented Secure User-First Technology, which allows users anywhere, on any device, to work the way they do today—without requiring a separate login, user interface, or application. The Virtru Data Protection Platform and all Virtru-enabled applications are built on Trusted Data Format (TDF), an open standard for self-protecting data. Using the TDF, Virtru can protect and encrypt any data type and apply fine-grained access control no matter how or where data is shared. Commonly deployed as part of a cloud migration, Virtru seamlessly integrates into platforms like Microsoft Office 365, G Suite, and other SaaS applications to make it easy to create and consume protected content.

Trellix Data Loss Prevention (DLP) Prevent

Votiro

What if your users could download, unzip, and open files from anywhere, securely and without friction? Votiro is a passionate team of cyber security experts on a mission to redefine file security – so organizations can do business freely and confidently.

Our Secure File Gateway product line, which includes Secure File Gateway for Email, Web Applications, and Web Browser, sanitizes all malicious code and exploit threats from incoming files while preserving the integrity and functionality of the original file. Votiro protects against 150+ weaponized file types including .ppt, docs, pdfs and image files, all the way to more complex formats like zipped and password-protected files.

Unlike detection-based file security solutions that scan for suspicious elements and block some malicious files, Votiro’s Positive Selection Technology singles out only the safe elements of each file, ensuring every file that enters your organization is 100% safe. No more blocking, quarantining, or sandboxing needed!

Votiro is proud to integrate our Secure File Gateway with the Trellix Web Gateway to make file security seamless. This integration will allow users to prevent unknown threats before they take shape and operate with full confidence, without sacrificing productivity.

Integrated with Trellix Web Gateway

Xerox

Xerox Corporation is a leading provider of business process and document management. Its technology, expertise, and services enable workplaces – from small businesses to large global enterprises – to simplify the way work gets done so they operate more effectively. The company also provides extensive leading-edge document technology, services, software and genuine Xerox supplies for graphic communication and office printing environments of any size.

Xerox has integrated its first networked multifunction printer to use Trellix Embedded Control software, a sophisticated filtering method that allows only approved programs to get through. The Xerox and Trellix security solution simplifies processes for IT administrators with software embedded into a multifunction device’s controller (the machine’s main onboard computer) to provide an immediate alert and audit trail to track and investigate the time and origin of security threats – and take appropriate action. This eliminates the need for IT administrators to constantly stay on top of malware threats and proactively block them.

Xerox MFP extension 1.0 and Trellix ePO.

Zimperium

Zimperium is the industry leader in enterprise mobile security, providing world-class protection for mobile devices against the next generation of advanced mobile cyberattacks, phishing, and malware. Zimperium is the first and only company to provide a complete mobile threat defense system that offers real-time, on-device protection against both known and previously unknown threats. The Mobile Threat Defense (MTD) platform provides visibility, security, and management of attacks on all four mobile threat vectors—device, network, applications, and phishing for iOS, Android, and Windows devices. With its unique machine learning, non-intrusive approach, mobile user privacy is protected at all times.

Zimperium's zIPS solution integrates seamlessly with Trellix ePolicy Orchestrator (Trellix ePO) to provide a complete view and management of mobile threats across the entire enterprise on iOS and Android mobile devices.

Become a Partner

Get Started

More Information

Contact Us