Trellix Logo
Why Trellix?
Platform
Services
Partners
Resources
About
Get Started
Breached?
Support
Contact Us
Main menu
WHY TRELLIX?
Why Trellix? Trellix vs. the Competition The Trellix Platform Advantage Certifications and Compliance
THREAT INTELLIGENCE
Advanced Research Center Trellix Insights Threat Reports Latest Research Blogs
Main menu
PLATFORM CAPABILITIES
About Our Platform Trellix Wise Engine
PRODUCT CATEGORIES
Endpoint Security Data Security Network Security Threat Intelligence Email Security Security Operations View All Products
SOLUTIONS
Operational Technology Ransomware Detection and Response Zero Trust Strategy AI and Security Operations CISO Government
Main menu
PROFESSIONAL SERVICES
Trellix Thrive Managed Detection and Response Solution Services Cyber Consulting Services
EDUCATION AND TRAINING
Education Services Training Courses
Main menu
OUR NETWORK
Partners Overview Security Innovation Alliance OEM & Embedded Alliances Partner Delivered Services
PARTNER PORTAL
Trellix Partner Portal Login Become a Partner
PARTNER LOCATOR
Search for a Trellix Partner
STRATEGIC PARTNERS
Amazon Web Services (AWS) Google Cloud Telefónica Tech
Main menu
RESOURCE CENTER
Resource Library Customer Stories Security Awareness Topics
LEARN
Webinars Weekly Tech Talk Series Product Tours
LOGIN
Trellix Login Trellix Hive Developer Portal Marketplace
Main menu
COMPANY
About Us Leadership Industry Recognition Customer Stories Careers
MEDIA
Press Releases Latest News Blogs View Newsroom
CONNECT
Events Contact Us

Trellix Endpoint Forensics

Trellix Endpoint Forensics (HX) performs fast, targeted forensic investigations across thousands of endpoints.
View Data Sheet Request a Demo
Trellix Endpoint Security HX Product Demo

Industry leading endpoint forensics solution

Trellix Endpoint Forensics is chosen by leading incident response teams around the globe. It can collect forensics data from thousands of endpoints in seconds.

View Technical Specs

Why Trellix Endpoint Forensics?

Protect

Stop threats before they happen. Identify configuration issues including potential exposure to zero days.

Collect

Endpoint telemetry collection, analysis, and indicator searching. Can be deployed post-breach.

Respond

Stop malicious processes, disconnect users, and quarantine hosts to prevent data exfiltration.

Product features

In-depth forensics

Automatically collect files, memory, and processes when an event triggers. Collect full or partial disk images for future investigation.

Rapid remediation

Remotely remove suspicious files, stop processes, and quarantine hosts from the console. Admins can also remote console into endpoints and perform targeted investigations.

Comprehensive data

View all network connections, registry keys, parent/child processes associated with a threat, and more. Collect processes from the host for analysis.

Related Endpoint Security products

Trellix Endpoint Security

Protect against modern and novel threats with multi-layered protection stack delivered in a single agent

Learn More

Trellix Endpoint Detection and Response

Comprehensive EDR solution that reduces time to detection and time to remediation, reducing alert fatigue.

Learn More

Trellix Network Detection and Response

Detect and block advanced threats and lateral movement in real time. Resolve incidents faster using concrete evidence and actionable intelligence.

Learn More

Complementary services to accelerate your success

Installation and Configuration

Integration and Training

Monitoring and Optimization

See a full catalog of service offerings in Trellix Thrive

Man smiling with tablet in his hand

I've been working with Trellix management console. The EDR console is really intuitive and what I like the most is Device menu (all device related data is there) also layout is really cool.”

— Security Engineer, Technology Company

Read the Spotlight

Man smiling with tablet in his hand

We purchased Trellix to increase our security platform effectiveness and efficiencies, what we got was a responsible security partner with great service and expertise.”

— SOC Manager, Aerospace & Defense Company

Read the Spotlight

Woman smiling with hand clasped

The visibility, the centralization through ePO which is helping not only with the security part but also with additional valuable information regarding users, machines and more.”

— IT Security Analyst, IT Services Company

Read the Spotlight

Industry recognition

Trellix is recognized as an industry leader by key analyst firms

View all Awards and Recognitions

Related resources

Blog
Finding Patient Zero with Endpoint Forensics

Trellix's EDR with Forensics helps find the initial infection point of attacks, capturing forensic artifacts to reduce the time an attacker is present in an organization.

Read the Blog

Blog
They Said It - The Shift to Modern Endpoint Security Is Clearly Underway!

IDC identifies the shift to modern endpoint security, emphasizing the need for AI-guided solutions, as well as remediation and policy management.

Read the Blog

Assessment
Trellix Named a Leader in IDC MarketScape

Trellix named a Leader in the IDC MarketScape for Modern Endpoint Security offering EPP, EDR, forensics, and AI-guided investigations in a single agent.

Download the Assessment

Take the next step toward living security for your endpoints

Talk to an Expert Request a Demo