To accurately detect and stop dynamic, never-before-seen exploits and malware, organizations need intelligence-led threat detection that evolves at the speed of the threat space. They also need contextual insight to accelerate resolution of security incidents with concrete evidence, actionable intelligence, and frictionless workflow integration.
IVX is a signature-less, dynamic analysis engine that captures and confirms zero-day, and targeted APT attacks. IVX identifies attacks that evade traditional signature-based defenses by detonating suspicious files, web objects, URLs, and email attachments within a proprietary hypervisor instrumented for over 200 potential simultaneous executions. IVX accelerates incident response by enabling analysts to visualize how malware is behaving within the virtual image and securely interact with malware to test effectiveness of countermeasures.
Available on prem or as a cloud-native service Trellix IVX delivers proven, flexible analysis capabilities wherever you need to quickly inspect and verdict potentially malicious content. SOC analysts can manually submit objects for inspection and insight. Or seamlessly integrate IVX with enterprise applications— built or bought—for continuous and frictionless protection.
Objects are executed against a range of browsers, plug-ins, applications, and operating environments. The signatureless IVX engine identifies the use of zero-day exploits, confirms a Web attack is underway, and blocks callbacks and subsequent malware downloads over multiple protocols.
All attachments can be safely and accurately analyzed to identify zero-day exploits. Beyond signature- and reputation- based systems, the IVX engine can detect if previously legitimate files have been weaponized and sent via spear phishing email to penetrate enterprise defenses.
The IVX engine can be used to scan CIFS-compatible file shares to detect and stop advanced targeted attacks embedded within weaponized Microsoft Office files, images, PDFs, Flash, or ZIP/RAR/TNEF archives.
Emails, MS 365 documents, PDF, and archive files, files downloaded through URLs (including FTP links), obfuscated, spoofed, shortened and dynamically redirected URLs, and credential-phishing and typosquatting URLs
The IVX engine analyzes and confirms true, zero-day malware, such as Trojans, targeted attacks, bots, VM-aware malware, and advanced persistent threats.
Verdict known and zero-day attacks while simultaneously eliminating false positives. The multi-stage inspection process unifies virtualization and network security to accurately block advanced malware that are used to penetrate networks and steal resources and sensitive data.
built-in countermeasures designed specifically for malware analysis. This hypervisor enables peak performance and the ability to detect sandbox aware and evasion tactics used by many sophisticated malware objects.
Available on prem or as a cloud-native service, Intelligent Virtual Execution rapidly scans submitted content to identify malware.
You can easily configure access to Intelligent Virtual Execution through an API for easy integration into your security operations center workflow.
In addition to receiving a verdict, you also get supporting contextual detail, such as file, registry, process, and network changes, as well as MITRE ATT&CK mapping and other relevant findings from continually updated Trellix Global Threat Intelligence.
Intelligent Virtual Execution integrates with cloud services like AWS and Azure, collaboration platforms such as Slack, MS 365 and Google Workspace and cloud storage tools like Dropbox, Box, OneDrive.
It also integrates with many enterprise applications such as Salesforce, Webex, Slack, Microsoft Teams, and much more. You can easily integrate with applications that don’t already have a plug-in through our easy-to-use API.
Our team of experts is ready to help you find the perfect solution for your business needs. Get personalized advice and competitive quotes.
We're here to help with any questions
