Trend Micro Deep Discovery Inspector is an advanced network security appliance designed to detect and prevent targeted attacks and ransomware across an organization's network. It offers comprehensive visibility, custom sandbox analysis, and integration with Trend Vision One for enhanced threat detection and response capabilities.
Vendor
Trend Micro
Company Website
Trend Micro Deep Discovery Inspector is an advanced network security appliance designed to detect and prevent targeted attacks and ransomware across an organization's network. It offers comprehensive visibility, custom sandbox analysis, and integration with Trend Vision One for enhanced threat detection and response capabilities.
Key Features
360-Degree Network Visibility Monitors all network ports and over 105 protocols
- Covers east-west (lateral movement) and north-south traffic
- Single appliance solution for comprehensive network monitoring
Custom Sandbox Analysis Utilizes virtual images tailored to match specific system configurations
- Analyzes multi-stage downloads, URLs, and command-and-control communications
- Includes a "safe live mode" for thorough threat examination
Advanced Threat Detection Employs specialized detection engines and custom sandbox analysis
- Quickly identifies advanced malware that bypasses traditional security
- Detects and prevents data exfiltration attempts
Ransomware Protection Uses pattern and reputation analysis to detect latest ransomware attacks
- Identifies mass file modifications and encryption behaviors
- Detects changes to backup and restore processes
Threat Intelligence Integration Supports standards-based threat intelligence sharing (STIX/TAXII and YARA)
- Provides network analytics for threat prioritization
- Offers historical attack visibility for up to 180 days
Benefits
Enhanced Network Security Provides comprehensive protection against advanced threats
- Detects and prevents breaches across the network
- Offers visibility into both managed and unmanaged devices
Improved Threat Response Integrates with Trend Vision One for advanced event correlation
- Visualizes attack lifecycles at the network layer
- Enables prioritized and efficient threat response
Ransomware Mitigation Detects and blocks targeted ransomware attacks
- Prevents delivery of spear-phishing emails (with Email Inspector)
- Protects against known threats like WannaCry
Extended Detection and Response Offers Managed XDR service for 24/7 threat monitoring
- Includes alert prioritization, investigation, and threat hunting
- Covers email, endpoints, servers, cloud workloads, and networks