Get the advanced threat detection, real-time intelligence, adaptive protection, and rapid response you need to combat targeted network attacks and Advanced Persistent Threats (APTs). Deep Discovery specialized network security uniquely detects and identifies evasive threats in real-time, then provides the in-depth analysis and actionable intelligence you need to protect your organization from attack.
Reduce the risk and impact of APT attacks
Deep Discovery is at the core of the Trend Micro Custom Defence Solution, which enables you to not only detect and analyze APTs, but also to rapidly adapt protection and respond to these attacks. Deep Discovery provides network-wide monitoring powered by custom sandboxing and relevant real-time intelligence to enable early attack detection, enable rapid containment, and deliver custom security updates that immediately improve your protection against further attack.
Deep Discovery’s proven approach provides the best detection with the fewest false positives and the greatest coverage by identifying malicious content, communications, and behavior across every stage of the attack sequence. Through detection and in-depth analysis of both advanced malware and evasive attacker behavior, Deep Discovery provides enterprises and government organizations with a new level of visibility and intelligence to combat APTs and targeted attacks across the evolving computing environment.
Deep Discovery enables advanced threat protection
The Deep Discovery solution is comprised of two components. The Deep Discovery Inspector provides network traffic inspection, advanced threat detection and real-time analysis and reporting. The optional Deep Discovery Advisor provides open, scalable custom sandbox analysis, visibility to network-wide security events, and security update exports—all in a unified intelligence platform.
Trend Micro Deep Discovery advanced threat protection software is unlike any other solution available today. Unlike products that focus on a single point of vulnerability (such as email), Deep Discovery delivers the network-wide visibility, insight, and control you need to effectively combat APTs and targeted attacks. Plus, Deep Discovery integrates your entire security infrastructure into a unique, customized, comprehensive defense. This Custom Defense detects and identifies evasive threats in real time, then provides the in-depth analysis and relevant, actionable intelligence you need to protect your data, network, and users.
Deep Discovery detection engines and sandboxing technology discover advanced malware, command and control (CC) communications, and attacker activity targeting any device on your network—including Android, Mac, and Windows devices.
Deep Discovery is powered by the global threat intelligence that INTERPOL trusts for international investigations—the Trend Micro Smart Protection Network™. And when an attack is discovered, it puts this intelligence at your fingertips to guide a rapid assessment and response.
Deep Discovery does it all in a single platform covering web, email, and virtually all other types of traffic on your network. And with the flexibility of either hardware or virtual appliances, a typical Deep Discovery deployment delivers complete protection for about half the cost of competing (and less effective) solutions.
This network security solution is purpose-built for detecting APT and targeted attacks. Deep Discovery Inspector uses a 3-level detection scheme to perform initial detection, then sandbox simulation and correlation, then ultimately, a final cross-correlation to discover “low and slow” and other evasive attacker activities discernable only over an extended period.
Specialized detection and correlation engines provide the most accurate and up-to-date protection aided by global threat intelligence from Trend Micro Smart Protection Network and dedicated Threat Researchers. The results are high detection rates, low false positives, and in-depth incident reporting information designed to speed the containment of an attack.
Advanced Threat Detection
Deep Discovery Inspector focuses on indentifying malicious content, communications, and behavior indicative of advanced malware or attacker activity across every stage of the attack sequence, using a non-intrusive, listen-only inspection of all types of network traffic.
Threat tracking, analysis, and action
Deep Discovery Inspector provides real-time threat visibility and deep analysis in an intuitive format that allows security professionals to focus on the real risks, perform forensic analysis, and rapidly remediate issues.
Deep Discovery Inspector integrates with leading SIM platforms to deliver improved enterprise-wide threat management from a single SIEM console.
Flexible, high-capacity deployment
Deep Discovery Inspector features a high-performance architecture designed to meet the demanding and diverse capacity requirements of customers of all sizes. The product is available on a full range of hardware, software and virtual appliances supporting multi-gigabit corporate backbones down to remote office locations.
This threat intelligence solution provides expanded threat analysis and visibility into network-wide security events and security update exports.
The Threat Analyzer is an optional component designed to offer in-depth simulation and analysis of potentially malicious sample files including executables and common office documents. It can augment and centralize the simulation of Deep Discovery Inspector as well as provide advanced detection and analysis security for professionals or any security product or service via an open web services interface.
Threat Intelligence Center
The Threat Intelligence Center is a complete analysis environment for event data from the Threat Analyzer as well as security events and logs collected from Deep Discovery Inspector, other Trend Micro products, and third-party solutions. Using these sources and integrated Threat Connect intelligence, Threat Intelligence Center provides in-depth insights to drive risk-based incident assessment, containment and remediation.
Security Update Server
The Security Update Server provides the means to export useful security blocking information learned from Threat Analyzer simulation. This information includes newly identified malicious IP/URL addresses and file hash codes that can be useful to a variety of security products. Deep Discovery Inspector and certain other Trend Micro products automatically receive this information. The information can also be manually exported via CSF files.
Deep Discovery Inspector
Deep Discovery Advisor Hardware Appliance