Skip to content

More Options

Deep Discovery: Advanced network security

Proven protection against targeted attacks and advanced persistent threats


The Trend Micro Deep Discovery threat protection platform enables you to detect, analyze, and respond to today’s stealthy, targeted attacks in real time. Deployed as individual components or as a complete cyber security platform, Deep Discovery provides advanced threat protection where it matters most to your organization. The Deep Discovery platform is the foundation of the Trend Micro Network Defense, integrating your security infrastructure into a comprehensive defense tailored to protect your organization against targeted attacks.

  • Highest detection rates—thanks to specialized engines and custom sandboxing
  • In-depth analysis—with local and global threat intelligence correlation
  • Rapid response—using advanced endpoint forensics and shared IOC intelligence

Request a callback    VIEW DATASHEET (PDF)

Trend Micro Deep Discovery Inspector

Deep Discovery Inspector

With 360-degree monitoring of network traffic, Deep Discovery Inspector provides network-wide visibility and intelligence to detect and respond to targeted attacks and advanced threats. Deep Discovery Inspector monitors all ports and more than 80 protocols, giving you the broadest protection available.

Specialized detection engines and custom sandboxing identify and analyze malware, command-and-control (C&C) communications, and evasive attacker activities that are invisible to standard security. In-depth threat intelligence enables a rapid response, and is automatically shared with your other security products to create a real-time network defense against your attackers.

Read datasheet (PDF)

Key features

Comprehensive threat detection
Monitors all ports and 80+ protocols to identify attacks anywhere on your network

Malware, C&C, attacker activity
Uses specialized detection engines, correlation rules, and custom sandboxing to detect all aspects of a targeted attack, not just malware

Custom sandboxing
Uses images that precisely match your system configurations to detect the threats that target your organization

Global threat intelligence
Trend Micro™ Smart Protection Network threat intelligence powers detection and the Threat Connect portal for attack investigation

Broad system protection
Detects attacks against Windows, Mac OS X, Android, Linux, and any system

Single-Appliance simplicity and flexibility
Simplifies security with a single appliance available in a range of capacities, deployable in hardware or virtual configurations

Network Defense solution
Shares indicators of compromise (IOC) intelligence, automatically updating Trend Micro and other security products to protect you from further attack

Trend Micro Deep Discovery Email Inspector

Deep Discovery Email Inspector

Deep Discovery Email Inspector is an email security appliance that uses advanced detection techniques and sandboxing to identify and block the spear-phishing emails that are the initial phase of most targeted attacks. It reduces your risk of attack by adding a transparent inspection layer that discovers malicious content, attachments, and URL links that pass unnoticed through standard email security.

Email Inspector resides on your network in tandem with your existing email gateway or server security products. It can function in either MTA (blocking) or BCC (monitor only) mode, and requires no policy or management changes to your existing products.

Read datasheet (PDF)

Key features

Email attachment analysis
Examines email attachments using multiple detection engines, and sandboxing. Attachments analyzed include a wide range of Windows executables, Microsoft Office, PDF, Zip, Web content, and compressed file types.

Document exploit detection
Specialized detection and sandboxing techniques discover malware and exploits delivered in common office documents.

Custom sandboxing
Sandbox simulation and analysis is done using environments that precisely match your desktop software configurations.

Embedded URL analysis
URLs contained in emails are analyzed using reputation, content analysis, and sandbox simulation.

Password intelligence
Unlocking of password-protected files and Zip files is attempted using a variety of heuristics and customer-supplied keywords.

Management and deployment flexibility
Granular email examination and handling policies provide controls suitable to secure any environment. The Email Inspector can be deployed in tandem with any email security solution, and functions in either MTA (blocking) or BCC (monitor) modes.

Integration and intelligence sharing
New detection intelligence (C&C, other IOC information) can be shared with other security products.

Trend Micro Deep Discovery Endpoint Sensor

Deep Discovery Endpoint Sensor

Deep Discovery Endpoint Sensor is a context-aware endpoint security monitor that records and reports detailed system-level activities to allow threat analysts to rapidly assess the nature and extent of an attack. Deep Discovery attack intelligence and other IOCs can be used to match endpoint tracking data to verify infiltrations and uncover the full context and timeline of an attack.

Investigations can use individual parameters, OpenIOC and YARA files, or detection intelligence from Trend Micro products. They can be executed from a dedicated console or within Trend Micro Control Manager.

Read datasheet (PDF)

Key features

Endpoint event recording
Endpoint Sensor uses a lightweight client to record significant endpoint activity and communication events at the kernel level. It tracks these events in context across time, providing an in-depth history that can be accessed in real time by analysts.

Rich search parameters
Endpoints can be queried for specific communications, specific malware, registry activity, account activity, running processes, and more. Search inputs can be individual parameters, OpenIOC files, or YARA files.

Multi-level contextual analysis and results
Interactive dashboards include a sandbox-like view of activity over time, cross-endpoint activity timelines, results drill-down, and export of investigation results.

Standalone and Trend Micro Control Manager search and analysis
Searches can be executed from the Endpoint Sensor console or within the Control Manager console, leveraging IOC and activity data from other products.

On-premise, remote and cloud
Endpoint Sensor reports and records detailed system-level activities across Windows-based servers, desktops, and laptops, regardless of location.

Trend Micro Deep Discovery Analyzer

Deep Discovery Analyzer

Deep Discovery Analyzer is a custom sandbox analysis server that enhances the targeted attack protection of Trend Micro and third-party security products. Deep Discovery Analyzer supports out-of-the-box integration with Trend Micro email and web security products, and can also be used to augment or centralize the sandbox analysis of other Deep Discovery products.

It also provides a Web Services API to allow integration with any product, and a manual submission feature for threat research. Its custom sandboxing environments precisely match target desktop software configurations—resulting in more accurate detections and fewer false positives.

Read datasheet (PDF)

Key features

Scalable sandboxing services
Ensures optimized performance with a scalable solution able to keep pace with email, network, endpoint, and any additional source of samples.

Custom sandboxing
Performs sandbox simulation and analysis in environments that precisely match your desktop software configurations, ensuring optimal detection and low false-positive rates.

Broad file analysis range
Examines a wide range of Windows executable, Microsoft Office, PDF, web content, and compressed file types using multiple detection engines and sandboxing.

Document exploit detection
Discovers malware and exploits that are often delivered in common office documents, using specialized detection and sandboxing.

URL analysis
Performs page scanning and sandbox analysis of URLs that are manually submitted.

Detailed reporting
Delivers full analysis results including detailed sample activities and C&C communications via central dashboards and reports.

Trend Micro integration
Enables out-of-the-box integration with Deep Discovery and Trend Micro email and web security products.

Web services API and manual submission
Allows any security product or authorized threat researcher to submit samples.

Network Defense Integration
Shares new IOC detection intelligence automatically with other Trend Micro solutions and third-party security products.

Social Media

Connect with us on