Threats have evolved, but security hasn’t - until now. Learn how XDR will be a key driver for the Security Operations Center (SOC) of the future.

Key use cases, practical guidance, what to expect from XDR – and how it makes your SOC more efficient, empowers your security practitioners and analysts, and automates and drives your end-to-end detection and response workflows.

Future-proof your defenses and build resilience with unified endpoint protection.

Accelerate detection and response with the context, visibility, and capabilities to uncover, investigate, and act on threats with increased speed and accuracy. Proactively protect every endpoint, prevent ransomware and other advanced threats, and find how to easily scale and manage all your endpoints.

Get an in-depth look at the most comprehensive set of security controls and control points in the industry – all designed to provide you with earlier, better protection across all phases of the attack chain.

Network, Email, Data and Cloud Security – learn deployment and operational best practices and use-cases.

Learn the depth and breadth of our visibility, research, and thought leadership in the threat intelligence space.

Whether it’s the bad actors we track, specific takedowns of cyber criminals, discovered vulnerabilities – we will share how research and innovations make it from the lab and into our products.

The cybersecurity industry is seeking 2.72 million professionals, and that number is only continuing to grow. For decades, we have relied on the same tactics to close the talent gap.

We need to rethink who we view as talent and work together as an industry to solve this talent shortage. Collectively, we can make a difference. Hear from customers on their challenges and successes in the human element of cybersecurity.

Trellix Data Loss Prevention

Learn the tools you need to design, implement, and configure Trellix DLP to safeguard intellectual property and support compliance.

We share how to monitor and address risky, day-to-day end-user actions such as emailing, web posting, printing, clipboards, screen captures, device control, uploading to the cloud, and more.

Trellix ePolicy Orchestrator - SaaS Introduction

The Trellix ePolicy Orchestrator - SaaS course provides attendees with basic knowledge to support Trellix ePO - SaaS software. In addition, students will learn the benefits of running Trellix ePO - SaaS in their environment, basic configuration information, as well as Protection Workspace functionality.

Product Agnostic Threat Hunting

Many organizations have SIEM technology and a variety of detection points that generate millions, if not billions, of alerts per day. SOC analysts spend time attempting to identify the key alerts indicative of an incident - be it a breach, malware outbreak, or adversary.

During the session we will cover methodologies to enable analysts to effectively hunt for threats in their environment proactively.

Network Hunting

This one-day workshop introduces essential concepts for network hunting and then allows learners to apply techniques to hunt for anomalous activity.

Throughout the course, the instructor will provide hands-on activities that follow real-world use cases using typical security toolsets such as SIEM, packet capture, and EDR. We will leverage Trellix Helix and endpoint logs, such as Endpoint Security (HX) agent logs and Sysmon.

Endpoint Investigations

This one-day workshop introduces essential concepts of endpoint investigations.  Using attack methodologies from the Mitre ATT&CK® framework, you will learn what specific Windows telemetry is critical to a successful investigation.

You will also learn how to pivot out to an endpoint and collect any other necessary data to aid in your investigation

Trellix ENS Expert Rules

Available in both introduction and advanced sessions – we share how building on the ENS Platform with ENS Expert Rules allows the advanced Trellix ENS administrator to add deeper security to their deployment.

Proprietary syntaxes, and a basic view into Operating System concepts and references will be shared - to enable a more customized and secure environment

Capture the Flag – Blue Team

This unique CTF challenges you to uncover adversary TTPs using Trellix Helix and other available endpoint and network tools.

Take on the #SoulfulWork role of a cyber defender. As you come in for your shift, you are hit with an alert! It’s all hands on deck as you dig in to find out who is on your network and what they have done, while ensuring management is well-informed.