Cybersecurity company Trellix has announced the expansion of its extended detection and response (XDR) platform, including upgrades, a new user interface, and new endpoint and network detection tools.
Announced during the firm’s Xpand Live conference in Las Vegas, the announcements include an upgraded XDR engine, Trellix XDR, designed to provide security operations teams with enhanced playbook for guided investigations and upgraded threat intelligence through an integration of McAfee and FireEye assets.
The upgrades also include the launch of Trellix Event Fabric, which the company says bridges disparate security data from any cloud provider so security analysts can access and correlate data from anywhere and reduce mean time detection and improve mean time to response.
The event also coincided with the announcement of Trellix XConsole, available in early 2023, which the company bills as a new user interface designed to give security teams a single, common operating picture that allows customers to maximize their investments in Trellix tools and third-party integrations. The single user interface allows analysts and responders to quickly baseline their threat posture through added visibility across network, endpoint, data, email and cloud attack surfaces, the company says.
Also arriving in early 2023 is Trellix Endpoint, which the company says unifies McAfee and FireEye enterprise technologies across endpoint protection, endpoint detection and response, and forensics to deliver best-in-class layered endpoint defense. The company says the solution features multi-stage ransomware prevention, identity detection and response, attack surface management and digital forensics and incident response.
The new tools also include Trellix Network Detection & Response (NDR), which is designed to give customers a holistic solution to detecting, investigating and addressing threats across the kill chain, the company says. The tool combines machine learning modules, event-based packet capture and network traffic hunting into a single solution that allows customers to rapidly deploy NDR capabilities across their existing Trellix network products. Using signals from other Trellix intrusion prevention and network security tools, customers can prevent lateral movement and data exfiltration. The solution also leverages triage and investigation features to immediately apply patches to protect against further exploitation. This tool is complemented by the company’s Detection as a Service subscription.
Trellix CEO Bryan Palma says the company has the most comprehensive XDR platform in the security industry.
“Legacy security information and event management (SIEM) technology has failed to modernize security operations,” Palma says. “We are confident Trellix XDR fills this critical gap.”
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply