|Trellix ePolicy Orchestrator
|Smart SOAR can orchestrate dozens of endpoint protection actions in Trellix ePO, including scanning endpoints, ingesting threat events, and updating policies.
|Trellix Enterprise Security Manager
|Smart SOAR connects with Trellix ESM to provide well-informed incident response and investigation management to SIEM alarms. Smart SOAR ingests alarms as well as queries Trellix ESM for related events and contextual data.
|Trellix Intelligent Sandbox
|Smart SOAR can detonate suspicious URLs in Trellix Intelligent Sandbox and ingest the results into incident reports.
|Trellix Network Security
|D3 integrates with Trellix Network Security to quarantine hosts.
By combining Trellix ESM for threat detection with D3 Smart SOAR for incident enrichment and response, you can automatically escalate real threats to incident status in Smart SOAR and assess their criticality through data enrichment and MITRE ATT&CK matrix correlation. Smart SOAR can then trigger an automated response playbook or guide human analysts efficiently through manual steps, all within a single window.
To carry out a post-incident investigation with Trellix products and Smart SOAR, analysts can use prebuilt commands in Smart SOAR to rapidly gather alarm details, event logs, statuses, and other data from a range of Trellix products. Similar commands are available for other tools, giving investigators a centralized console for complex, end-to-end incident investigations.
Our Connected SOAR Security Alliance brings hundreds of vendors together, allowing customers to benefit from our deep industry relationships and fully vendor-agnostic, independent SOAR platform.