4.5
3261 Reviews (All time)
Review weighting

Browse Trellix Reviews

Trellix is present in 15 markets with 26 products. Trellix has 3261 reviews with an overall average rating of 4.5.

Data Loss Prevention

The market for DLP technology includes offerings that provide visibility into data usage and movement across an organization. It also involves dynamic enforcement of security policies based on content and context for data in use, data in motion and data at rest. DLP technology seeks to address data-related threats, including the risks of inadvertent or accidental data loss and the exposure of sensitive data, using monitoring, alerting, warning, blocking, quarantining and other remediation features.

Trellix has 1 product in Data Loss Prevention market

Email Security (Transitioning to Email Security Platform)

Email security refers collectively to the prediction, prevention, detection and response framework used to provide attack protection and access protection for email. Email security spans gateways, email systems, user behavior, content security, and various supporting processes, services and adjacent security architecture. Effective email security requires not only the selection of the correct products, with the required capabilities and configurations, but also having the right operational procedures in place.

Trellix has 2 products in Email Security (Transitioning to Email Security Platform) market

Endpoint Detection and Response Solutions (Transitioning to Endpoint Protection Platforms)

The Endpoint Detection and Response Solutions (EDR) market is defined as solutions that record and store endpoint-system-level behaviors, use various data analytics techniques to detect suspicious system behavior, provide contextual information, block malicious activity, and provide remediation suggestions to restore affected systems. EDR solutions must provide the following four primary capabilities: • Detect security incidents • Contain the incident at the endpoint • Investigate security incidents • Provide remediation guidance

Trellix has 1 product in Endpoint Detection and Response Solutions (Transitioning to Endpoint Protection Platforms) market

Endpoint Protection Platforms

Gartner defines an endpoint protection platform (EPP) as security software designed to protect managed endpoints — including desktop PCs, laptop PCs, mobile devices and, in some cases, server endpoints — against known and unknown malicious attacks. EPPs provide capabilities for security teams to investigate and remediate incidents that evade prevention controls. EPP products are delivered as software agents, deployed to endpoints, and connected to centralized security analytics and management consoles. EPPs provide a defensive security control to protect end-user endpoints against known and unknown malware infections using a combination of security techniques (such as static and behavioral analysis) and system controls (such as device control and host firewall management). EPP prevention and protection capabilities are deployed as a part of a defense-in-depth strategy to help reduce the attack surface and minimize the risk of endpoint compromise. EPP detection and response capabilities are used to uncover, investigate, and respond to endpoint threats that evade security prevention, often as a part of broader security operations platforms.

Trellix has 3 products in Endpoint Protection Platforms market

Extended Detection and Response

Extended detection and response (XDR) delivers security incident detection and automated response capabilities for security infrastructure. XDR integrates threat intelligence and telemetry data from multiple sources with security analytics to provide contextualization and correlation of security alerts. XDR must include native sensors, and can be delivered on-premises or as a SaaS offering. Typically, it is deployed by organizations with smaller security teams.

Trellix has 1 product in Extended Detection and Response market

Intrusion Detection and Prevention Systems

The network intrusion detection and prevention system (IDPS) appliance market is composed of stand-alone physical and virtual appliances that inspect defined network traffic either on-premises or in the cloud. They are often located in the network to inspect traffic that has passed through perimeter security devices, such as firewalls, secure Web gateways and secure email gateways. IDPS devices are deployed in-line and perform full-stream reassembly of network traffic. They provide detection via several methods — for example, signatures, protocol anomaly detection, behavioral monitoring or heuristics, advanced threat defense (ATD) integration, and threat intelligence (TI). When deployed in-line, IDPSs can also use various techniques to detect and block attacks that are identified with high confidence; this is one of the primary benefits of this technology. Next-generation IDPSs have evolved in response to advanced targeted threats that can evade first-generation IDPSs.

Trellix has 2 products in Intrusion Detection and Prevention Systems market

Mobile Data Protection Solutions

Gartner defines mobile data protection (MDP) products and services as software security methods that enforce confidentiality policies by encrypting data, and then defending access to that encrypted data on the mass storage systems of end-user workstations. These storage systems include the primary boot drive of a workstation, additional system drives and removable devices used for portability. Storage technologies affected by MDP include magnetic hard-disk drives (HDDs), solid-state drives (SSDs), self-encrypting drives (SEDs), flash drives and optical media. Several methods allow MDP products to delegate all or part of the encryption process to be accomplished by hardware elements, including the CPU and drive controller, and to native capabilities in the OS. Some vendors also have protection capabilities for network storage, and a few also support cloud-based storage environments as an extension to the desktop.

