New NDR capabilities aim to improve cybersecurity

Trellix has unveiled its latest innovations in Network Detection and Response (NDR), designed to enhance the protection of Operational Technology (OT) and Information Technology (IT). These advancements aim to deliver visibility, detection, and automated responses to threats, significantly minimising the detection-to-response gap within complex environments.

Rohit Unnikrishnan, Senior Vice President of Product Management at Trellix, highlighted the growing threat landscape, particularly at the OT-IT boundary where visibility is often limited. He stressed the importance of innovations that prioritise proactive defence, enhanced perimeter visibility, and enriched intelligence spanning across environments.

Cybercriminals have increasingly targeted the IT/OT boundary due to potential vulnerabilities in these intricate networks. With 82% of Chief Information Security Officers (CISOs) recognising that failing to integrate OT and IT security will elevate organisational risk, the necessity for convergence in these sectors is paramount.

Trellix's NDR, enriched with threat intelligence, offers detailed behavioural detection and visibility across both East-West and North-South network flows. A new certified integration with Nozomi Networks further enhances OT security without the need for invasive installations, providing anomaly detection within OT traffic.

• Enhanced OT-IT Visibility: Trellix integrates with Nozomi Networks to correlate AI-powered alerts, assets, insights, and network behaviours with enterprise traffic, offering unified IT/OT visibility and fortified defences.
• AI-powered Detections: With multi-layered detection capabilities across the MITRE ATT&CK framework, Trellix's NDR detects and disrupts advanced attacks throughout each phase, facilitating speedy remediation.
• Hyperautomation: The Trellix Hyperautomation feature enables a no-code workflow builder, automating response and security processes. This reduces the time taken to detect and respond to threats like encrypted traffic or DNS tunnelling.

Offering visibility into the comprehensive network infrastructure, Trellix's NDR empowers security teams to investigate, respond, and strengthen their defences against sophisticated, emerging threats. By ensuring greater visibility across environments, teams obtain the context required to contain and resolve issues preemptively. This proactive approach not only protects key infrastructure but also supports compliance initiatives.