Trellix Network Detection and Response (NDR) Features

Prevention (5)

Intrusion Prevention: As reported in 18 Trellix Network Detection and Response (NDR) reviews. Enforces security paramaters to prevent unauthorized access.
Firewall: Protects servers, data center infrastructure and information from a variety of attacks and malware threats. 18 reviewers of Trellix Network Detection and Response (NDR) have provided feedback on this feature.
Encryption: As reported in 18 Trellix Network Detection and Response (NDR) reviews. Provide some level of encryption of information, protecting sensitive data while it exists within the data center.
Security hardening: Facilitates system and network security by identifying and remediating vulnerabilities This feature was mentioned in 18 Trellix Network Detection and Response (NDR) reviews.
Cloud Data Protection: Provides high quality and wide scope of in-cloud and offline data security capabilities. 15 reviewers of Trellix Network Detection and Response (NDR) have provided feedback on this feature.

Intrusion Detection: Based on 17 Trellix Network Detection and Response (NDR) reviews. Detects unauthorized access and use of privileged systems.
Security Monitoring: Detects anomalies in functionality, user accessibility, traffic flows, and tampering. 19 reviewers of Trellix Network Detection and Response (NDR) have provided feedback on this feature.
Anti-Malware / Malware Detection: Based on 18 Trellix Network Detection and Response (NDR) reviews. Provides multiple techniques and information sources to alert users of malware occurrences.

Compliance: Supports compliance with PII, GDPR, HIPPA, PCI, and other regulatory standards. 16 reviewers of Trellix Network Detection and Response (NDR) have provided feedback on this feature.
Administration Console -: Provides a centralized console for administation tasks and unified control. 18 reviewers of Trellix Network Detection and Response (NDR) have provided feedback on this feature.
API / integrations: Based on 17 Trellix Network Detection and Response (NDR) reviews. Application Programming Interface - Specification for how the application communicates with other software. API's typically enable integration of data, logic, objects, etc. with other software applications.

Metadata Management: Indexes metadata descriptions for easier searching and enhanced insights
Artificial Intelligence & Machine Learning: Facilitates Artificial Intelligence (AI) or Machine Learning (ML) to enable data ingestion, performance suggestions, and traffic analysis.
Response Automation: Reduces time spent remedying issues manually. Resolves common network security incidents quickly.
Continuous Analysis: Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.

Multi-Network Capability: Provides monitoring capabilities for multiple networks at once.
Anomaly Detection: Constantly monitors activity related to user behavior and compares activity to benchmarked patterns.
Network Visibility: Provides all-encompassing display and analysis of environments, resources, traffic, and activity across networks.
Scalability: Provides features to allow scaling for large organizations.
Incident Alerts: Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.
Anomaly Detection: Constantly monitors activity related to user behavior and compares activity to benchmarked patterns.
Continuous Analysis: Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.
Decryption: Facilitates the decryption of files and data stored using cryptographic algorithms.

File Analysis: Identifies potentially malicious files and applications for threats files and applications for abnormalities and threats.
Memory Analysis: Analyzes infortmation from a computer or other endpoint's memory dump for information removed from hard drive.
Registry Analysis: Identifies recently accessed files and applications for abnormalities and threats.
Email Analysis: Parses and/or extracts emails and associated content for malware, phishing, other data that can be used in investigations.
Linux Analysis: Allows for parsing and/or extraction of artifacts native to Linux OS including but not limited to system logs, SSH activity, and user accounts.