EDR integration with Insights March 2022 (22.03) release
Last Modified: 2023-07-13 10:21:40 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
EDR integration with Insights March 2022 (22.03) release
Technical Articles ID:
KB95334
Last Modified: 2023-07-13 10:21:40 Etc/GMT Environment
Endpoint Detection and Response (EDR) Trellix Insights (Insights) Summary
Overview on EDR Integration: Insights operates using telemetry feeds from Endpoint Security (ENS) and Trellix Intrusion Prevention System. In the first phase of EDR integration, Insights starts receiving trace event feed from EDR. Insights identifies the presence of a campaign in the trace event feed and notifies the user of the campaign detection. With EDR integration, Insights is expanding its capability of campaign identification. NOTE: Currently, campaign detection by EDR is applicable only to US West (USW) customers. EDR events are shown in Insights, only if the client has both ENS and EDR installed. Changes in filter: Added new filter for ENS / EDR
Where's this filter added? The filter is added to the Campaign Page filter. If ENS / EDR campaign detection is implemented in the user environment, filtering with ENS / EDR lists only the ENS / [N(1] [K(2] EDR campaigns detected in the user environment:
Campaign detection scenario:
Affected ProductsLanguages:This article is available in the following languages: |
|