Skip to content

Deep Discovery

Proven protection against targeted attacks, advanced persistent threats, and ransomware

 

Trend Micro Deep Discovery enables you to detect, analyse, and respond to today’s stealthy ransomware, and targeted attacks in real time. Deep Discovery provides proven ransomware and advanced threat protection that interoperates and integrates with your security infrastructure. So you have a comprehensive defence tailored to protect your organisation against targeted attacks, advanced threats, and ransomware.

  • Proven detection rates—using specialised engines, custom sandboxing, and seamless correlation across the entire attack lifecycle
  • In-depth analysis—correlation of local and global threat intelligence
  • Rapid response—ability to detect and block spear phishing attacks and to share IOC intelligence with both Trend Micro and third party security investments

Say NO to ransomware
Over 100 million threats blocked and counting

Protect yourself

Trend Micro Deep Discovery Inspector

Deep Discovery Inspector

Deep Discovery Inspector is a physical or virtual network appliance that monitors 360-degrees of your network to create complete visibility into all aspects of targeted attacks, advanced threats, and ransomware. Deep Discovery Inspector monitors all physical, virtual, north-south, and east-west traffic, all network ports, and more than 100 protocols. It delivers the most effective detection of targeted attacks, advanced threats and ransomware in a single appliance.

Through use of extensive detection techniques, monitoring of all network activity, custom sandbox analysis, and correlated threat intelligence, Deep Discovery Inspector can detect and analyse malware, command and control (C&C) communications, and evasive attacker activities that are invisible to standard security defences.

READ DATASHEET WATCH VIDEO

White papers

Deepdiscovery Pdf

Webinar Image

See how University of New Brunswick enhanced its cyber security capabilities

Watch now


 



Key Features

Inspect all network content
Monitors all traffic across physical and virtual network segments, all network ports, and over 100 network protocols to identify ransomware, targeted attacks, and advanced threats anywhere on your network.

Extensive detection techniques
Utilises file, web, IP, mobile application reputation, heuristic analysis, advanced threat scanning, custom sandbox analysis, and correlated threat intelligence to detect ransomware, zero-day exploits, advanced malware, and attacker behavior.

Custom sandbox analysis
Uses virtual images to precisely match your operating system configurations, drivers, installed applications, and language versions. This improves the detection rates of ransomware and advanced threats that are designed to evade standard virtual images. The custom sandbox environment includes safe live mode access to identify and analyse multi-stage downloads, URLs, C&C and more. Sandboxing capabilities are offered as part of an integrated appliance, or as a scalable standalone capability.

Deep Discovery Inspector's proven detection and correlated threat intelligence enable you to:

  • Detect targeted attacks, advanced threats, and ransomware anywhere on your network
  • Establish visibility into the entire attack lifecycle with the flexibility to customise insight
  • Rapidly respond to attempts by unwanted third parties to monetise your data, intellectual property, and communications

Nss-badge-2015
Get the report.


Say NO to ransomware
Over 100 million threats blocked and counting

Protect yourself

 

Trend Micro Deep Discovery Email Inspector

Deep Discovery Email Inspector

Trend Micro™ Deep Discovery™ Email Inspector uses advanced detection techniques to identify and block spear phishing emails that are often used to deliver ransomware and advanced malware to unsuspecting employees. By working seamlessly and in tandem with your existing secure email gateway, Email Inspector can detect and block purpose-built spear phishing emails which use malicious attachments and URLs, as a common delivery vehicle for targeted attacks, advanced threats, and ransomware. Deep Discovery Email Inspector can be deployed in MTA (blocking), BCC mode (monitor only), or SPAN/TAP mode.

READ DATASHEET  WATCH VIDEO

 

 



Key Features

Transparency
Works seamlessly with an existing spam filter or secure email gateway to detect email spear phishing attacks that may contain ransomware or advanced malware in malicious URLs, and attachments including MS Office macros.

Extensive detection techniques
Detects zero-day exploits, ransomware, advanced malware and suspicious URLs using file, web and IP reputation, heuristic analysis, customised rules, custom sandbox analysis (for attachments and URLs), and correlated threat intelligence.

Custom sandbox analysis
Uses virtual images to precisely match your operating system configurations, drivers, installed applications, and language versions. This improves the detection rates of targeted attacks, advanced threats, and ransomware that are designed to evade standard virtual images. The custom sandbox environment includes safe live mode access to identify and analyse multi-stage downloads, URLs, command and control, and more. Sandboxing capabilities are offered as part of an integrated appliance or as a scalable standalone capability.

