Call a Specialist Today! 800-886-5369


Trellix

Trellix Connect

Power-up advanced use cases with factory-tested and supported content and partner integrations.

Your Trellix SIEM Productivity Kit

Take your pick of ready-to-deploy content packs and Trellix compatible partner integrations. They offer a fast track to onboarding new capabilities in your Trellix SIEM solution and unlock the value of your security analysts and security infrastructure.


Certified Integrations

Start solving critical security use cases without upfront heavy lifting. Integrations undergo extensive testing to deliver pre-validated solutions that are supported by Trellix and its partners.


Pre-built Use Cases

Get up and running fast with expert-built content for connecting, monitoring, and automating security operations.



Quick Set Up & Low Maintenance

Download content packs as you need them, using all or part as you like. Maintenance occurs effortlessly through the regular rules update process.



Easy Customization

Modify and refine these fundamentals to meet your security requirements and environment.


All Trellix Content Packs

Aruba Content Pack

Enhance your understanding of logs ingested by Trellix Enterprise Security Manager from Aruba ClearPass networking devices.

Asset, Threat & Risk Views Content Pack

Gain a high-level view of threats to your important assets based on vulnerability and threat intelligence data, so you can act to prevent malicious access or exfiltration.

Authentication Content Pack

Identify signs of malicious activity through correlation and alerts to suspicious devices and user authentication events.

BASEL II Compliance Content Pack

Simplify your BASEL II compliance requirements and ensure audit success.

Case Management Content Pack

Simplify case management and summarize case status reports quickly so you can get back to protecting your environment faster.

Cofense Content Pack

Leverage visual analytics and metrics to discover which phishing threats are occurring the most and the potential impact rating.

DNS Content Pack

Gain visibility into DNS activity in your environment to effectively detect rogue hosts and compromised or misconfigured systems.

Database Content Pack

Prevent data theft by identifying, monitoring, and reporting on database-specific attacks, audit trail modifications, misconfigurations, and more.

Denial-of-Service Content Pack

Reveal denial-of-service (DoS) attacks, identify a “case zero,” and quarantine the root cause, preventing further impact on your network.

Domain Policy Content Pack

Track domain policy changes in your environment as well as privileged security group membership changes.

EU 8th Directive Compliance Content Pack

Simplify your EU 8th Directive compliance requirements and automate views and reports for meeting compliance demands.

Email Content Pack

Prevent data loss and data leakage by analyzing and getting alerts for data collected from email devices.

Event Views Content Pack

Easily set up summary and customized views to monitor and get alerts on event flows for investigating incidents or searching for evidence of advanced attacks.

Executive Content Pack

Get quick insights and summaries into threat and risk event trends.

Exfiltration Content Pack

Protect your sensitive information from possible insider threats and detect and help prevent data exfiltration.

Exploit Content Pack

Quickly mitigate your vulnerabilities by identifying, tracking, and quarantining possible exploits in your environment.

FISMA Compliance Content Pack

Simplify your FISMA compliance requirements and automate compliance reporting.

Firewall Content Pack

Easily discover abnormal or out-of-place traffic passing through your firewalls, and set alerts for and investigate those events.

Flow Views Content Pack

Quickly set up summary and customized views to monitor network flows for identifying patterns indicative of potential threats.

GIODO Compliance Content Pack

Simplify your GIODO compliance requirements and automate views for meeting compliance demands./p>

GLBA Compliance Content Pack

Simplify your GLBA compliance requirements and automate views for meeting compliance demands.

GPG 13 Compliance Content Pack

Simplify your GPG 13 compliance requirements and automate views for meeting compliance demands.

HIPAA Compliance Content Pack

Simplify your HIPAA compliance requirements and automate views and reports for meeting compliance demands.

Hardware Health Content Pack

Get specific views and reports to monitor your SIEM deployment so you can locate and prioritize potentially malfunctioning or failing components, and proactively identify deployment expansion needs.

ISO 27002 Compliance Content Pack

Simplify your ISO 27002 compliance requirements and automate views for meeting compliance demands.

Interset Content Pack

Rapidly surface insider threats and get contextual information needed to mitigate these threats, including compromised accounts and intellectual property at risk of exfiltration.

Malware Content Pack

Take swift action against malware by easily detecting and tracking malware infections, building a logical workflow for reviewing malware events, and gaining visibility into malware trends specific to your environment.

Trellix Application Control & Trellix Change Control Content Pack

Get single-pane-of-glass visibility into Trellix Application Control and Trellix Change Control events in your environment.

Trellix Application Data Monitor Content Pack

Easily correlate application contents with events and other data feeds, monitoring all the way to the application layer.

Trellix Database Activity Monitoring Content Pack

Get real-time visibility into Trellix Database Activity Monitoring security events, including local privileged user access and sophisticated attacks from within the database.

Trellix Database Event Monitor Content Pack

Find out who is accessing your data and why, detect the loss of data through authorized channels, and generate detailed compliance reports on database activity.

Trellix General Views Content Pack

Get up and running quickly with pre-built common dashboard views for Trellix Enterprise Security Manager system administrators.

Trellix Host Intrusion Prevention System Content Pack

Get single-pane-of-glass visibility into Trellix Host Intrusion Prevention for Server and Trellix Host Intrusion Prevention for Desktop events in your environment.

Trellix Network Security Platform Content Pack

Gain a consolidated view into risky hosts and users, including active botnets, through the integration of Trellix Enterprise Security Manager and Trellix Network Security Platform.

Trellix Threat Intelligence Exchange Content Pack

Integrate Trellix Threat Intelligence Exchange to discover, track, and report on events specific to your environment all from your Trellix Enterprise Security Manager console.

Trellix Web Gateway Content Pack

Discover, track, report on, and protect against emerging web-based malware in your environment.

NERC Content Pack

Simplify your NERC compliance requirements and ensure audit success.

PCI Compliance Pack

Simplify your PCI compliance requirements and ensure audit success.

PhishMe Content Pack

Leverage visual analytics and metrics to discover which phishing threats are occurring the most and the potential impact rating.

Reconnaissance Content Pack

Identify and monitor potential passive or active reconnaissance threat attempts, helping to prevent targeted attacks before they occur.

Risk Correlation Views Content Pack

Correlate critical content and context needed for fast, risk-based decisions.

SOX Content Pack

Simplify your SOX compliance requirements and automate compliance reporting.

Suspicious Activity Content Pack

Track suspicious activity in your environment and link disparate events together into meaningful intelligence to find malware infections.

ThreatConnect Content Pack

Leverage threat intelligence and indicators of compromise to discover new threats and relationships between existing threats.

User Behavior Analytics Content Pack

Understanding user behavior analytics helps you identify threats hidden among your data, increasing security operations accuracy while shortening investigation timelines.

Vormetric Content Pack

Combat data exfiltration and insider threats with valuable contextual information used to report and alert on suspicious and unusual behavior.

Web Filtering and Web Application Content Pack

Discover abnormal or out-of-place web traffic that may indicate a compromise, malware event, adware, spyware, or other unwanted connections.

Windows Authentication Content Pac

Help identify Windows authentication trends that can point to potential issues such as compromised credentials, malicious insiders, and other activities that merit deeper investigation.

Windows Content Pack

Monitor Windows services to assess appropriate use such as proper expected functionality, as well as detect threats such as suspicious activity involving high-value hosts, signs of data exfiltration, and even copyright infringement.

Wireless Access Points Content Pack

Bring transparency to all wireless device activity, discover anomalous or suspicious activity, and promote awareness of wireless system events to ensure quality and continuity of service.