Trellix Network Detection and Response (NDR) Features

Enforces security paramaters to prevent unauthorized access.

Protects servers, data center infrastructure and information from a variety of attacks and malware threats.

Provide some level of encryption of information, protecting sensitive data while it exists within the data center.

Facilitates system and network security by identifying and remediating vulnerabilities

Provides high quality and wide scope of in-cloud and offline data security capabilities.

Detects unauthorized access and use of privileged systems.

Detects anomalies in functionality, user accessibility, traffic flows, and tampering.

Provides multiple techniques and information sources to alert users of malware occurrences.

Supports compliance with PII, GDPR, HIPPA, PCI, and other regulatory standards.

Provides a centralized console for administation tasks and unified control.

Application Programming Interface - Specification for how the application communicates with other software. API's typically enable integration of data, logic, objects, etc. with other software applications.

Indexes metadata descriptions for easier searching and enhanced insights

Facilitates Artificial Intelligence (AI) or Machine Learning (ML) to enable data ingestion, performance suggestions, and traffic analysis.

Reduces time spent remedying issues manually. Resolves common network security incidents quickly.

Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.

Provides monitoring capabilities for multiple networks at once.

Constantly monitors activity related to user behavior and compares activity to benchmarked patterns.

Provides all-encompassing display and analysis of environments, resources, traffic, and activity across networks.

Provides features to allow scaling for large organizations.

Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.

Constantly monitors activity related to user behavior and compares activity to benchmarked patterns.

Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.

Facilitates the decryption of files and data stored using cryptographic algorithms.

Information on each incident is stored in databases for user reference and analytics.

Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.

Produces reports detailing trends and vulnerabilities related to their network and infrastructure.

Identifies potentially malicious files and applications for threats files and applications for abnormalities and threats.

Analyzes infortmation from a computer or other endpoint's memory dump for information removed from hard drive.

Identifies recently accessed files and applications for abnormalities and threats.

Parses and/or extracts emails and associated content for malware, phishing, other data that can be used in investigations.

Allows for parsing and/or extraction of artifacts native to Linux OS including but not limited to system logs, SSH activity, and user accounts.

Produces reports detailing trends and vulnerabilities related to their network and infrastructure.

Provides relevant and helpful suggestions for vulnerability remediation upon detection.

Reduces time spent remedying issues manually. Resolves common network security incidents quickly.

Condenses long documents or text into a brief summary.

Allows users to generate text based on a text prompt.

Condenses long documents or text into a brief summary.

Capability to perform complex tasks without constant human input

Anticipates needs and offers suggestions without prompting