Trellix logo
Trellix Xpand Live
Register Now

September 27-29, 2022 ARIA Hotel & Casino Save the date and start planning to align with our leadership teams to learn our vision for a new kind of cybersecurity and learn more about our innovations in cyber intelligence and XDR architecture.

Trellix CEO
Our CEO on Living Security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

Gartner Marketplace Guide (XDR)
Gartner® Report: Market Guide for XDR

As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."

Trellix Launches Advanced Threat Research Center
Trellix Launches Advanced Research Center

Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.

The Threat Report - Summer 2022
Latest Report

Our Summer 2022 threat report details the evolution of Russian cybercrime, research into medical devices and access control systems, and includes analysis of email security trends.

Trellix CEO
Our CEO on Living Security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

Trellix Xpand Live
Register Now

September 27-29, 2022 ARIA Hotel & Casino Save the date and start planning to align with our leadership teams to learn our vision for a new kind of cybersecurity and learn more about our innovations in cyber intelligence and XDR architecture.

Stories

The latest cybersecurity trends, best practices,
security vulnerabilities, and more

XPand Live 2022 Logo

ARIA Resort & Casino | Las Vegas
September 27-29, 2022

RECENT STORIES

What to expect at Trellix Xpand Live 2022

Join #TeamTrellix for the first-ever Trellix Xpand Live September 27-29, at the Aria Hotel in Las Vegas, where the world’s largest network of cybersecurity experts will unite in our shared mission: To power a resilient, thriving world!

Read More

Ancient CVEs Can Cause You Problems

Today CVE is used in all aspects of vulnerability identification and reporting. There is an urban myth that if there is a CVE issued, there is a fix associated. Yes, I have heard that many times over the years. That, however, is NOT the case.

Read More

Trellix Welcomes Karan Sondhi as Public Sector CTO, And More

This week, Trellix announced that Karan Sondhi will be joining us as Chief Technology Officer for Public Sector. In this role, he will define and lead the implementation of the company’s public sector technology strategy.

Read More

Tarfile: Exploiting the World With a 15-Year-Old Vulnerability

Trellix Advanced Research Center stumbled across a vulnerability in Python’s tarfile module. As we dug into the issue, we realized this was in fact CVE-2007-4559. The vulnerability is a path traversal attack in the extract and extractall functions in the tarfile module that allow an attacker to overwrite arbitrary files by adding the “..” sequence to filenames in a TAR archive.

Read More

Limiting the Software Supply Chain Attack Surface

While investigating an unrelated vulnerability our team stumbled across this issue present in an enterprise device. Initially we thought we had found a new zero-day vulnerability. As we dug into the issue, we realized this was CVE-2007-4559. While the vulnerability was originally only marked as a 6.8, we were able to confirm that in most cases an attacker can gain code execution from the file write.

Read More

Get the latest

We’re no strangers to cybersecurity. But we are a new company.
Stay up to date as we evolve.

Please enter a valid email address.
Zero spam. Unsubscribe at any time.