Trellix logo
Trellix Introduction Video
Trellix Introduction

A living security platform with a pulse that is always learning and always adapting.

Gartner Magic Quadrant for Endpoint Protection Platforms
Gartner MQ (Endpoint)

Download the Magic Quadrant report, which evaluates the 19 vendors based on ability to execute and completeness of vision.

Gartner Marketplace Guide (XDR)
Gartner® Report: Market Guide for XDR

As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."

The Threat Report - Summer 2022
Latest Report

Our Summer 2022 threat report details the evolution of Russian cybercrime, research into medical devices and access control systems, and includes analysis of email security trends.

Critical Flaws in Widely Used Building Access Control System
Critical Flaws in Widely Used Building Access Control System

At Hardwear.io 2022, Trellix researchers disclosed 8 zero-day vulnerabilities in HID Global Mercury access control panels, allowing them to remotely unlock and lock doors, modify and configure user accounts and subvert detection from management software.

Trellix CEO
Our CEO on Living Security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

Trellix Introduction Video
Trellix Introduction

A living security platform with a pulse that is always learning and always adapting.

Trellix Connect

Power-up advanced use cases with factory-tested and supported content and partner integrations for your Trellix SIEM solution.

Your Trellix SIEM Productivity Kit

Take your pick of ready-to-deploy content packs and Trellix Compatible partner integrations. They offer a fast track to onboarding new capabilities in your Trellix SIEM solution and unlock the value of your security analysts and security infrastructure.

Certified Integrations

Start solving critical security use cases without upfront heavy lifting. Integrations undergo extensive testing to deliver pre-validated solutions that are supported by Trellix and its partners.

Pre-built Use Cases

Get up and running fast with expert-built content for connecting, monitoring, and automating security operations.

Quick Set Up & Low Maintenance

Download content packs as you need them, using all or part as you like. Maintenance occurs effortlessly through the regular rules update process.

Easy Customization

Modify and refine these fundamentals to meet your security requirements and environment.

All Trellix Content Packs

Aruba Content Pack

Enhance your understanding of logs ingested by Trellix Enterprise Security Manager from Aruba ClearPass networking devices.

Learn More

Asset, Threat & Risk Views Content Pack

Gain a high-level view of threats to your important assets based on vulnerability and threat intelligence data, so you can act to prevent malicious access or exfiltration.

Learn More

Authentication Content Pack

Identify signs of malicious activity through correlation and alerts to suspicious devices and user authentication events.

Learn More

BASEL II Compliance Content Pack

Simplify your BASEL II compliance requirements and ensure audit success.

Learn More

Case Management Content Pack

Simplify case management and summarize case status reports quickly so you can get back to protecting your environment faster.

Learn More

Cofense Content Pack

Leverage visual analytics and metrics to discover which phishing threats are occurring the most and the potential impact rating.

Learn More

DNS Content Pack

Gain visibility into DNS activity in your environment to effectively detect rogue hosts and compromised or misconfigured systems.

Learn More

Database Content Pack

Prevent data theft by identifying, monitoring, and reporting on database-specific attacks, audit trail modifications, misconfigurations, and more.

Learn More

Denial-of-Service Content Pack

Reveal denial-of-service (DoS) attacks, identify a “case zero,” and quarantine the root cause, preventing further impact on your network.

Learn More

Domain Policy Content Pack

Track domain policy changes in your environment as well as privileged security group membership changes.

Learn More

EU 8th Directive Compliance Content Pack

Simplify your EU 8th Directive compliance requirements and automate views and reports for meeting compliance demands.

Learn More

Email Content Pack

Prevent data loss and data leakage by analyzing and getting alerts for data collected from email devices.

Learn More

Event Views Content Pack

Easily set up summary and customized views to monitor and get alerts on event flows for investigating incidents or searching for evidence of advanced attacks.

Learn More

Executive Content Pack

Get quick insights and summaries into threat and risk event trends.

Learn More

Exfiltration Content Pack

Protect your sensitive information from possible insider threats and detect and help prevent data exfiltration.

Learn More

Exploit Content Pack

Quickly mitigate your vulnerabilities by identifying, tracking, and quarantining possible exploits in your environment.

Learn More

FISMA Compliance Content Pack

Simplify your FISMA compliance requirements and automate compliance reporting.

Learn More

Firewall Content Pack

Easily discover abnormal or out-of-place traffic passing through your firewalls, and set alerts for and investigate those events.

Learn More

Flow Views Content Pack

Quickly set up summary and customized views to monitor network flows for identifying patterns indicative of potential threats.

Learn More

GIODO Compliance Content Pack

Simplify your GIODO compliance requirements and automate views for meeting compliance demands.

