Trellix Advanced Threat Defense

Advanced detection for stealthy, zero-day malware.

Powerful advanced threat detection

Uncover Hidden Threats

Combine in-depth static code analysis, dynamic analysis (malware sandboxing), and machine learning to increase zero-day threat and ransomware detection.

Threat Intelligence Sharing

Immediately share threat intelligence across your entire infrastructure—including multi-vendor ecosystems—to reduce time from threat encounter to containment.

Enable Investigation

Validate threats and access critical indicators of compromise (IoCs) needed for investigation and threat hunting.

Flexible Deployment

Choose virtual or physical appliances, or public cloud deployments in Microsoft Azure.

Broad Solution Integration

Trellix Advanced Threat Defense works with existing Trellix solutions, third-party email gateways, and other products supporting open standards.

Security Components Operating as One

Tight product integration enables efficient alert management and maintains throughput and policy enforcement. Support for OpenIOC and STIX over TAXII further enhances integration.

Product Features

Reduce Investigation Time

Access extensive unpacking, interactive mode, sample submission to multiple virtual environments, and IoC data that produces summary reports for prioritization.

Detect Advanced Email Threats

Trellix Advanced Threat Defense works with any email gateway, including Cisco Email Security Appliance McAfee Security for Email Servers to detect email threats.

Powerful Analysis Capabilities

Validate threats, access critical indicators of compromise (IoCs), and map results to the MITRE ATT&CK™ framework for investigation and threat hunting.

Product Support