Government
Support
Contact
Login

Trellix Login Trellix Hive Developer Portal Marketplace
Search

Clear | Search Tips

Quick Links

Why Trellix? | Products | Advanced Research Center | Newsroom | Blogs
Change Language

Australia (English) Brasil (Português) Canada (English) Canada (Français) Deutschland (Deutsch) España (Español) France (Français) Hong Kong (English) India (English) Italia (Italiano) 日本 (日本語) 대한민국 (한국어) México (Español) Singapore (English) United Kingdom (English) United States (English)

PLATFORM CAPABILITIES

Trellix XDR Platform

Strengthen your security posture and protect your organization with confidence.

Trellix Wise

Your sixth sense for security, Trellix Wise is GenAI to solve your toughest security operations challenges with hyper automation.

PROFESSIONAL SERVICES

EDUCATION AND TRAINING

Trellix Thrive

Make the most of your investment in Trellix’s industry-leading cybersecurity technologies.

RESEARCH

Latest Research Blogs

Get the latest cybersecurity trends, best practices, security vulnerabilities, and more.

Latest Report

Trellix’s Advanced Research Center highlights insights, intelligence, and guidance gleaned from multiple sources of critical data.

Get Started

Take a Product Tour Request a Demo Cybersecurity Assessment Contact Us

Trellix Advanced Threat Landscape Analysis System

Giving customers a unique insight into malicious file, domain, and IP detections seen worldwide.

View the Data Sheet Request a Demo

Advanced Threat Landscape Analysis System (ATLAS) data is aggregated from various Trellix data sources to provide the latest global emerging threats with enriched data such as industry sector and geolocation. ATLAS correlates these threats with campaign data containing research from Trellix’s Advanced research Center (ARC) and Threat Intelligence Group (TIG), as well as open-source data, to provide a dedicated view for campaigns consisting of events, dates, threat actors, IOCs, and more.

Benefits

Enables customers unique global insight into the malicious threat detections seen worldwide by Trellix. Geospatially enabled situational awareness. 
Utilizes the Trellix telemetry data collected worldwide.
Highlights current and emerging threats by highlighting those of particular interest by type, industry sector, geolocation, most seen, etc.
Correlates Trellix telemetry with the latest contextual threat intelligence containing campaign data provided by Trellix's Advanced Research Center (ARC), as well as open-source data.
Provides a dedicated view for campaigns consisting of events, dates, threat actors, IOCs, threat tools, threat categories, MITRE ATT&CK patterns, countries, and more.
Includes dashboards for threat intelligence created by ARC, including vulnerability intelligence consisting of the latest high impact vulnerabilities.
Flexible and dynamic. Users can craft queries and filter results in any view, using any combination of fields present in ATLAS.

Features

ATLAS includes several standard dashboards for indicators of compromise (IOCs), threat actors and campaigns. Dashboards vary slightly from one another but share similar design elements, visualizations, and workflows.

Campaigns Dashboard

Click on Campaign Threats in the menu to view the latest intelligence from our team of industry-leading researchers. The campaign dashboard collates the latest analysis of thousands of emerging threats into one location. Here you will find cutting-edge research from Trellix specialists, as well as open-source intelligence from around the world.

Campaign data is imported from Trellix’s backend intelligence platform MISP. As part of this process, ATLAS automatically enriches our prevalence data with campaign IOCs.

Vulnerability Intelligence

The vulnerability dashboard collates the analysis of the latest high impact vulnerabilities. The analysis and triage are performed by the Advanced Research Center’s industry experts on vulnerabilities. These researchers, who specialize in reverse engineering and vulnerability analysis, continuously monitor the latest vulnerabilities and how threat actors are utilizing these in their attacks to provide remediation guidance. This concise and highly technical expert advice allows you to filter the signal from the noise and to focus on the most impactful vulnerabilities that can affect your organization allowing you to react faster.

ATLAS Detections Dashboards include several visualization types for prevalence of malicious IP addresses, files, and URLs that empower customers with comprehensive situational awareness of the global threat landscape.

Prevalence Dashboards

Within the menu dropdown labelled Trellix Detections are links to the prevalence dashboards. Each of these dashboards is dedicated to one class of IOC and are populated daily with detections from the full range of Trellix products.

Within each prevalence dashboard you will find:
- Which attacks are most relevant to your organization.
- When and where they are occurring.
- What industry sectors are affected.
- Whether they belong to any organized campaigns.

File Prevalence
Includes malicious file hash detections in MD5 and SHA256 formats. Each hash is classified by reputation and trust score.

URL Prevalence
Includes detections of client interactions with malicious domains, hosts, and URLs. Detections are further categorized by risk, site function, and any malicious files that they deploy.

IP Prevalence
A catalog of attempted connections to known malicious IP addresses.