Trellix Network Detection and Response (NDR) Features

Prevention (5)

Intrusion Prevention: As reported in 18 Trellix Network Detection and Response (NDR) reviews. Enforces security paramaters to prevent unauthorized access.
Firewall: Based on 18 Trellix Network Detection and Response (NDR) reviews. Protects servers, data center infrastructure and information from a variety of attacks and malware threats.
Encryption: Provide some level of encryption of information, protecting sensitive data while it exists within the data center. This feature was mentioned in 18 Trellix Network Detection and Response (NDR) reviews.
Security hardening: As reported in 18 Trellix Network Detection and Response (NDR) reviews. Facilitates system and network security by identifying and remediating vulnerabilities
Cloud Data Protection: As reported in 15 Trellix Network Detection and Response (NDR) reviews. Provides high quality and wide scope of in-cloud and offline data security capabilities.

Intrusion Detection: Detects unauthorized access and use of privileged systems. This feature was mentioned in 17 Trellix Network Detection and Response (NDR) reviews.
Security Monitoring: Detects anomalies in functionality, user accessibility, traffic flows, and tampering. This feature was mentioned in 19 Trellix Network Detection and Response (NDR) reviews.
Anti-Malware / Malware Detection: Provides multiple techniques and information sources to alert users of malware occurrences. 18 reviewers of Trellix Network Detection and Response (NDR) have provided feedback on this feature.

Compliance: As reported in 16 Trellix Network Detection and Response (NDR) reviews. Supports compliance with PII, GDPR, HIPPA, PCI, and other regulatory standards.
Administration Console -: As reported in 18 Trellix Network Detection and Response (NDR) reviews. Provides a centralized console for administation tasks and unified control.
API / integrations: Application Programming Interface - Specification for how the application communicates with other software. API's typically enable integration of data, logic, objects, etc. with other software applications. 17 reviewers of Trellix Network Detection and Response (NDR) have provided feedback on this feature.

Metadata Management: Indexes metadata descriptions for easier searching and enhanced insights
Artificial Intelligence & Machine Learning: Facilitates Artificial Intelligence (AI) or Machine Learning (ML) to enable data ingestion, performance suggestions, and traffic analysis.
Response Automation: Reduces time spent remedying issues manually. Resolves common network security incidents quickly.
Continuous Analysis: Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.

Multi-Network Capability: Provides monitoring capabilities for multiple networks at once.
Anomaly Detection: Constantly monitors activity related to user behavior and compares activity to benchmarked patterns.
Network Visibility: Provides all-encompassing display and analysis of environments, resources, traffic, and activity across networks.
Scalability: Provides features to allow scaling for large organizations.
Incident Alerts: Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.
Anomaly Detection: Constantly monitors activity related to user behavior and compares activity to benchmarked patterns.
Continuous Analysis: Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.
Decryption: Facilitates the decryption of files and data stored using cryptographic algorithms.

File Analysis: Identifies potentially malicious files and applications for threats files and applications for abnormalities and threats.
Memory Analysis: Analyzes infortmation from a computer or other endpoint's memory dump for information removed from hard drive.
Registry Analysis: Identifies recently accessed files and applications for abnormalities and threats.
Email Analysis: Parses and/or extracts emails and associated content for malware, phishing, other data that can be used in investigations.
Linux Analysis: Allows for parsing and/or extraction of artifacts native to Linux OS including but not limited to system logs, SSH activity, and user accounts.