Trellix logo
Trellix Logo
Why Trellix?
Products
Threats
Resources
Support
Partners
About Us
Why Trellix? Leadership Careers Contact Us
Competition
vs Crowdstrike vs SentinelOne
Trellix Xpand Live
Register Now

September 27-29, 2022 ARIA Hotel & Casino Save the date and start planning to align with our leadership teams to learn our vision for a new kind of cybersecurity and learn more about our innovations in cyber intelligence and XDR architecture.

Products
Trellix XDR Endpoint Security SecOps and Analytics Data Protection Network Security Email Security Cloud Security
Gartner Magic Quadrant for Endpoint Protection Platforms
Gartner MQ (Endpoint)

Download the Magic Quadrant report, which evaluates the 19 vendors based on ability to execute and completeness of vision.

Gartner Marketplace Guide (XDR)
Gartner® Report: Market Guide for XDR

As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."

Threat Research
Threat Center Threat Reports Advanced Threat Research
The Threat Report - Summer 2022
Latest Report

Our Summer 2022 threat report details the evolution of Russian cybercrime, research into medical devices and access control systems, and includes analysis of email security trends.

Critical Flaws in Widely Used Building Access Control System
Critical Flaws in Widely Used Building Access Control System

At Hardwear.io 2022, Trellix researchers disclosed 8 zero-day vulnerabilities in HID Global Mercury access control panels, allowing them to remotely unlock and lock doors, modify and configure user accounts and subvert detection from management software.

Resources
Training and Education Consulting Services Webinars Events Resource Library
Newsroom
News Stories

Integrations
Marketplace Developer Portal
MVISION LoginTrial
Security Awareness
What is XDR? What is Endpoint Security? What is EDR? What is MITRE? What is Ransomware?
Product Help
Product Support Product Documentation

Contact Us
Detection Dispute Form Submit a Sample
McAfee Enterprise
Support Portal Customer Success Plans

FireEye
Support Portal
Trellix CEO
Our CEO on Living Security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

Partners
Security Innovation Alliance OEM & Embedded Alliances
McAfee Enterprise
Partner Portal

FireEye
Partner Portal Partner Information
Trellix Xpand Live
Register Now

September 27-29, 2022 ARIA Hotel & Casino Save the date and start planning to align with our leadership teams to learn our vision for a new kind of cybersecurity and learn more about our innovations in cyber intelligence and XDR architecture.

Trellix Advanced Threat Research

What We Do

At Trellix Advanced Threat Research (ATR), our goal is to identify and illuminate a broad spectrum of threats in today's complex landscape. ATR researchers are responsible for research in nearly every vertical of threat, including those targeting financial, retail, medical, industrial controls and many other industries. We have experts in vulnerability and threat research who find and report critical vulnerabilities in popular hardware and software and who use a global network of endpoints to track malware campaigns as well as the nation-states and malicious actors behind them.

Our red team incorporates and builds upon the techniques, tactics, and procedures (TTPs) uncovered by our researchers while performing engagements where the robustness of both our products and infrastructure are continuously being tested. And our Operational Intelligence team operates globally around the clock, keeping watch of the latest cyber campaigns and actively tracking the most impactful cyber threats. These findings are fed back into the solutions that ultimately power Trellix’s products.

View the Tools & Techniques Library

The Threat Report - Summer 2022

Latest Report

Our Summer 2022 threat report details the evolution of Russian cybercrime, research into medical devices and access control systems.

Read Report

The Bug Reports

A light-reading publication featuring the most impactful vulnerabilities every month

 

July 2022

Welcome to the Bug Report, Heat Wave Edition! This month we have something special for you with CVE-2022-2107. But don’t worry, if that’s too hot for you to handle we also have two more vulnerabilities that cause headaches

Read More

 

June 2022

This month’s bug report dives into two critical bugs targeting important business applications; CVE-2022-26134, CVE-2022-30190, CVE-2022-22980.

Read More

 

May 2022

This month’s Bug Report highlights the importance of properly implemented and tested authentication by reviewing: CVE-2022-1388, CVE-2022-26925, and CVE-2022-22972.

Read More

 

April 2022

This month’s bug report includes CVE-2022-21449, a critical flaw in Java’s ECDSA implementation; CVE-2022-21449, a fully-remote, pre-authentication vuln in MSRPC; and so much more.

Read More

 

March 2022

Welcome back to the March 2022 Bug Report, for those that are unfamiliar, every month we compile a shortlist of the top vulnerabilities of the month.

Read More

 

February 2022

Welcome back to the February 2022 Bug Report, for those that are unfamiliar, every month we compile a shortlist of the top vulnerabilities of the month.

Read More

 

January 2022

New year, new bugs! And we don’t mean the creepy crawly type, but rather the vulnerabilities that exist across today’s security landscape you should be aware of. Keep reading to learn the latest and greatest so you can stay ahead of adversaries.

Read More

 

December 2021

New year, new bugs! And we don’t mean the creepy crawly type, but rather the vulnerabilities that exist across today’s security landscape you should be aware of. Keep reading to learn the latest and greatest so you can stay ahead of adversaries.

Read More

Research Spotlight

Unauthenticated Remote Code Execution in a Wide Range of DrayTek Vigor Routers

The Trellix Threat Labs Vulnerability Research team has found an unauthenticated remote code execution vulnerability, filed under CVE-2022-32548 affecting multiple DrayTek routers.

Read More

5G: The Final Frontier

Today Trellix Threat Labs is excited to announce the release of a whitepaper dedicated to 5G and its potential security concerns. As we look at the potential of 5G, we foresee it impacting nearly every facet of digital life in the developed world.

Read More

The Hermit Kingdom’s Ransomware play

In February 2016, news broke about what is now known as the ‘Bangladesh Bank Heist’. Hackers attempted to transfer nearly one billion USD through the SWIFT system towards recipients at other banks.

Read More

Connected Healthcare: A Cybersecurity Battlefield We Must Win

The medical industry is at unique risk of attack due to the numerous purpose-built devices. Their lack of ubiquity creates a false sense of security and reduced scrutiny from the security research industry.

Read More

The Sound of Malware

We have frequently used code comparisons and visualizations but would it be possible to compare malware samples using a more abstract technique? What about sound?

Read More

Critical Flaws in Widely Used Building Access Control System

Vulnerabilities in an industrial control system used to grant physical access to privileged facilities and integrate with more building automation deployments.

Read More

Automotive

Trellix researchers investigate the attack surfaces in autonomous vehicles as well as the machine learning algorithms and physical-to-digital attacks related to them.

Learn More

Critical Infrastructure

Trellix researchers investigate multiple areas of critical infrastructure implementations, including human machine interface (HMI) software, programmable logic controllers (PLCs), and network protocols, such as MODBUS, ICCP, and others.

Learn More

Healthcare and Medical Devices

Our research explores medical devices, networks, protocols, and security practices to help healthcare organizations innovate securely.

Learn More

Software-Defined Radio

Our research looks at radio frequency, including near-field communications (NFC and RFID) and wireless transmissions to determine potential impacts to network and proximity devices.

Learn More

Browser, Operating System & Enterprise Software

By discovering and disclosing critical vulnerabilities in the world’s most popular software, the Trellix threat labs team continuously reduces the overall attack surface for one of the most attractive targets for cybercriminals.

Learn More

Consumer Electronics & IOT

Our researchers look for vulnerabilities in consumer devices to identify threats and guide manufacturers toward more secure products, reducing the potential for attackers to gain access to home or business networks.

Learn More