Trellix Network Detection and Response (NDR) Features

Prevention (5)

Intrusion Prevention: Enforces security paramaters to prevent unauthorized access. This feature was mentioned in 18 Trellix Network Detection and Response (NDR) reviews.
Firewall: Protects servers, data center infrastructure and information from a variety of attacks and malware threats. This feature was mentioned in 18 Trellix Network Detection and Response (NDR) reviews.
Encryption: Provide some level of encryption of information, protecting sensitive data while it exists within the data center. 18 reviewers of Trellix Network Detection and Response (NDR) have provided feedback on this feature.
Security hardening: As reported in 18 Trellix Network Detection and Response (NDR) reviews. Facilitates system and network security by identifying and remediating vulnerabilities
Cloud Data Protection: Provides high quality and wide scope of in-cloud and offline data security capabilities. 15 reviewers of Trellix Network Detection and Response (NDR) have provided feedback on this feature.

Intrusion Detection: Based on 17 Trellix Network Detection and Response (NDR) reviews. Detects unauthorized access and use of privileged systems.
Security Monitoring: Detects anomalies in functionality, user accessibility, traffic flows, and tampering. 19 reviewers of Trellix Network Detection and Response (NDR) have provided feedback on this feature.
Anti-Malware / Malware Detection: Provides multiple techniques and information sources to alert users of malware occurrences. 18 reviewers of Trellix Network Detection and Response (NDR) have provided feedback on this feature.

Compliance: Supports compliance with PII, GDPR, HIPPA, PCI, and other regulatory standards. 16 reviewers of Trellix Network Detection and Response (NDR) have provided feedback on this feature.
Administration Console -: As reported in 18 Trellix Network Detection and Response (NDR) reviews. Provides a centralized console for administation tasks and unified control.
API / integrations: Based on 17 Trellix Network Detection and Response (NDR) reviews. Application Programming Interface - Specification for how the application communicates with other software. API's typically enable integration of data, logic, objects, etc. with other software applications.

Metadata Management: Indexes metadata descriptions for easier searching and enhanced insights
Artificial Intelligence & Machine Learning: Facilitates Artificial Intelligence (AI) or Machine Learning (ML) to enable data ingestion, performance suggestions, and traffic analysis.
Response Automation: Reduces time spent remedying issues manually. Resolves common network security incidents quickly.
Continuous Analysis: Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.

Multi-Network Capability: Provides monitoring capabilities for multiple networks at once.
Anomaly Detection: Constantly monitors activity related to user behavior and compares activity to benchmarked patterns.
Network Visibility: Provides all-encompassing display and analysis of environments, resources, traffic, and activity across networks.
Scalability: Provides features to allow scaling for large organizations.
Incident Alerts: Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.
Anomaly Detection: Constantly monitors activity related to user behavior and compares activity to benchmarked patterns.
Continuous Analysis: Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.
Decryption: Facilitates the decryption of files and data stored using cryptographic algorithms.

File Analysis: Identifies potentially malicious files and applications for threats files and applications for abnormalities and threats.
Memory Analysis: Analyzes infortmation from a computer or other endpoint's memory dump for information removed from hard drive.
Registry Analysis: Identifies recently accessed files and applications for abnormalities and threats.
Email Analysis: Parses and/or extracts emails and associated content for malware, phishing, other data that can be used in investigations.
Linux Analysis: Allows for parsing and/or extraction of artifacts native to Linux OS including but not limited to system logs, SSH activity, and user accounts.