Creating a safer environment means focusing on more than cybersecurity. It requires considering how our actions affect the organizations we support, the communities we live in, and the planet we all call home. At Trellix, we strive to help cultivate a resilient, trustworthy world for all by prioritizing mindful and ethical business principles.
We are passionately driven by our mission to create a resilient digital world, enabling trust and success for all. This cannot be accomplished through technological innovation alone. At Trellix, we empower our world to thrive through our people, purpose, ethical and sustainable practices that, together, work as a positive force on society.
Corporate citizenship and sustainable business practices strengthen our mission to protect our customers from cyber threats. At the end of the day, cybersecurity is about protecting people and their most important data. We have a responsibility and a commitment to create a brighter tomorrow, together, and we’re doing this through Purpose, People, Ethical Processes and Sustainability.
Our mission is power a resilient, thriving world. A world where organizations and governments can focus on strategic work an innovation, while their cybersecurity technology learns and adapts in real time to mitigate threats. To deliver on this purpose, our efforts are focused on solving the cybersecurity talent crisis, building a diverse talent pipeline, and creating one of the industry’s strongest threat intelligence research groups to better inform and protect our digital lives.
At Trellix, we are driven to help those who dedicate themselves to cybersecurity – whether they work at Trellix or elsewhere. Our collective work is deeply honorable. One of our biggest priorities at Trellix is to bring purpose and soulfulness into our work.
Soulful Work is a global, industrywide campaign developed to address the growing cybersecurity talent gap while providing recommendations to build a larger, stronger cybersecurity workforce. This isn’t just about Trellix; it’s about cybersecurity at the highest level.
At Trellix, we are taking concrete steps to increase diversity and foster a culture of soulful work. Here are some highlights.
As technology becomes completely entwined with our most basic human activities, the impact of cyberattacks increases. Without a coordinated global response, there are few risks or repercussions for attackers. Annual losses due to ransomware and other attacks are in the billions, and recent cyber-attacks on hospitals, democratic elections, schools, and government institutions demonstrate the destructive potential of unchecked cybercrime and state-backed espionage.
When we empower organizations to protect themselves — with threat intelligence, expertise, and technology — we become a partner in progress toward greater global equity and a more sustainable future. This is our mission and the cause that inspires us daily.
Our research organization has one of the industry's most comprehensive charters and is purpose-built to deliver insights to our customers and the industry at large. We do this through:
Trellix research organization is made up of elite intelligence analysts who bring to work a passion for protecting people. Their passion for this work is the heart and soul of Trellix, and supports our broader purpose. Insights and work from this team shape the industry, response best practices and R&D through:
As organizations prepare for cyberactivity, understanding what data an attacker is after is key to creating strong risk prevention strategies. Our team leverages known, new and novel techniques to study the world’s most nefarious cyber actors, and to understand how and why they engage in cyberattacks. The team is closely following the blurring lines between nation-state actors, who execute cyberattacks to gain intelligence through espionage, and cybercriminal groups, who engage in activity for monetary gain. Through understanding what data an actor is after, how they operate and what they are accountable to (their government, their bank account, or somewhere in between), our researchers advance the industry at large.
Trellix tracks and monitors adversarial actors, cybercriminal groups and vigilante groups globally. Trellix has historically had a significant customer base in Ukraine and when the cyberattacks targeting the country intensified, we coordinated closely with government and industry partners to provide greater visibility into the evolving threat landscape. Our team is eager to support the region against malicious cyber activity and have been able to go beyond sharing knowledge to also provide a wide range of security appliances at no cost in the affected region (our special thanks go out to our partners at Mandiant in getting some of the appliances deployed at those organizations who needed protection the most). To support our customers and the people of Ukraine, Trellix coordinated with multiple government institutions to provide them with the necessary telemetry insights, intelligence briefings and analysis of the malware tools used by Russian actors. A large portion of Trellix's efforts were performed in discretion as protection of our customers is our highest priority.
Our team helped found NoMoreRansom.Org, a partnership of law enforcement and cybersecurity organizations joining forces to stop ransomware. To date, the project has helped more than 6 million victims free their systems of ransomware, saving them nearly a billion dollars overall. Trellix contributes to the MITRE ATT&CK Framework to drive industry uniformity in classifying and describing attacker tactics, techniques and procedures. In the U.S., we support the Department of Homeland Security (DHS) and Cybersecurity and Infrastructure Agency (CISA) and are founding members of the Joint Cyber Defense Collaborative (JCDC).
