Call a Specialist Today! 866-981-2998

Trend Micro Threat Intelligence
Keep ahead of the latest threats and protect your critical data with ongoing threat prevention and analysis


Threat Intelligence


#Threat-Intelligence
Get a Quote!

Get a Quote

Keep ahead of the latest threats and protect your critical data with ongoing threat prevention and analysis


Overview
Features
Documentation

Overview

Network security is only as effective as the threat intelligence that powers it. The Digital Vaccine (DV) service includes security filters that cover an entire vulnerability, protecting against all potential attack permutations, not just specific exploits.

DV filters help you gain control of your organization’s patch management life cycle by providing coverage between the discovery of a vulnerability and the availability of a patch, as well as added protection for legacy, out-of-support software. DV filter packages are delivered weekly, or immediately when critical vulnerabilities emerge, and can be deployed automatically with no user interaction required.

Digital Vaccine Service Highlights

  • Weekly distribution of threat intelligence through DV filters are written to cover the entire footprint of a vulnerability, not just specific exploits, resulting in minimal false positives.
  • Pre-emptive protection for undisclosed and zero-day vulnerabilities through exclusive access to vulnerability information from the Zero Day Initiative (ZDI) bug bounty program.
  • Emergency DV filter distributions that may be provided on a prioritized basis as critical vulnerabilities are identified.
  • Detailed information on every DV filter, as well as information on attack events occurring globally via the ThreatLinQ website; which can be used to fine-tune configurations for more comprehensive protection.


Stop Malware and Protect Sensitive Data with ThreatDV

Threat Digital Vaccine (ThreatDV) is a subscription service available to customers that enables the prevention and disruption of malware activity. The combination of reputation feeds and malware filters gives customers added protection for their sensitive data and helps optimize network performance.

The malware filters are designed to detect infiltration, exfiltration, phone-home, command and control (C&C), and mobile traffic. The malware filters are delivered weekly through an Auxiliary Digital Vaccine (Auxiliary DV) package to keep customers protected from the latest advanced threats.

ThreatDV also includes an intelligence feed that works as a global database of malicious or undesirable IPv4, IPv6, and Domain Name System (DNS) names. The reputation database collects data from the Trend Micro Smart Protection Network, the ThreatLinQ global intelligence network, an internal malware repository and honeypot network, third-party commercial sources, and open source blacklists. A threat score of 1 to 100 is assigned to each entry based on analysis of the activity, source, category, and threat. This feed is updated multiple times a day.

In addition, ThreatDV includes a URL reputation feed. Websites on the list are compiled based on their reputation rating from various sources. Targeted websites can come from the ThreatDV feed, a user-defined list of sites, or both. In addition, the integration of TippingPoint and Deep Discovery solutions provides seamless detection and enforcement of detected URL suspicious objects.


ThreatDV Hightlights

  • Blocks drive-by downloads of malware from known malware depots.
  • Disrupts malware activity and prevent its goals such as ransomware, data exfiltration, espionage, click fraud, etc.
  • Detects C&C activity such as configuration download, version checking, remote access, instructions, etc.
  • Intercepts targeted phishing attacks and prevents them from infiltrating your enterprise.
  • Detects and mitigates exploit kits in real time with filters focused on statistical analysis using machine learning primitives.
  • Prevents users from accessing inappropriate or high-security-risk sites.
  • Blocks sites that use fast-fluxing IP addresses by blocking DNS host names.
  • Detects DNS requests from malware-infected hosts attempting to contact their C&C hosts using domain generation algorithms (DGAs).

DVToolkit Key Benefits

  • Provides broad protection with custom filters for proprietary or user-developed applications.
  • Supports the import of open source rules (e.g. Snort signatures); with extended support for Snort primitives, options, and modifiers.
  • Enables customers to define filter triggers or support triggerless filters.
  • Allows for the creation of custom filters in IPv4 and IPv6 environments.
  • Provides centralized management and single point of deployment for both custom-developed and Digital Vaccine filters


Ready to Get Started with Trend Micro?

From offering expert advice to solving complex problems, we've got you covered. Get in touch with an Trend Micro Solutions Specialist today to learn more!