a>
An advanced threat protection platform that combines machine learning, behavioral analysis, and threat intelligence to protect banking networks, endpoints, and cloud workloads. Features include zero-day exploit protection, machine-learning malware detection, and integrated EDR capabilities.
Systems that protect the bank's information assets from cyber threats and ensure secure banking operations.
More Cybersecurity Solutions
More IT and Infrastructure ...
|
Multi-factor Authentication Requires multiple forms of verification before granting access. |
Trellix Endpoint Security documentation lists multi-factor authentication as supported for console and management access. | |
|
Role-Based Access Control Grants permissions based on user roles and responsibilities. |
Role-Based Access Control (RBAC) is highlighted in Trellix's admin guides for operational separation in large enterprises. | |
|
Single Sign-On (SSO) Allows users to authenticate once for multiple applications. |
Single Sign-On (SSO) is available via SAML and other identity providers per product documentation. | |
|
Access Logging Records all access attempts for audit trails. |
Access logging for admin and endpoint actions is present as part of audit trails. | |
|
Privileged Account Management Controls and monitors elevated permissions. |
Privileged account management and least privilege access are part of the admin controls in Trellix solutions. | |
|
User Session Timeout Automatically terminates inactive sessions. |
Session timeout and forced logout features are available for console and endpoint sessions. | |
|
Device Whitelisting Restricts access to approved devices only. |
No information available | |
|
Granular Permission Levels Supports fine-grained permissions per function. |
Granular permissions (fine control over security policy and agent features) are exposed to administrators. | |
|
API Key Management Secures and controls access to APIs. |
API key management is available for the platform's management and integration functions. | |
|
Geolocation-based Access Restrictions Limits access based on user's physical or network location. |
No information available | |
|
Number of Supported Authentication Methods The total number of different authentication methods available (e.g., biometric, SMS OTP, hardware key, etc.). |
No information available |
|
End-to-End Encryption Encrypts data during all states and transfers. |
End-to-end encryption is used for all data in transit between endpoints, servers, and consoles. | |
|
Database Encryption Encrypts stored data in databases. |
Database encryption for logs, configurations, and sensitive event data is documented. | |
|
File Integrity Monitoring Detects unauthorized changes to critical files. |
File integrity monitoring is cited as an included endpoint protection feature. | |
|
Data Masking Obfuscates sensitive data in non-production environments. |
Data masking in operational logs and reports is available per data protection requirements. | |
|
Tokenization Replaces sensitive information with random tokens. |
Tokenization of sensitive fields supported in logs and database storage. | |
|
Data Loss Prevention (DLP) Prevents unauthorized data transfer or loss. |
Data Loss Prevention (DLP) is one of the extensible modules available (as standalone or integrated). | |
|
Data Backup Frequency Frequency at which backups of critical data are performed. |
No information available | |
|
Audit Logging Maintains comprehensive logs of data access and changes. |
Audit logging is performed for all security events, admin changes, and endpoint actions. | |
|
Automated Key Rotation Automatically rotates cryptographic keys at defined intervals. |
Automated key rotation is part of cryptographic controls on the platform. | |
|
Retention Policy Management Controls how long data is kept and when it is deleted. |
Retention policies for logs, data, and security events can be configured and automated. |
|
Firewall Provides perimeter security by filtering incoming and outgoing network traffic. |
Firewall capabilities are present as part of endpoint protection suite. | |
|
Intrusion Detection System (IDS) Monitors and detects malicious network activity. |
Intrusion Detection System (IDS) features are integrated in endpoint and network modules. | |
|
Intrusion Prevention System (IPS) Blocks and prevents detected threats. |
Intrusion Prevention System (IPS) is part of the endpoint security stack. | |
|
Virtual Private Network (VPN) Secures remote access to banking resources. |
No information available | |
|
Network Segmentation Divides the network into separate zones for better security. |
No information available | |
|
Distributed Denial of Service (DDoS) Protection Detects and mitigates DDoS attacks. |
DDoS protection is mentioned as part of advanced threat defense integration with networking. | |
|
Deep Packet Inspection Examines traffic for threats beyond simple packet headers. |
Deep Packet Inspection available on some network/endpoint modules as cited in documentation. | |
|
Encrypted Network Traffic Ensures all internal and external communication is encrypted. |
All network traffic, both internal and external, is encrypted between agents and servers. | |
|
Bandwidth Monitoring Monitors bandwidth utilization for anomalies. |
No information available | |
|
Network Traffic Analysis Capability The number of simultaneous connections that can be analyzed. |
No information available |
|
Security Information and Event Management (SIEM) Aggregates, analyzes, and alerts on security events. |
SIEM integration is native, with event forwarding to security information and event management systems. | |
|
Automatic Threat Remediation Responds to detected threats without manual intervention. |
Automatic threat remediation is featured in Trellix EDR, with policies for automated responses. | |
|
Real-time Alerting Notifies security personnel immediately upon threat detection. |