Without our employees, our mission, vision and values are just words. Our people are Trellix. At Trellix, our employees are empowered to bring their best selves to work, to collaborate, invent, to challenge the status quo and engage in thoughtful discourse about the industry, and – most importantly – to cultivate rich lives outside of work. Every day, our global team delivers new insights and new innovations to better protect people, organizations, and their data. In building a new kind of cybersecurity company looking to redefine the industry’s future, we are focused on nurturing a purpose-driven workforce and curating an authentic, diverse and spirited culture. We do this through evaluation of our own diversity, pay parity, and strategies to increase equity and employee engagement across our business.
At Trellix, we celebrate and advance diversity efforts in all its forms. When we bring people together who are different from one another in gender, race, religion, sexual orientation and background, we also bring together information, experiences, viewpoints and opinions that are unlike our own. This means we are challenged in our own thinking and ideas to produce smart, creative and innovative solutions for the business.
This means working hard to anchor diversity and inclusion into our culture – not only because it will result in the best possible workforce but also because we believe in the principles for their own sake. It is not difficult to imagine that a diverse incident response team could benefit from looking at cyber incidents and responses from a multitude of perspectives. Diversity and inclusion challenge our standard ways of thinking and make us smarter, more creative and more capable of producing innovative solutions.
However, our commitment to diversity and inclusion is about more than business benefits. It is also about the right for every person to feel comfortable bringing their authentic self to work, to be able to contribute openly with their own unique perspectives and ideas. At Trellix we promote acceptance in the workplace, and diversity and inclusion help form the foundation of our open culture.
We have tenants of diversity and inclusion as a part of our global diversity strategy:
Trellix VOICE is the company’s voluntary, employee-led resource groups (ERGs). Trellix VOICE plays an important role in defining our culture by bringing our people together to create a sense of belonging for all. Trellix VOICE groups include:
Trellix is committed to providing a workplace that is free of harassment based on race, color, religion, gender, national origin, ancestry, age, disability, medical condition, genetic information, veteran status, marital status, pregnancy, gender identity or expression, sexual orientation, or any other characteristic protected by federal, state, or local law, regulation or ordinance.
We are committed to conducting business with the highest degree of honesty and integrity wherever we operate. Just as we dedicate ourselves to keeping the world safe from cyber threats, we also pledge to do so in an ethical manner. While we strive to cultivate a working environment that promotes individual and company success, we apply the highest ethical standards to all our interactions with colleagues, customers, and business partners across the globe. Our Code of Conduct upholds our values and reinforces our commitment to ethical behavior in our workforce and with our customers and business partners.
We support and uphold a set of core values and principles based on integrity. Our integrity is demonstrated in the way we work, every minute of every day, both internally at Trellix and externally with those with whom we interact. We accept our role as a responsible corporate citizen, including upholding equal employment opportunities and supporting diversity and inclusion.
We demonstrate the highest ethical standards in every business interaction, treating our employees, customers, independent contractors, consultants, suppliers, partners, distributors, and others with fairness, honesty, and respect. We avoid situations where conflicts of interest can interfere, or appear to interfere, with our ability to make sound business decisions that support Trellix goals, principles, and policies.
We adhere to compliance requirements as our standard operating procedure. We uphold the applicable laws and regulations of the countries where we do business, including following guidelines to ensure the safety and lawful collection and use of the personal data that our employees, customers, independent contractors, consultants, suppliers, partners, distributors, and others entrust to us.
We believe information privacy and data protection is a critical element of corporate responsibility for every organization. Customer trust — in our products, our services and our business practices — is a foundational to our mission. We recognize that we cannot protect our customers and achieve our mission without a deep commitment to information security and data privacy ourselves. As cybersecurity requirements evolve in response to work from home mandates, changes in the threat environment, digital transformation and other factors, we strive to follow the same cybersecurity best practices we recommend to our customers in our consulting engagements.
