Overview
With the ongoing prevalence of data breaches and the greater sophistication and pervasiveness of malware, and in particular ransomware, the UC system is enhancing legacy endpoint security (anti-virus or anti-malware) with next-generation endpoint protection. The UCSB Security Operations Center (SOC) provides endpoint security monitoring through an advanced Endpoint Detection and Response (EDR) tool. The Trellix (formerly FireEye) Endpoint Security (TES) platform is designed to address these new sophisticated attacks with features that go well beyond the capabilities of traditional malware protection.
The Trellix Endpoint Security platform is made available as part of a UC systemwide initiative to help manage and reduce cybersecurity risk.
Capabilities
The Trellix Endpoint Security (TES) agent runs in the background of a system while you do your normal work. What's unique about this software (from other malware or antivirus programs) is that it uses real-time threat intelligence in conjunction with machine learning to quickly detect threats and then automatically act to mitigate any damage utilizing these techniques:
- Signature-based engine to find and block known malware (similar to traditional anti-virus and anti-malware software)
- MalwareGuard machine learning detection using seeded threat intelligence
- Behavior-based analytics engine to stop advanced threats
- Real-Time Discovery of Indicators of Compromise (IOC) using frontline threat intelligence
- Automatic real-time investigation of ongoing security events, greatly expediting incident response and containment
Quick Links
all links redirect to ServiceNow (UCSBNetID required)
- Trellix Endpoint Security - Service Overview
- Trellix Endpoint Security - Dept/Unit Onboarding Process
- Trellix Endpoint Security - Dept/Unit Onboarding Request
- Trellix Endpoint Security - Privacy FAQ
- Trellix Endpoint Security - Understanding and Analyzing Alerts
- Trellix Endpoint Security Agent - Installation and Troubleshooting
- Trellix Endpoint Security Agent - Endpoint Tech Operations Guide
- Trellix Endpoint Security Agent - Endpoint Tech Tips and Tricks
- Trellix Endpoint Security Agent - Testing Real-Time Indicator Detection and Malware Antivirus
- Trellix Endpoint Security Agent - Vendor Documentation
Have questions?
Submit a ServiceNow ticket.