Real-time alerting is available via dashboards and notification channels. | |
|
Threat Intelligence Integration Ingests external threat intelligence feeds. |
Threat Intelligence Integration is a highlighted differentiator of the product. | |
|
Incident Response Playbooks Provides pre-defined procedures for common security incidents. |
Incident response playbooks (workflows) are available for automated security operations. | |
|
Threat Simulation and Red Team Testing Supports simulated attacks for evaluation. |
Threat simulation capabilities (for red team/blue team exercises) are referenced in solution overviews. | |
|
False Positive Rate The percentage of security alerts that are determined to be benign. |
No information available | |
|
Time to Detect Average time between threat occurrence and detection. |
No information available | |
|
Time to Respond Average time between detection and mitigation. |
No information available | |
|
Automated Compliance Reporting Generates regulatory and incident response reports automatically. |
Automated compliance reporting (for regulatory and incident response) is a native feature. |
|
Endpoint Detection and Response (EDR) Monitors endpoints for threats and suspicious activity. |
EDR (Endpoint Detection and Response) is a core, integrated function. | |
|
Anti-malware Protection Prevents malicious software from infecting endpoints. |
Anti-malware and anti-virus protections (including ML models) are included. | |
|
Device Control Restricts usage of external devices like USB drives. |
Device control (USB, external media control) is offered in device policy sets. | |
|
Patch Management Automates the distribution of security updates. |
Automated patch management is available for supported operating systems. | |
|
Mobile Device Management (MDM) Secures and manages mobile endpoints. |
Mobile Device Management (MDM) is supported via separate or integrated products. | |
|
Remote Wipe Capability Erases data from lost or stolen devices remotely. |
Remote wipe is supported for mobile and laptop endpoints. | |
|
Application Whitelisting/Blacklisting Controls which applications can be installed or run. |
Application whitelist/blacklist policies are included for endpoint controls. | |
|
Endpoint Isolation Allows quick quarantine of compromised devices. |
Endpoint isolation features are built-in to respond to live threats. | |
|
Number of Devices Supported Maximum number of endpoints protected by the solution. |
No information available | |
|
Endpoint Policy Enforcement Automatically enforces security policies on all endpoints. |
Automated endpoint policy enforcement is a standard component. |
|
Behavioral Analytics Analyzes user behavior for anomalies indicative of fraud. |
Behavioral analytics with ML for user, device, and process behaviors is promoted as an advanced feature. | |
|
Transaction Monitoring Monitors transactions in real time for suspicious patterns. |
Real-time transaction monitoring is available for financial fraud detection when integrated. | |
|
Machine Learning Models Uses AI models to identify emerging fraud techniques. |
Machine learning models for malware, phishing, and fraud are emphasized in feature overviews. | |
|
Geolocation Verification Checks if transactions originate from expected regions. |
No information available | |
|
Device Fingerprinting Identifies repeat or suspicious devices. |
Device fingerprinting capabilities are used to identify anomalous endpoints. | |
|
Case Management Tracks fraud investigation from detection to closure. |
No information available | |
|
Rule-based Alerts Generates alerts based on pre-set fraud rules. |
Rule-based alerts can be created for endpoint, user, process, and network events. | |
|
False Positive Rate Percentage of transactions erroneously flagged as fraud. |
No information available | |
|
Detection Speed Average time taken to detect suspicious activities. |
No information available | |
|
Integration with Core Banking Systems Supports real-time integration with existing banking infrastructure. |
Supports direct integration with core banking and payments platforms. |
|
Web Application Firewall (WAF) Protects web applications from common exploits. |
Web Application Firewall (WAF) features are available in extended Trellix portfolio. | |
|
Vulnerability Scanning Regularly scans for known security weaknesses. |
Vulnerability scanning for endpoints and apps is available. | |
|
Secure Coding Standards Enforcement Ensures adherence to secure development practices. |
Secure coding standards can be enforced on integration with devops pipelines. | |
|
Regular Penetration Testing Conducts simulated attacks to find weaknesses. |
Penetration testing support is referenced in security partner offerings. | |
|
Automated Patch Deployment Deploys application security patches automatically. |
Automated patch deployment for applications is supported where possible. | |
|
Code Obfuscation Makes application source code harder to reverse-engineer. |
No information available | |
|
Session Management Security Protects active user sessions against hijacking. |
Session management security, including session hijack prevention, is available. | |
|
API Security Controls Protects and monitors API endpoints. |
API Security controls are present both for product and integration endpoints. | |
|
Number of Supported Programming Languages The range of programming frameworks or languages natively supported for secure app development. |
No information available | |
|
Dynamic Application Security Testing (DAST) Integration Integrates tools for runtime security testing of applications. |
Dynamic Application Security Testing (DAST) tools integrate with application and API firewalls. |
|
Prebuilt Compliance Reporting Offers reports tailored for key banking regulations. |
Prebuilt compliance reporting (e.g., PCI-DSS, GDPR) is highlighted in product datasheets. | |
|