We recently launched of the new data center in Mumbai, India, to help customers in India meet their data residency and compliance requirements. The new data center will provide direct, high-performance access to Trellix's EDR, EPP, and local management allowing direct and faster access to the Trellix platform while supporting the government’s Digital India initiative. The initiative aims to improve online infrastructure and increase internet access among citizens, enabling the country to become more digitally advanced.
Product Data Management is the business function used within a product lifecycle management (PLM) that is responsible for the management of product data and process documentation. Trellix products and process supporting documentation are maintained and controlled for collaboration with Trellix business units and/or external Supply Chain Partners using the Agile PDM System.
Trellix expects that every link in our supply chain, both in-bound and out-bound, will adopt and follow industry best practices for supply chain risk management. Links in our supply chain that fail to achieve acceptable SCRM levels will be removed from Trellix’s vendor list. We expect every link in our internal and outsourced supply chain to maintain records of incoming and outgoing materials in a manner that enables that link to produce credible evidence of where a batch or unit came from, was consumed, and where a batch or unit was shipped. We expect that every link in our supply chain to establish a supply chain data access policy that clearly states requirements and conditions for disclosure of batch and unit shipment data.
Trellix is committed to sustainable business practices for our people and for the environment. This responsibility extends from our internal operations to our diverse eco-system of partners and to our customers. We believe every individual can make a difference and that even small changes can have a big impact. In consideration of our responsibility in the global fight against climate change and otherwise negative environmental impact, Trellix is committed to the following action guidelines:
We are committed to reducing the environmental impact of our solutions through innovation. Our efforts are focused on increasing efficiency and scalability with cloud-based solutions.
Most of our products are delivered electronically, eliminating the need for packaging materials. Our packaging and shipping materials are reused until they eventually get recycled. We have a company-wide recycling program. We recycle consumables, reduce waste, and practice energy reduction wherever possible.
Trellix data centers are co-located with others. The data center team constantly reviews practices from our suppliers and vendors and make decisions to grow or shrink based on several factors, including energy efficiency.
We host most of our cloud-native solutions on Amazon Web Services (AWS). This allows us to scale the capacity of our threat detection and analysis solutions to meet our commitments to customers without an increase in property, plant and equipment. The global availability of Amazon Web Services (AWS) and their commitment to environmentally friendly business practices and renewable energy is consistent with our own efforts to reduce our energy consumption and carbon footprint.
Our commitment to sustainability through innovation extends to our workplaces. We have several initiatives underway, including:
We are currently evaluating LEED and Energy Star certifications for our Milpitas, CA facility. The buildings that house our offices in Alexandria, VA, Reston, VA, and San Francisco, CA have been LEED certified. Additionally, the facilities in Alexandria and San Francisco have been awarded Energy Star certification.
While many of our locations are partial leases of larger complexes, giving us limited control over energy consumption and sources, we are currently evaluating our energy use and sources worldwide. This initiative will allow us to identify new opportunities to conserve energy, access sustainable energy sources and reduce our carbon emissions.
As we prepare to return to our workplaces, we took employees’ responses to our COVID-19 surveys into account. As a result, we are planning for a more flexible/hybrid model of workplace design with more shared workspaces and fewer assigned offices. We expect this initiative to reduce the total square footage of our facilities and lessen commute times for our employees. As we design these new, modern workplaces, we are taking into account the latest innovations and environmental design standards. We believe these efforts will, in turn, increase productivity and contribute to a better work-life balance for our people, help diminish congestion on our roadways, and reduce total carbon emissions.
We believe that small steps, when implemented by a large number of people, can have a big impact on our environmental footprint. We have taken measures to conserve water through flow regulators and automatic faucets in our breakrooms and lavatories and reduce electricity use with motion sensors. We also encourage our employees around the world to participate in our environmental sustainability efforts, including programs to reduce the use of disposable plastic water bottles and promote recycling and composting to divert waste from landfills.
We actively support the United Nations Sustainable Development Goals (SDGs), which offers a blueprint for a future of sustainable, inclusive human development. While our mission to keep the world safe enables us to advance many of the SDGs, we narrowed our social responsibility efforts to focus on four goals that align to our competencies and expertise. These include quality education (SDG4), gender equality (SDG5), reduced inequalities (SDG10), and climate action (SDG13).