Trellix Connect
Power-up advanced use cases with factory-tested and supported content and partner integrations.
Your Trellix SIEM Productivity Kit
Take your pick of ready-to-deploy content packs and Trellix compatible partner integrations. They offer a fast track to onboarding new capabilities in your Trellix SIEM solution and unlock the value of your security analysts and security infrastructure.
Certified Integrations
Start solving critical security use cases without upfront heavy lifting. Integrations undergo extensive testing to deliver pre-validated solutions that are supported by Trellix and its partners.
Pre-built Use Cases
Get up and running fast with expert-built content for connecting, monitoring, and automating security operations.
Quick Set Up & Low Maintenance
Download content packs as you need them, using all or part as you like. Maintenance occurs effortlessly through the regular rules update process.
Easy Customization
Modify and refine these fundamentals to meet your security requirements and environment.
All Trellix Content Packs
If you have questions about content pack downloads or SIEM free trials, we're here to help.
Aruba Content Pack
Enhance your understanding of logs ingested by Trellix Enterprise Security Manager from Aruba ClearPass networking devices.
Learn MoreAsset, Threat & Risk Views Content Pack
Gain a high-level view of threats to your important assets based on vulnerability and threat intelligence data, so you can act to prevent malicious access or exfiltration.
Learn MoreAuthentication Content Pack
Identify signs of malicious activity through correlation and alerts to suspicious devices and user authentication events.
Learn MoreBASEL II Compliance Content Pack
Simplify your BASEL II compliance requirements and ensure audit success.
Learn MoreCase Management Content Pack
Simplify case management and summarize case status reports quickly so you can get back to protecting your environment faster.
Learn MoreCofense Content Pack
Leverage visual analytics and metrics to discover which phishing threats are occurring the most and the potential impact rating.
Learn MoreDNS Content Pack
Gain visibility into DNS activity in your environment to effectively detect rogue hosts and compromised or misconfigured systems.
Learn MoreDatabase Content Pack
Prevent data theft by identifying, monitoring, and reporting on database-specific attacks, audit trail modifications, misconfigurations, and more.
Learn MoreDenial-of-Service Content Pack
Reveal denial-of-service (DoS) attacks, identify a “case zero,” and quarantine the root cause, preventing further impact on your network.
Learn MoreDomain Policy Content Pack
Track domain policy changes in your environment as well as privileged security group membership changes.
Learn MoreEU 8th Directive Compliance Content Pack
Simplify your EU 8th Directive compliance requirements and automate views and reports for meeting compliance demands.
Learn MoreEmail Content Pack
Prevent data loss and data leakage by analyzing and getting alerts for data collected from email devices.
Learn MoreEvent Views Content Pack
Easily set up summary and customized views to monitor and get alerts on event flows for investigating incidents or searching for evidence of advanced attacks.
Learn MoreExecutive Content Pack
Get quick insights and summaries into threat and risk event trends.
Learn MoreExfiltration Content Pack
Protect your sensitive information from possible insider threats and detect and help prevent data exfiltration.
Learn MoreExploit Content Pack
Quickly mitigate your vulnerabilities by identifying, tracking, and quarantining possible exploits in your environment.
Learn MoreFISMA Compliance Content Pack
Simplify your FISMA compliance requirements and automate compliance reporting.
Learn MoreFirewall Content Pack
Easily discover abnormal or out-of-place traffic passing through your firewalls, and set alerts for and investigate those events.
Learn MoreFlow Views Content Pack
Quickly set up summary and customized views to monitor network flows for identifying patterns indicative of potential threats.
Learn MoreGIODO Compliance Content Pack
Simplify your GIODO compliance requirements and automate views for meeting compliance demands.
Learn MoreGLBA Compliance Content Pack
Simplify your GLBA compliance requirements and automate views for meeting compliance demands.
Learn MoreGPG 13 Compliance Content Pack
Simplify your GPG 13 compliance requirements and automate views for meeting compliance demands.
Learn MoreHIPAA Compliance Content Pack
Simplify your HIPAA compliance requirements and automate views and reports for meeting compliance demands.
