Overview
Targeted attacks and advanced threats are customized to evade your conventional security defenses, and remain hidden while stealing your corporate data, intellectual property, and communications, or encrypt critical data until ransom demands are met. To detect targeted attacks and advanced threats, analysts and security experts agree that organizations should utilize advanced detection technology as part of an expanded strategy.
Deep Discovery Inspector is a physical or virtual network appliance that monitors 360 degrees of your network to create complete visibility into all aspects of targeted attacks, advanced threats, and ransomware. By using specialized detection engines and custom sandbox analysis, Deep Discovery Inspector identifies advanced and unknown malware, ransomware, zero-day exploits, command and control C&C communications, and evasive attacker activities that are invisible to standard security defenses. Detection is enhanced by monitoring all physical, virtual, north-south, and east-west traffic. This capability has earned Trend Micro a 100% detection rate and a recommended breach detection system four years in a row by NSS Labs.
Key Benefits
Better Detection
- Multiple detection techniques
- Monitors all network traffic
- Custom sandbox analysis
- Comprehensive threat intelligence
- Increased detection with machine learning
Tangible ROI
- Enhance existing investments
- Flexible deployment options
- Automation of manual tasks
Features
Monitor Everything
Hackers try to exploit unmonitored network ports or use a specific network protocol that isn’t being monitored, but Trend Micro Deep Discovery Inspector provides 360 degrees of visibility by monitoring all network ports and over 105 different protocols. A single Deep Discovery Inspector appliance monitors east-west traffic (also known as lateral movement) and north-south traffic.
Simplified
Let Trend Micro’s security experts and industry-leading artificial intelligence help you monitor and prioritize threats with Trend Micro™ Managed XDR. Trend analysts will monitor, investigate, and provide a response to advanced threats discovered by Deep Discovery Inspector on a 24/7 basis. This service can be extended to cover email, endpoints, and cloud workloads for even more insight into targeted attacks.
Custom Sandboxing
Unlike other sandbox solutions that use a standard OS and apps template, Deep Discovery uses custom sandboxes. Virtual images are used to match operating system configurations, drivers, installed applications, and language versions. Difficult for hackers to evade, they include a “safe live mode” to analyze multi-stage downloads, URLs, command-and-control (C&C), and more. Sandboxing is offered as part of an integrated appliance or as a scalable, stand-alone capability.
Detection and Response with Trend Micro Vision One
- Correlate advanced threat events and prioritize your response
- Press play and watch the attack unfold
- Visualize the attack life cycle at the network layer, including managed and unmanaged devices, such as contractor/third-party systems, IoT and IIoT devices, printers, and BYOD systems
- Augment your internal teams with expert threat monitoring, identification, and analysis through our 24/7 managed detection and response (MDR) service
Prevent Data Breaches
Deep Discovery Inspector is available as a physical or virtual network appliance. It’s designed to quickly detect advanced malware that typically bypasses traditional security defenses and exfiltrates sensitive data. Specialized detection engines and custom sandbox analysis detect and prevent breaches.
Detect Targeted Ransomware
Organizations are increasingly becoming victims of targeted ransomware when advanced malware bypasses traditional security, encrypts data, and demands payment to release the data. Deep Discovery Inspector uses known and unknown patterns and reputation analysis to detect the latest ransomware attacks, including WannaCry. The customized sandbox detects mass file modifications, encryption behavior, and modifications to backup and restore processes.
Prioritize Threats
Security professionals are flooded with threat data coming from numerous sources. Trend Micro™ XDR for Networks helps prioritize threats and provide visibility into an attack. By looking back up to 180 days, you will be able to see the first point of entry, who else in the organization is impacted, and with whom the threat is communicating (for example, command and control).
Want to go further? Combine with other Trend Micro solutions - email, endpoints, servers, and cloud workloads - for correlated detection and integrated investigation and response.
Identify Threats
Leverage standards-based advanced threat intelligence sharing (e.g. STIX/TAXII and YARA) to keep ahead of threats. Trend Micro™ Deep Discovery™ automates the sharing of threat information across Trend Micro and third-party security solutions to strengthen multiple links in the security chain at the same time.
Stop Spear Phishing
Trend Micro Deep Discovery Email Inspector stops targeted ransomware attacks by blocking targeted spear phishing emails before they are delivered.
