Endpoint Detection and Response (EDR)

Get more out of detection and response

Advanced
detection

Leverage a full portfolio of advanced detection techniques against an ever-growing variety of threats. By integrating endpoint protection and EDR in a single agent, Trend offers a comprehensive detection and response solution with automation and remediation capabilities.

Extended investigation capabilities

Take advantage of the option to extend detection and response across endpoints and email to produce more insightful investigations. With email – the #1 attack source – covered, analysts can trace a root cause analysis back to email to identify all impacted parties, contain the threat, and stop the spread.

Single view.
Single console.

Receive alerts, view detections, and perform investigations on email and endpoints – all within our Apex Central console. No more moving from one console to another.

Server

Memory
  • 4 GB minimum, 16 GB recommended.
  • Available disk space: 500 GB minimum, 1 TB recommended
Operating Systems
  • Windows Server 2008 SP2 (32-bit/64-bit)
  • Windows Server 2008 R2 (64-bit)
Microsoft Internet Information Services (IIS) 7
with all of the following role services:
  • Static Content
  • Default Document
  • Directory Browsing
  • HTTP Errors
  • HTTP Redirection
  • ASP.NET
  • ASP
  • CGI
  • ISAPI Extensions
  • ISAPI Filters
  • Request Filtering
  • IIS Management Console
  • PHP version 5.4.38
Database
  • Microsoft SQL Server 2008 Express
  • Microsoft SQL Server 2008 R2 Standard recommended
Web Browsers
  • Microsoft Internet Explorer 9 or later
  • The latest version of Google Chrome
  • The latest version of Mozilla Firefox

Agent

Hardware
RAM:
  • 512 MB minimum for Windows XP
  • 1 GB minimum for other operating systems
Available Disk Space:
  • 3 GB minimum for Windows XP, Vista, 7, 8, or 8.1
  • 3 GB minimum for Windows Server operating systems
Software
  • Windows Vista Service Pack 1 (32-bit and 64-bit)
  • Windows XP Service Pack 3 (32-bit)
  • Windows 7 (32-bit and 64-bit)
  • Windows 8 (32-bit and 64-bit)
  • Windows 8.1 (32-bit and 64-bit)
  • Windows 10 (32-bit and 64 bit)
  • Windows Server 2003 (32-bit and 64-bit)
  • Windows Server 2003 R2 (32-bit and 64-bit)
  • Windows Server 2008 (32-bit and 64-bit)
  • Windows Server 2008 R2 (64-bit)
  • Windows Server 2012 (32-bit and 64-bit)
  • Windows Server 2012 R2 (64-bit)

Root cause analysis and impact assessment

Get complete visibility into the attack vector, spread, and extent of the impact of advanced threats across endpoint, servers, and email. Incident response staff can quickly perform impact assessments, determine the root cause of the detection, and take proactive measures to remediate and update security.

Layering in global threat intelligence, the Trend Micro Smart Protection Network? provides clarity and assistance to threat investigators. And with access to the Trend Micro Threat Connect service, you have a comprehensive database of threat information.

Sweeping and hunting

Perform multiple IOC searches (or sweeping) with multiple parameters, like specific communications and malware, registry and account activity, and running processes.

Investigators can also search using industry standard OpenIOC or YARA rules and perform threat hunting based on indicators of attack (IOAs). This allows investigators to develop attack discovery rules or work with the IOAs provided by Trend Micro to hunt for threats.

Automated and integrated response

Automatically isolate, quarantine, block executions, roll back settings (and files, in the case of ransomware), with the option for investigators to also manually respond while performing an investigation. Endpoints can be isolated, processes can be terminated, and security intelligence can be automatically updated on a per-user or enterprise-wide basis.

Extend your detection and response capabilities

Managed XDR service

We offer 24/7 alert monitoring, alert prioritization, investigation, and threat hunting as a managed service. Trend Micro Managed XDR includes standard or advanced service packages across email, endpoints, servers, cloud workloads, and network.

XDR: multilayered detection and?response

A solution for extending detection and response across email, endpoint, server, cloud workloads, and networks.

Get started with EDR

cad画散点图