Learn MoreHardware Health Content Pack
Get specific views and reports to monitor your SIEM deployment so you can locate and prioritize potentially malfunctioning or failing components, and proactively identify deployment expansion needs.
Learn MoreISO 27002 Compliance Content Pack
Simplify your ISO 27002 compliance requirements and automate views for meeting compliance demands.
Learn MoreInterset Content Pack
Rapidly surface insider threats and get contextual information needed to mitigate these threats, including compromised accounts and intellectual property at risk of exfiltration.
Learn MoreMalware Content Pack
Take swift action against malware by easily detecting and tracking malware infections, building a logical workflow for reviewing malware events, and gaining visibility into malware trends specific to your environment.
Learn MoreTrellix Application Control & Trellix Change Control Content Pack
Get single-pane-of-glass visibility into Trellix Application Control and Trellix Change Control events in your environment.
Learn MoreTrellix Application Data Monitor Content Pack
Easily correlate application contents with events and other data feeds, monitoring all the way to the application layer.
Learn MoreTrellix Database Activity Monitoring Content Pack
Get real-time visibility into Trellix Database Activity Monitoring security events, including local privileged user access and sophisticated attacks from within the database.
Learn MoreTrellix Database Event Monitor Content Pack
Find out who is accessing your data and why, detect the loss of data through authorized channels, and generate detailed compliance reports on database activity.
Learn MoreTrellix General Views Content Pack
Get up and running quickly with pre-built common dashboard views for Trellix Enterprise Security Manager system administrators.
Learn MoreTrellix Host Intrusion Prevention System Content Pack
Get single-pane-of-glass visibility into Trellix Host Intrusion Prevention for Server and Trellix Host Intrusion Prevention for Desktop events in your environment.
Learn MoreTrellix Network Security Platform Content Pack
Gain a consolidated view into risky hosts and users, including active botnets, through the integration of Trellix Enterprise Security Manager and Trellix Network Security Platform.
Learn MoreTrellix Threat Intelligence Exchange Content Pack
Integrate Trellix Threat Intelligence Exchange to discover, track, and report on events specific to your environment all from your Trellix Enterprise Security Manager console.
Learn MoreTrellix Web Gateway Content Pack
Discover, track, report on, and protect against emerging web-based malware in your environment.
Learn MorePhishMe Content Pack
Leverage visual analytics and metrics to discover which phishing threats are occurring the most and the potential impact rating.
Learn MoreReconnaissance Content Pack
Identify and monitor potential passive or active reconnaissance threat attempts, helping to prevent targeted attacks before they occur.
Learn MoreRisk Correlation Views Content Pack
Correlate critical content and context needed for fast, risk-based decisions.
Learn MoreSOX Content Pack
Simplify your SOX compliance requirements and automate compliance reporting.
Learn MoreSuspicious Activity Content Pack
Track suspicious activity in your environment and link disparate events together into meaningful intelligence to find malware infections.
Learn MoreThreatConnect Content Pack
Leverage threat intelligence and indicators of compromise to discover new threats and relationships between existing threats.
Learn MoreUser Behavior Analytics Content Pack
Understanding user behavior analytics helps you identify threats hidden among your data, increasing security operations accuracy while shortening investigation timelines.
Learn MoreVormetric Content Pack
Combat data exfiltration and insider threats with valuable contextual information used to report and alert on suspicious and unusual behavior.
Learn MoreWeb Filtering and Web Application Content Pack
Discover abnormal or out-of-place web traffic that may indicate a compromise, malware event, adware, spyware, or other unwanted connections.
Learn MoreWindows Authentication Content Pack
Help identify Windows authentication trends that can point to potential issues such as compromised credentials, malicious insiders, and other activities that merit deeper investigation.
Learn MoreWindows Content Pack
Monitor Windows services to assess appropriate use such as proper expected functionality, as well as detect threats such as suspicious activity involving high-value hosts, signs of data exfiltration, and even copyright infringement.
Learn MoreWireless Access Points Content Pack
Bring transparency to all wireless device activity, discover anomalous or suspicious activity, and promote awareness of wireless system events to ensure quality and continuity of service.
Learn More