Beyond the single vector Connecting email, endpoints, servers, cloud workloads, and networks provides a broader perspective and a better context to hunt, detect, and contain threats. Correlated detection Powerful security analytics correlate data across the customer environment and Trend Micro’s global threat intelligence to deliver fewer, higher-confidence alerts, leading to better, earlier detection. Integrated investigation and response One place for investigation simplifies the steps to achieving an attack-centric view of an entire chain of events across security layers with the ability to take response actions from a single place. Trend Micro™ XDR collects and correlates deep activity data across multiple vectors - email, endpoints, servers, cloud workloads, and networks - enabling a level of detection and investigation that is difficult or impossible to achieve with SIEM or individual point solutions. With a combined context, events that seem benign on their own suddenly become meaningful indicators of compromise, and you can quickly contain the impact, minimizing the severity and scope. XDR provides a SIEM connector to forward alerts. By correlating events from Trend Micro products, fewer, higher-confidence alerts are sent, reducing the triage effort required by security analysts. Upon clicking on a SIEM alert, an analyst can access the XDR investigation workbench to get further visibility, conduct deeper analysis, and take necessary action. Find incidents earlier with correlated detections and built-in threat intelligence Trend Micro XDR applies effective expert analytics to the activity data collected from its native products in the environment to produce correlated, actionable alerts. Global threat intelligence from the Trend Micro Smart Protection Network™ combined with continuously updated expert detection rules maximizes the power of analytical models in unparalleled ways. New rules and detection models are pushed out regularly, optimizing the ability to look for different behaviors across security layers to identify complex attacks. XDR’s cloud analytics can consider activities like PowerShell that would not necessarily generate an alert or a SIEM log but can be used to correlate with other activities to better identify if an activity is, in fact, malicious.
Products specifications
Attribute name | Attribute value |
---|
License level purchase required | 251-500 license(s) |
Software type | Add-on |