Trellix Global Threat Intelligence

Global Threat Intelligence (GTI) is a comprehensive, real-time, cloud-based reputation service, fully integrated into Trellix products.

Enables customers unique global insight into the malicious threat detections seen worldwide by Trellix. Geospatially enabled situational awareness. 
Utilizes the Trellix telemetry data collected worldwide.
Highlights current and emerging threats by highlighting those of particular interest by type, industry sector, geolocation, most seen, etc.
Correlates Trellix telemetry with the latest contextual threat intelligence containing campaign data provided by Trellix's Advanced Research Center (ARC), as well as open-source data.
Provides a dedicated view for campaigns consisting of events, dates, threat actors, IOCs, threat tools, threat categories, MITRE ATT&CK patterns, countries, and more.
Includes dashboards for threat intelligence created by ARC, including vulnerability intelligence consisting of the latest high impact vulnerabilities.
Flexible and dynamic. Users can craft queries and filter results in any view, using any combination of fields present in ATLAS.

Threat data is collected from billions of Trellix product sensor queries around the globe and correlated to produce our threat intelligence.

Trellix products that are integrated with Trellix Global Threat Intelligence can leverage file reputation, file certificate reputation, web reputation, web categorization, IP reputation, and network connection reputation.

Trellix products query GTI in the cloud, and GTI renders the latest reputation or categorization intelligence to the products so that they can take action.

Air-gapped and private networks can benefit from the same Global Threat Intelligence available in the cloud with Private GTI.