Learn More

GLBA Compliance Content Pack

Simplify your GLBA compliance requirements and automate views for meeting compliance demands.

Learn More

GPG 13 Compliance Content Pack

Simplify your GPG 13 compliance requirements and automate views for meeting compliance demands.

Learn More

HIPAA Compliance Content Pack

Simplify your HIPAA compliance requirements and automate views and reports for meeting compliance demands.

Learn More

Hardware Health Content Pack

Get specific views and reports to monitor your SIEM deployment so you can locate and prioritize potentially malfunctioning or failing components, and proactively identify deployment expansion needs.

Learn More

ISO 27002 Compliance Content Pack

Simplify your ISO 27002 compliance requirements and automate views for meeting compliance demands.

Learn More

Interset Content Pack

Rapidly surface insider threats and get contextual information needed to mitigate these threats, including compromised accounts and intellectual property at risk of exfiltration.

Learn More

Malware Content Pack

Take swift action against malware by easily detecting and tracking malware infections, building a logical workflow for reviewing malware events, and gaining visibility into malware trends specific to your environment.

Learn More

Trellix Application Control & Trellix Change Control Content Pack

Get single-pane-of-glass visibility into Trellix Application Control and Trellix Change Control events in your environment.

Learn More

Trellix Application Data Monitor Content Pack

Easily correlate application contents with events and other data feeds, monitoring all the way to the application layer.

Learn More

Trellix Database Activity Monitoring Content Pack

Get real-time visibility into Trellix Database Activity Monitoring security events, including local privileged user access and sophisticated attacks from within the database.

Learn More

Trellix Database Event Monitor Content Pack

Find out who is accessing your data and why, detect the loss of data through authorized channels, and generate detailed compliance reports on database activity.

Learn More

Trellix General Views Content Pack

Get up and running quickly with pre-built common dashboard views for Trellix Enterprise Security Manager system administrators.

Learn More

Trellix Host Intrusion Prevention System Content Pack

Get single-pane-of-glass visibility into Trellix Host Intrusion Prevention for Server and Trellix Host Intrusion Prevention for Desktop events in your environment.

Learn More

Trellix Network Security Platform Content Pack

Gain a consolidated view into risky hosts and users, including active botnets, through the integration of Trellix Enterprise Security Manager and Trellix Network Security Platform.

Learn More

Trellix Threat Intelligence Exchange Content Pack

Integrate Trellix Threat Intelligence Exchange to discover, track, and report on events specific to your environment all from your Trellix Enterprise Security Manager console.

Learn More

Trellix Web Gateway Content Pack

Discover, track, report on, and protect against emerging web-based malware in your environment.

Learn More

NERC Content Pack

Simplify your NERC compliance requirements and ensure audit success.

Learn More

PCI Compliance Pack

Simplify your PCI compliance requirements and ensure audit success.

Learn More

PhishMe Content Pack

Leverage visual analytics and metrics to discover which phishing threats are occurring the most and the potential impact rating.

Learn More

Reconnaissance Content Pack

Identify and monitor potential passive or active reconnaissance threat attempts, helping to prevent targeted attacks before they occur.

Learn More

Risk Correlation Views Content Pack

Correlate critical content and context needed for fast, risk-based decisions.

Learn More

SOX Content Pack

Simplify your SOX compliance requirements and automate compliance reporting.

Learn More

Suspicious Activity Content Pack

Track suspicious activity in your environment and link disparate events together into meaningful intelligence to find malware infections.

Learn More

ThreatConnect Content Pack

Leverage threat intelligence and indicators of compromise to discover new threats and relationships between existing threats.

Learn More

User Behavior Analytics Content Pack

Understanding user behavior analytics helps you identify threats hidden among your data, increasing security operations accuracy while shortening investigation timelines.

Learn More

Vormetric Content Pack

Combat data exfiltration and insider threats with valuable contextual information used to report and alert on suspicious and unusual behavior.

Learn More

Web Filtering and Web Application Content Pack

Discover abnormal or out-of-place web traffic that may indicate a compromise, malware event, adware, spyware, or other unwanted connections.

Learn More

Windows Authentication Content Pack

Help identify Windows authentication trends that can point to potential issues such as compromised credentials, malicious insiders, and other activities that merit deeper investigation.

Learn More

Windows Content Pack

Monitor Windows services to assess appropriate use such as proper expected functionality, as well as detect threats such as suspicious activity involving high-value hosts, signs of data exfiltration, and even copyright infringement.

Learn More

Wireless Access Points Content Pack

Bring transparency to all wireless device activity, discover anomalous or suspicious activity, and promote awareness of wireless system events to ensure quality and continuity of service.

Learn More

Have Additional Questions?

We’re here to help. Contact us to learn more about content pack downloads, SIEM free trials, and more.

Contact Us