Automated Policy Management Automates the application and monitoring of compliance policies. |
No information available | |
|
Audit Trail Management Maintains immutable logs for audit purposes. |
Secured, immutable audit trail support for logging and regulatory audit requirements. | |
|
Regulatory Change Monitoring Tracks changes in relevant regulations and standards. |
No information available | |
|
Self-assessment Tools Allows internal audits for compliance readiness. |
No information available | |
|
Compliance Workflow Automation Automates workflows to meet compliance requirements. |
No information available | |
|
Data Residency Controls Specifies where data can be stored based on regulations. |
No information available | |
|
Regulatory Coverage Number of major regulations covered out-of-the-box. |
No information available | |
|
Retention Policy Automation Automatically applies data retention and deletion policies. |
Retention policy automation is part of endpoint security data and compliance workflows. | |
|
Secure Document Management Secure storage and retrieval of compliance documentation. |
Secure document management for storage of SOC/compliance reports is integrated. |
|
Centralized User Directory Maintains a single source of truth for user authentication. |
Centralized user directory (via AD/LDAP integration) is available for authentication. | |
|
Self-service Password Reset Allows users to reset passwords without admin assistance. |
Self-service password reset is noted in Trellix's IAM and admin documentation. | |
|
User Provisioning and Deprovisioning Automates onboarding and offboarding staff access. |
User provisioning/deprovisioning workflows are supported (manually and via API). | |
|
Federated Identity Support Allows use of external identity providers (SAML, OAuth, etc.). |
Federated identity with SAML/OAuth for external integrations is documented. | |
|
Access Certification Regularly reviews and certifies user privileges. |
Regular review and certification of user access/privileges can be automated. | |
|
Credential Encryption Ensures user credentials are encrypted at rest and in transit. |
Credential encryption at rest and in transit is explicitly specified in product guides. | |
|
Group Management Supports management of user groups and access policies. |
Group management (user roles, assignment) available in admin interfaces. | |
|
Identity Federation Integrations Number of external identity federations supported. |
No information available | |
|
Password Policy Enforcement Automatically applies strong password requirements. |
Password policy enforcement is a mandatory admin setting in Trellix. | |
|
User Access Review Automation Automates periodic reviews of user access rights. |
No information available |
|
Real-time Dashboards Visualizes live security and system data. |
Real-time dashboards are core to the admin and SOC analyst interface. | |
|
Customizable Reports Allows users to define and schedule security and compliance reports. |
Customizable reporting is a highlighted feature for compliance and operations. | |
|
Alert Threshold Customization Enables setting of specific alert thresholds. |
Alert thresholds can be customized by policy, user, endpoint, and event type. | |
|
Historical Data Retention Keeps historical security data for analysis. |
Historical data retention is supported and configurable in reporting/data management. | |
|
Audit Log Integration Centralizes logs from various sources. |
Audit log integration with third-party SOC/SIEM platforms is available. | |
|
Automated Reporting Frequency How often reports are automatically generated. |
No information available | |
|
User Activity Monitoring Tracks user activities for policy violations. |
User activity monitoring and event correlation are promoted for policy enforcement. | |
|
Custom Alert Channels Supports multiple channels for alerting (email, SMS, app). |
Multiple notification/alert channels (email, SMS, SIEM feed, API) are supported. | |
|
Third-party Log Integration Integrates with external log and monitoring providers. |
Logs and alerts are importable/exportable for external log aggregation. | |
|
Report Retention Period Length of time reports are stored and accessible. |
No information available |
|
Disaster Recovery Planning Provides tools for planning and testing disaster recovery. |
Disaster recovery planning and runbook export is covered under Trellix business continuity guides. | |
|
Business Continuity Management Ensures continued operations during disruptions. |
Business continuity and resilience management is part of enterprise solutions. | |
|
Automated System Failover Automatically switches to backup systems on failure. |
No information available | |
|
Backup and Restore Automation Automates data and system backup/restore processes. |
Automated backup and restore are fully integrated for endpoint data resilience. | |
|
Ransomware Recovery Supports fast recovery from ransomware attacks. |
Rapid ransomware recovery is a claimed benefit in Trellix marketing and technical resources. | |
|
Recovery Time Objective (RTO) Target time to restore function after disruption. |
No information available | |
|
Recovery Point Objective (RPO) Maximum acceptable amount of data loss after an incident. |
No information available | |
|
Resilience Testing Support Enables regular testing of resilience and recovery plans. |
Resilience testing support (scheduled failover and DR testing) is referenced in admin tools. | |
|
Automated System Health Checks Monitors backup and resilience readiness automatically. |
System health checks are performed regularly, with alerting on backup issues. | |
|
Service Level Agreement (SLA) Monitoring Tracks compliance with recovery SLAs. |
No information available |
This data was generated by an AI system. Please check
with the supplier. While you are talking to them, remind them that they need
to update their entry.