Endpoint/Device Security, Channel partners, Content, Security Program Controls/Technologies, MSSP, Threat Intelligence, Threat Management

Trellix Expands Threat Intelligence Portfolio, Launches Security Suite

Search Hacked warning on laptop Concept of privacy data being hacked and breached from internet technology threat. 3d renderring.

Trellix has expanded its threat intelligence portfolio to increase threat expertise and actionable intelligence to help customers worldwide fend off cyber adversaries, the eXtended detection and response (XDR) provider announced.

What's New at Trelllix?

The San Francisco-based company’s new offerings include Vulnerability Intelligence and Trellix Intelligence-as-a-Service. A partnership with Intel 471 will bring dark web malware insights to customers of Trellix Insights and Trellix Advanced Threat Landscape Analysis Systems (ATLAS) to boost the firm’s threat intelligence capability of more than 2,500 threat campaigns and 250 threat groups.

Intel 471 is known for its advanced cybercrime and adversary intelligence, and through this partnership, customers will gain specific insight into malware families, Trellix said.

Commenting on the advancements, Joseph Tal, senior vice president of the Trellix Advanced Research Center, said:

“Threat intelligence is at the heart of cyber defense, serving as the source of truth for cybersecurity practitioners. Understanding adversaries in a highly dynamic landscape requires 24/7 insights tailored to organizations’ specific needs. An expanded Trellix Threat Intelligence portfolio will offer breadth and depth of intelligence and geopolitical awareness accessible to organizations of all sizes.”

The new offerings include:

  • Vulnerability Intelligence. Trellix Insights now adds to the Common Vulnerability Scoring System (CVSS) on critical vulnerabilities with Vulnerability Intelligence enrichment.
  • Advanced Research Center vulnerability experts. These capabilities are further strengthened by the Cybersecurity & Infrastructure Security Agency’s (CISA) Known Exploited Vulnerability (KEV) catalog.
  • Threat Intelligence Services. With new tiered offerings, global organizations can now leverage Trellix Intelligence-as-a-Service, an offering previously available to an exclusive set of government and intelligence agencies. The service offers a direct link to Trellix threat experts to gain customized threat intelligence from the Trellix Advanced Research Center.

Trellix Debuts Endpoint Security Suite

Separately, Trellix launched an Endpoint Security Suite to empower Security Operations Center (SOC) analysts with superior visibility and control in a single pane of glass to proactively secure all endpoints. It's comprised of Trellix Endpoint Security (ENS), Trellix Endpoint Detection and Response (EDR), and Trellix Endpoint Forensics.

Key capabilities of the suite include:

  • Endpoint protection optimization at scale delivers proactive attack surface management and a full-featured threat prevention stack.
  • Effective and efficient alert triage and response provides alerts and incidents triage and remediation plus AI-guided investigation for faster response.
  • Forensics and root cause analysis offers a powerful tool providing a deeper understanding of threats while improving detection.
  • Solid foundation provides an extensible solution with broad and deep coverage for endpoints, which is natively integrated with the Trellix XDR engine.

Finally, Trellix received Authorization to Operate (ATO) from the Advisory Council on Historic Preservation (ACHP) at the High impact level. Trellix is the first independent security vendor to receive ATO for EDR at the High impact level, which designates the vendor has undergone significant auditing and evaluation of its security controls.

As Trellix Chief Product Officer Aparna Rayasam explained:

“Trellix will work closely with the FedRAMP and the U.S. government to lead in achieving the Agency’s highest standard. We will continue to pursue and meet improved security controls to spotlight our products’ security proficiencies and benefit all of our customers.”

Trellix EDR strengthens customers’ cyber posture and reduces the mean time to detect and respond to threats through advanced analytics, guided investigations, and automation, the company said. Customers outside of the U.S. government now have assurance Trellix EDR security controls are vetted by a FedRAMP-approved third-party assessor, and a sponsoring agency backs the Trellix certification.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.