Trellix Enhances Zero Trust with AWS Verified Access
By Christopher Unick · November 30, 2022
Trellix leverages AWS for Extended Detection and Response (XDR)
Zero trust (ZT) is a concept adopted by many organizations built on the principle of "never trust, always verify." No implicit trust is granted to assets or user accounts based solely on their network location or asset ownership. But how can SOC teams know what the user is accessing is within policy, and how can they verify this when managing access to multiple security systems? SOC teams are dealing with the unexpected and increased security risks. SOC teams are fighting to protect their organizations on any given day, even more so as users are accessing corporate applications from home, the office, and while traveling. With the increased attack surface, the bad guys can sneak into the corporate network more easily.
How can we make things easier for security professionals? This is where AWS and Trellix make it easier for you to see and respond to risks across your organization. As customers try to keep pace with dynamic attacks and ensure greater peace of mind, they are looking for more centralized visibility and quick resolution of their security issues.
Trellix is at the forefront of the Extended Detection and Response ("XDR") revolution—pioneering a brand-new way to bring detection, response, and remediation together in a single living security solution. The Trellix XDR platform seamlessly integrates with our broad portfolio of endpoint, email, network, cloud, and other security products. Integrated with an additional 650+ security and business applications, we equip your business with intelligent threat sensing, analytics, and automated response.
Today, Trellix's support for AWS Verified Access provides visibility into a customer's per application configurations to see when policies are set and changed. This makes it incredibly easier for SOC analysts to correlate security threats seen across their ecosystem with key configuration settings and changes in a customer's AWS environment and can help provide crucial and timely information for a customer's Zero Trust architecture.
What is AWS Verified Access?
AWS Verified Access is a new capability that makes it easier for IT administrators to provide secure access to corporate applications in AWS or on their premises without using a VPN. IT administrators can use Verified Access to define a set of policies to control users' access to corporate applications, eliminating the need to manage access through multiple security systems. These policies can be based on users identity, device security status, and other real-time data such as behavioral analytics that monitors users' activities for potential security risks. This improves customers' application security by letting administrators grant access only when users meet specific security requirements and by preventing access from potentially vulnerable devices. Verified Access simplifies the way enterprises provide secure access to corporate applications for their workers.
How can Verified Access and Helix help my security operations?
Mutual customers can leverage Trellix Helix and integrate with the other nine AWS services to gain visibility in rapidly by ingesting metadata from AWS. This data is then enriched with threat intelligence and evaluated with behavior analysis and machine learning to prioritize those alerts that are most actionable. Trellix Helix provides content and rules against AWS data, helping security analysts understand the security event faster. This new integration with Verified Access would help assist a security investigation, such as correlating a compromised endpoint to a user whose credentials might have been compromised and could affect their AWS accounts.
How does Zero Trust work with XDR? XDR improves and adds to a company's Zero Trust framework. Visibility and mitigation of security threats are as important as ever, but the challenge of seeing all potential attacks is heightened due to the decentralized, dynamic nature of Zero Trust deployments. Trellix makes Zero Trust architectures better by finding the risks in your telemetry and sharing those with your tools and processes that help determine the authorization and access levels needed for your business to perform its work securely. Trellix's flexible XDR platform connects all Trellix technologies and a broad ecosystem of over 650+ security tools and applications to provide a seamless SecOps experience in one place.
Visibility into endpoint activity, email messages, network traffic, cloud security posture, data security, AWS information and many other sources is crucial in Zero Trust since assets are no longer confined to Enterprise boundaries and ownership. Trellix Security Solutions analyze and protect your critical vectors, feeding it to the Trellix Security Operations Platform, which offers advanced detection and correlation capabilities and automated responses to help protect your business.
It's time to get up and dance as Trellix and AWS make it easier for SOC teams to do their job! Whoo oooh!
Start leveraging the speed and efficiency used between AWS Verified Access and Trellix to respond to security issues today. Trellix Helix is available on the AWS Marketplace. Please reach out to AWS@Trellix.com or visit Amazon Web Services | Trellix to learn more and to start a free trial of Trellix Helix today! You can also talk to one of our solution architects at AWS Re:Invent at Booth #918 in Las Vegas, Nevada, November 28th - December 2nd.
Jan 17, 2023
Trellix Endpoint Scores 100% Detection with Zero False Positives in Latest SE Labs Endpoint Security Test
Dec 7, 2022
Trellix Predicts Heightened Hacktivism and Geopolitical Cyberattacks in 2023
Nov 30, 2022
Trellix Expedites Delivery of XDR with AWS
Nov 16, 2022
Ransomware Activity Doubles in Transportation and Shipping Industry
Sep 28, 2022
Trellix Expands XDR Platform to Transform Security Operations
By Daniel Ramos · Dec 19, 2022
Trellix is recognized by the analytical firms and peer review programs in all the main XDR front-end components including EDR, NDR, SEG, CWWP, and DLP.
Get the latest
We’re no strangers to cybersecurity. But we are a new company.
Stay up to date as we evolve.
Zero spam. Unsubscribe at any time.