Trellix has 1 product in Mobile Data Protection Solutions market

Mobile Threat Defense

Mobile threat defense (MTD) products protect organizations from malicious threats on iOS and Android devices, at the device, network and application levels. To successfully attack a mobile device, mobile malware must circumvent the controls built into mobile OSs, such as those for app store curation and native mobile OS hardening. MTD products tend to focus on preventing and detecting anomalous behavior by collecting and analyzing indicators of compromise, as well as expected behavior. MTD products gather threat intelligence from the devices they support, as well as from external sources, and use an analysis engine that resides in the cloud, on-premises or on an MTD app installed on devices.

Trellix has 1 product in Mobile Threat Defense market

Network Detection and Response

Network detection and response (NDR) products detect abnormal system behaviors by applying behavioral analytics to network traffic data. They continuously analyze raw network packets or traffic metadata within internal networks (east-west) and between internal and external networks (north-south). NDR products include automated responses, such as host containment or traffic blocking, directly or through integration with other cybersecurity tools. NDR can be delivered as a combination of hardware and software appliances for sensors, some with IaaS support. Management and orchestration consoles can be software or SaaS.

Trellix has 2 products in Network Detection and Response market

Network Sandboxing

Network-based sandboxing is a proven technique for detecting malware and targeted attacks. Network sandboxes monitor network traffic for suspicious objects and automatically submit them to the sandbox environment, where they are analyzed and assigned malware probability scores and severity ratings. Sandboxing technology has been used for years by malware researchers at security companies and even in some large enterprises that are highly security conscious. Traditionally, using a sandbox has been an intensive effort requiring advanced skills. The malware researcher manually submits a suspicious object into the sandbox and analyzes it before flagging it as malware or not. By adding automated features to sandboxing technology (automatically submitting suspicious objects and automatically generating alerts).

Trellix has 2 products in Network Sandboxing market

Security Information and Event Management

SIEM is a configurable security system of record that aggregates and analyzes security event data from on-premises and cloud environments. SIEM assists with response actions to mitigate issues that cause harm to the organization and satisfy compliance and reporting requirements. The security information and event management (SIEM) system must assist with: 1. Aggregating and normalizing data from various IT and operational technology (OT) environments 2. Identifying and investigating security events of interest 3. Supporting manual and automated response actions 4. Maintaining and reporting on current and historical security events

Trellix has 2 products in Security Information and Event Management market

Security Orchestration, Automation and Response Solutions

Security orchestration, automation and response (SOAR) solutions combine incident response, orchestration and automation, and threat intelligence (TI) management capabilities in a single platform. SOAR tools are also used to document and implement processes (aka playbooks, workflows and processes); support security incident management; and apply machine-based assistance to human security analysts and operators. SOAR solutions must provide: - Highly customizable workflow process management that enables repeatable automated tasks to be turned into playbooks that run in isolation or joined together into more sophisticated workflows. - The ability to store (locally or in a third-party system) incident management data to support SecOps investigations. - Manually instigated and automated triggers that augment human security analyst operators to carry out operational tasks consistently. - A mechanism to collate and better operationalize the use of threat intelligence. - Support for a broad range of existing security technologies that supports improved analyst efficiency and acts as an abstraction layer between the desired outcomes and the custom-made set of solutions in place in your environment.

Trellix has 2 products in Security Orchestration, Automation and Response Solutions market

Security Service Edge

Gartner defines security service edge (SSE) as a solution that secures access to the web, cloud services and private applications regardless of the location of the user or the device they are using or where that application is hosted. SSE protects users from malicious and inappropriate content on the web and provides enhanced security and visibility for the SaaS and private applications accessed by end users. Security service edge provides a primarily cloud-delivered solution to control access from end users and edge devices to applications (private or delivered via SaaS) as well as websites (and to a lesser extent general internet traffic). It enables a hybrid workforce more efficiently than traditional on-premises solutions. Capabilities integrated across multiple traffic types and destinations allow a more seamless experience for both users and admins while maintaining a consistent security stance.

Trellix has 1 product in Security Service Edge market

Security Solutions - Others

Reviews for 'Security Solutions - Others'

Trellix has 4 products in Security Solutions - Others market

Zero Trust Network Access

Gartner defines zero trust network access (ZTNA) as products and services that create an identity and context-based, logical-access boundary that encompasses an enterprise user and an internally hosted application or set of applications. The applications are hidden from discovery, and access is restricted via a trust broker to a collection of named entities, which limits lateral movement within a network.

Trellix has 1 product in Zero Trust Network Access market