Trellix logo
Trellix Introduction Video
Trellix Introduction

A living security platform with a pulse that is always learning and always adapting.

Gartner Magic Quadrant for Endpoint Protection Platforms
Gartner MQ (Endpoint)

Download the Magic Quadrant report, which evaluates the 19 vendors based on ability to execute and completeness of vision.

Gartner Marketplace Guide (XDR)
Gartner® Report: Market Guide for XDR

As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."

The Threat Report - Summer 2022
Latest Report

Our Summer 2022 threat report details the evolution of Russian cybercrime, research into medical devices and access control systems, and includes analysis of email security trends.

Critical Flaws in Widely Used Building Access Control System
Critical Flaws in Widely Used Building Access Control System

At Hardwear.io 2022, Trellix researchers disclosed 8 zero-day vulnerabilities in HID Global Mercury access control panels, allowing them to remotely unlock and lock doors, modify and configure user accounts and subvert detection from management software.

Trellix CEO
Our CEO on Living Security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

Trellix Introduction Video
Trellix Introduction

A living security platform with a pulse that is always learning and always adapting.

Stories

The latest cybersecurity trends, best practices,
security vulnerabilities, and more

Trellix leverages Amazon GuardDuty Malware Protection for Extended Detection and Response (XDR)

Welcome to the new normal in cybersecurity—where every organization must go beyond mere prevention. To achieve resiliency against threats, customers must be able to monitor their environments in real time and address incidents the moment they arise. Trellix Helix analyzes telemetry from a customer’s security and business tools, leverages machine learning and advanced analytics to detect anomalies and empowers customers to respond to issues. This is eXtended Detection and Response (XDR). Trellix is at the forefront of the XDR revolution —pioneering a brand-new way to bring detection, response, and remediation together in a single living security solution. The Trellix XDR platform seamlessly integrates with our broad portfolio of endpoint, email, network, cloud, and an additional 650+ products. Today we are excited to announce our newest AWS integration with Amazon GuardDuty’s new Malware Protection, bringing Trellix to 9 critical AWS integrations that help drive key visibility across a customer’s cloud infrastructure.

Trellix Helix integrates with 10 AWS services for visibility into cloud telemetry
Figure 1: Trellix Helix integrates with 9 AWS services for visibility into cloud telemetry

What is Amazon GuardDuty?

Amazon GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation. These include use of compromised credentials, simplified forensics and continuous monitoring of all security events seen in an AWS customers environment. With the announcement of new Malware Production, GuardDuty will scan EBS-backed EC2 instances with malicious behavior based on GuardDuty’s existing findings and report malware detected on EC2 and containers running on EC2 and instantly send data to Trellix Helix.

How can GuardDuty and Helix help my security operations?

Mutual customers can leverage any of the 9 integrations between Trellix Helix and AWS to gain visibility in mere minutes by ingesting metadata from AWS. This data is then enriched with threat intelligence and evaluated with behavior analysis and machine learning to prioritize those alerts that are most actionable.

Trellix Helix Dashboard to highlight the top risk in a customer’s ecosystem
Figure 2: Trellix Helix Dashboard to highlight the top risk in a customer’s ecosystem

 

Trellix Helix provides investigate content and rules against AWS data, helping security analysts understand the security event faster. This new integration with Amazon GuardDuty events would help assist a security investigation, like a known malicious source IP address or known ransomware, as key context from AWS would be automatically added to a threat that Trellix Helix identifies.

Trellix Helix highlights a known command & control threat
Figure 3: Trellix Helix highlights a known command & control threat

 

The holistic view of the incident then drives the response to any known issues, such as quarantining an endpoint with Trellix Endpoint Security, automatically blocking traffic with Trellix Network Security or one of 100’s of automated playbooks that are available for security teams to use today.

Trellix Helix provides guidance and next steps to guide customers through incident closuer
Figure 4: Trellix Helix provides guidance and next steps to guide customers through incident closuer

 

This fulfills the promise of XDR, by allowing customers to identify and respond to threats faster, saving them hours of time researching and correlating data.

Start leveraging the speed and efficiency used between Amazon GuardDuty and Trellix Helix to respond to security issues today. Please reach out to AWS@Trellix.com to learn more or join our latest XDR workshop to get hands-on with Trellix today!

Featured Content

Get the latest

We’re no strangers to cybersecurity. But we are a new company.
Stay up to date as we evolve.

Please enter a valid email address.
Zero spam. Unsubscribe at any time.