Trellix Advanced Correlation Engine Description
Zero-day threat detection. Analyze all events to detect immediate threat and risk. This will help you determine if your company was affected by a specific attack. To detect signs of a greater threat, it is important to link all logs, events, network flows, and other information, such as identity, roles and vulnerabilities, together. Rule-less correlation systems replace detection signatures with a single-time configuration that provides real-time threat detection. Notifications will be sent to specific users, groups and servers if they are under threat. Get the processing power you need to support rich event correlation throughout your entire enterprise. Streamline startup and event correlation. Trellix Advanced Correlation Engine doesn't require rule updates or signature tuning. Audit trails and historical replays can be used to support forensics and compliance as well as rule tuning. To analyze threat conditions over time, keep a complete audit trail.