Deep Discovery Email Inspector’s proven detection and sharing of threat intelligence enable you to:

  • Detect and block spear phishing emails containing targeted attacks, advanced threats and ransomware
  • Analyse of email attachments and URLs, including Office Docs (+macros), PDFs, archives, executables, scripts, multimedia, and more
  • In-depth virtual analysis of URLs, including URLs embedded in body or subject of messages and URLs embedded within documents
  • Script emulation and zero-day exploit detection to detect advanced malware, ransomware, and related activity, including mass file modifications, encryption behavior and other modifications
  • Stop attempts by unwanted third parties to monetise your data, intellectual property and communications

Trend Micro Deep Discovery Endpoint Sensor

Deep Discovery Endpoint Sensor

Deep Discovery Endpoint Sensor is a context-aware endpoint security monitor that records and reports detailed system-level activities to allow threat analysts to rapidly assess the nature and extent of an attack. Deep Discovery attack intelligence and other IOCs can be used to match endpoint tracking data to verify infiltrations and uncover the full context and timeline of an attack.

Investigations can use individual parameters, OpenIOC and YARA files, or detection intelligence from Trend Micro products. They can be executed from a dedicated console or within Trend Micro Control Manager.

READ DATASHEET WATCH VIDEO

 



 

Key Features

Endpoint event recording
Endpoint Sensor uses a lightweight client to record significant endpoint activity and communication events at the kernel level. It tracks these events in context across time, providing an in-depth history that can be accessed in real time by analysts.

Rich search parameters
Endpoints can be queried for specific communications, specific malware, registry activity, account activity, running processes, and more. Search inputs can be individual parameters, OpenIOC files, or YARA files.

Multi-level contextual analysis and results
Interactive dashboards include a sandbox-like view of activity over time, cross-endpoint activity timelines, results drill-down, and export of investigation results.

Standalone and Trend Micro Control Manager search and analysis
Searches can be executed from the Endpoint Sensor console or within the Control Manager console, leveraging IOC and activity data from other products.

On-premises, remote, and cloud
Endpoint Sensor reports and records detailed system-level activities across Windows-based servers, desktops, and laptops, regardless of location.

Deep Discovery’s custom detection, intelligence, and controls enable you to:

  • Detect and analyse your attackers
  • Immediately adapt protection against attack
  • Rapidly respond before sensitive data is lost

Trend Micro Network Defence

The Deep Discovery platform is the foundation of the Trend Micro Network Defence, weaving your security infrastructure into a comprehensive defence tailored to protect your organisation against targeted attacks.


Say NO to ransomware
Over 100 million threats blocked and counting

Protect yourself

 

Trend Micro Deep Discovery Analyser

Deep Discovery Analyser

Trend Micro™ Deep Discovery™ Analyser provides advanced sandbox analysis to extend the value of security products such as endpoint protection, web and email gateways, network security, and other Deep Discovery offerings. Suspicious objects or URLs can be automatically or manually sent for analysis. Using extensive detection and anti-evasion techniques, Deep Discovery Analyser can detect ransomware, advanced malware, zero- day exploits, command and control (C&C) and multi-stage downloads resulting from malicious payloads or URLs on Windows and Mac OS systems. Deep Discovery Analyser can also share threat insight automatically with both Trend Micro and third party products.

READ DATASHEET WATCH VIDEO

 


Key Features

Advanced detection methods
Uses static, heuristic and behavior analysis, and web, and file reputation, to detect ransomware and advanced threats. Suspicious samples can be submitted automatically or manually to detect multi-stage malicious downloads, outbound connections and C&C from malicious attachments and URLs.

Custom sandbox analysis
Uses virtual images to precisely match your operating system configurations, drivers, installed applications, and language versions. This improves the detection rates of ransomware and advanced threats that are designed to evade standard virtual images. The custom sandbox environment includes safe live mode access to identify and analyse multi-stage downloads, URLs, C&C and more. Sandboxing capabilities are offered as part of an integrated appliance or as a scalable standalone capability.

Automated threat sharing
Leverages existing security investments by sharing ransomware and threat insight with Trend Micro and third party products.

Flexible deployment options
Deploys as a standalone sandbox service or as additional sandbox capacity for other Deep Discovery products. Deep Discovery Analyser appliances can be clustered for high availability or configured for a hot or cold backup.

Deep Discovery Analyser’s advanced detection methods, custom sandbox analysis and automated threat sharing enable you to:

  • Enhance the value of existing security investments by adding the ability to detect ransomware and advanced malware embedded in payloads and URLs
  • Expand the sandbox processing capacity of other Deep Discovery appliances

Connect with us on