Call a Specialist Today! 866-981-2998

Trend Micro Endpoint Sensor (EDR)
Get more out of endpoint detection and response (EDR)


Endpoint Sensor (EDR)



Trend Micro does EDR better


Advanced threat hunting, investigation, and remediation in a single view.


Trend Micro Products
Trend Micro EDR with Worry-Free Services
Worry-Free Services with EDR Add-on 2-25 Users
*Price per User, quantities 2-25
#WFNN0168
Our Price: $74.75
Worry-Free Services with EDR Add-on 26-50 Users
*Price per User, quantities 26-50
#WFNN0169
Our Price: $61.26
Worry-Free Services with EDR Add-on 51-250 Users
*Price per User, quantities 51-250
#WFNN0170
Our Price: $57.54
Worry-Free Services with EDR Add-on 251+ Users
*Price per User, quantities 251+
#WFNN0171
Our Price: $56.32

Overview:


Superior detection

Leverage a full portfolio of advanced detection techniques against an ever-growing variety of threats and targeted attacks. By integrating endpoint protection and EDR in a single agent, Trend Micro offers a comprehensive detection and response solution with automation and remediation capabilities.

XDR capabilities with Trend Micro

Take advantage of the options to extend endpoint detection and response capabilities to other security vectors, including email, servers, cloud workloads, and network and benefit from correlated detections and more insightful investigations.

Single view with integrated workflows

View detections, perform investigations, and initiate response from a single place for endpoints alone or across other Trend Micro security layers.


Root cause analysis and impact assessment

Get complete visibility into the attack vector, see the spread and extent of the impact of advanced threats. Incident response staff can quickly perform impact assessments, determine the root cause of the detection, and take proactive measures to remediate and update security.

Layering in global threat intelligence provides threat investigators with clarity, assistance, and a comprehensive database of threat information.

With Trend Micro EDR, endpoint analysis can be done in context of other security layers, empowering SOC and security analysts with a single source to run a root cause analysis, look at the execution profile of an attack (including associated MITRE ATT&CK TTPs), and identify the scope of impact across assets.

EDR Root Cause Analysis



EDR Without Compromise

Sweeping and hunting

Perform multiple indicators of compromise (IoC) searches (or sweeping) with multiple parameters, like specific communications and malware, registry and account activity, and running processes.

Investigators can also search using industry standard OpenIoC or YARA rules and perform threat hunting based on indicators of attack (IoAs). This allows investigators to develop attack discovery rules or work with the IoAs provided by Trend Micro to hunt for threats.

By leveraging XDR across other Trend Micro solutions, analysts can sweep for IoCs or IoAs across the whole environment (messaging, endpoint, server, network) as a single action for a holistic view of which threats may reside within the enterprise.


Key Features

Integrated workflow

Threat hunting and detection investigation is performed within the workflow and console of Apex One and shows investigations across connected emails and servers. No more moving from one console to another.

Efficient endpoint recording

Endpoint Sensor records and stores information on system behaviors, communications and user behaviors. Metadata on this information is sent to the Apex One server to allow investigators to “sweep” for indicators of compromise (IoCs)

Server side IoC sweeping

The Apex One server only stores essential metadata of end user recorded data (or telemetry). This allows investigators to perform multiple searches or sweeps of this data without having to query each endpoint individually. In addition, detailed root cause investigations can be made on each endpoint directly.

Flexible searching

Investigators can search (or sweep) with multiple parameters. Searches can be made on parameters such as, specific communications, specific malware, registry activity, account activity, and running processes. Or investigators can search using industry standard OpenIOC or YARA rules.

Root cause analysis

Investigators can drill down on an interactive process tree that illustrates the full chain of attack to analyze how the detection arrived, changed, and spread by viewing activities, objects, and processes. Immediate response can be taken to terminate processes, isolate users, update security, and to sweep further.

Vendor intelligence and assistance

Layering in proactive global threat intelligence, the Trend Micro™ Smart Protection Network™ provides clarity and assistance to threat investigators. Endpoint Sensor recognizes known good objects and processes as well as known bad. Investigators can view a colour-coded root cause analysis to identify risky or unknown processes and guide in the remediation. Investigators can also access Trend Micro™ Threat Connect™ service to research our database of threat information.

Immediate response options

Apex One already provides advanced automation to remediate detections. It can automatically isolate, quarantine, block executions, roll back settings (and files, in the case of ransomware), with the option to manually respond while performing an investigation. Endpoints can be isolated, processes can be terminated, and security intelligence can be automatically updated on a per-user or enterprise-wide basis.

Advanced threat hunting

Threat hunting, based on indicators of attack (IoAs), allows investigators to develop attack discovery rules or work with the IoAs provided by Trend Micro to hunt for threats.

Open APIs

Many customers want to be able to leverage their security operations tools. Apex One has multiple built-in documented application programming interfaces (APIs) that allow the product to work with these tools.

Sandbox integration

Security investigators can select objects and manually submit them to Trend Micro sandboxes. Suspicious objects can be sent to our Trend Micro™ Deep Discovery™ network security sandboxes on-premises, or to Trend Micro Apex One™ Sandbox as a Service subscription option.

How It Works

  1. Endpoints with Trend Micro™ Apex One Endpoint Sensor enabled, and emails with Trend Micro™ Cloud App Security, will record system behaviors, user behaviors, and communications.

  2. Activity and detection data from these servers, endpoints, and emails is sent to the Trend Micro™ XDR data lake.

  3. When a detection is made, investigators can search through the data to understand the impact analysis of the detection to understand how far has it spread and who else has been compromised.

  4. Detection

  5. A full root cause analysis allows investigators to understand the cause of the detection and immediately implement a response that includes remediating affected systems and updating Apex One and Cloud App Security to block similar attacks in the future.

  6. Investigation

  7. Alternately, before a detection, investigators can search for IoAs by using various search parameters or with IoCs and YARA rules.

  8. Searching

Minimum Agent Requirements

Apex One Endpoint Sensor is available as an optional add-on to Apex One endpoint protection. It is available on-premises along with Apex One or in SaaS along with Trend Micro Apex One™ as a Service.

Apex One Endpoint Sensor is supported on the following endpoints with Apex One:

Windows

  • Windows 7 SP1 (6.1)
  • Windows 8.1 (6.3)
  • Windows 10 (10.0)

Hardware: 2 GB minimum RAM, 2 GB available disk space (3 GB recommended)

Mac

  • macOS™ Mojave 10.14
  • macOS™ High Sierra 10.13
  • macOS™ Sierra 10.12
  • OS X™ El Capitan 10.11
  • OS X™ Yosemite 10.10 or later
  • OS X™ Mavericks 10.9.5 or later

Hardware: Intel Core™ processor, 512 MB RAM minimum, 300 MB minimum disk space

Trend Micro Products
Trend Micro EDR with Worry-Free Services
Worry-Free Services with EDR Add-on 2-25 Users
*Price per User, quantities 2-25
#WFNN0168
Our Price: $74.75
Worry-Free Services with EDR Add-on 26-50 Users
*Price per User, quantities 26-50
#WFNN0169
Our Price: $61.26
Worry-Free Services with EDR Add-on 51-250 Users
*Price per User, quantities 51-250
#WFNN0170
Our Price: $57.54
Worry-Free Services with EDR Add-on 251+ Users
*Price per User, quantities 251+
#WFNN0171
Our Price: $56.32

Ready to Get Started with Trend Micro EDR?

From offering expert advice to solving complex problems, we've got you covered. Get in touch with an XDR Solutions Specialist today to learn more!