Trellix Advanced Threat Defense
Advanced detection for stealthy, zero-day malware.
Powerful advanced threat detection
Uncover Hidden Threats
Combine in-depth static code analysis, dynamic analysis (malware sandboxing), and machine learning to increase zero-day threat and ransomware detection.
Threat Intelligence Sharing
Immediately share threat intelligence across your entire infrastructure—including multi-vendor ecosystems—to reduce time from threat encounter to containment.
Enable Investigation
Validate threats and access critical indicators of compromise (IoCs) needed for investigation and threat hunting.
Product Tour
Detailed reports provide critical information for investigation, including MITRE ATT&CK™ framework mapping.
A filtered MITRE ATT&CK™ report focuses on identified techniques.
The Time Activity report visualizes execution steps of the analyzed threat.
Flexible Deployment
Choose virtual or physical appliances, or public cloud deployments in Microsoft Azure.
Broad Solution Integration
Trellix Advanced Threat Defense works with existing Trellix solutions, third-party email gateways, and other products supporting open standards.
Security Components Operating as One
Tight product integration enables efficient alert management and maintains throughput and policy enforcement. Support for OpenIOC and STIX over TAXII further enhances integration.
Product Features
Reduce Investigation Time
Access extensive unpacking, interactive mode, sample submission to multiple virtual environments, and IoC data that produces summary reports for prioritization.
Detect Advanced Email Threats
Trellix Advanced Threat Defense works with any email gateway, including Cisco Email Security Appliance McAfee Security for Email Servers to detect email threats.
Powerful Analysis Capabilities
Validate threats, access critical indicators of compromise (IoCs), and map results to the MITRE ATT&CK™ framework for investigation and threat hunting.