The Trellix Advanced Research Center’s Threat Intelligence Group (TIG) empowers Trellix customers, industry partners, and global law enforcement efforts with 24/7 mission-critical insights on the ever-evolving threat landscape. We extensively study threat actors and behaviors and leverage data from our deployed sensors across key threat vectors.The Threat Intelligence Group’s product integrations, custom intelligence solutions, andin-depth research helps the industry, and our partners stay ahead of adversaries,while providing valuable context and information to the public at large.
After the genesis of Trellix and the forming of the Advanced Research Center, the McAfee Enterprise research elements merged with FireEye to form the Threat Intelligence Group (TIG), a more robust threat intelligence and research element combining close decade of threat intelligence and research into one team.
April 5, 2023
On the 4th and the 5th of April, a law enforcement taskforce spanning agencies across 17 countries – including the FBI, Europol and the Dutch Police – have disrupted the infamous browser cookie market known as Genesis Market and approached hundreds of its users.
April 3, 2023
This blog will dive deep into the inner workings of Royal Ransom’s Windows and Linux executables, after which an anonymized Royal Ransom incident response case is discussed.
April 3, 2023
This blog will dive into CVE-2021-21974, a vulnerability ransomware actors targeted which allows an attacker to exploit the OpenSLP protocol if the affected server is exposed to the internet.
Go beyond reactive XDR approaches by adding management of the complete attack lifecycle - before and after an attack. Be proactive and prevent advanced threats. Powered by the latest global threat intelligence from Trellix Insights.
Advanced Threat Landscape Analysis System (ATLAS) gives customers unique global insight into the malicious file, domain, and IP detections seen worldwide from Trellix’s billions of sensors around the globe.
Choose Advanced Threat mode to unearth malicious URLs with custom plug-ins, or Full Hygiene mode to reduce impersonation, BEC, and spear-phishing attacks.
Created as a product offering to support worldwide customers who run closed or “air gapped” networks.
Trellix Threat Intelligence Exchange optimizes threat prevention by narrowing the gap from malware encounter to containment from days, weeks, and months down to milliseconds.
This service allows Trellix customers the ability to have our threat intelligence experts answer their threat intelligence questions.