Skip to content

Deep Discovery

Proven protection against targeted attacks, advanced persistent threats, and ransomware

 

Trend Micro Deep Discovery enables you to detect, analyze, and respond to today’s stealthy ransomware, and targeted attacks in real time. Deep Discovery provides proven ransomware and advanced threat protection that interoperates and integrates with your security infrastructure. So you have a comprehensive defense tailored to protect your organization against targeted attacks, advanced threats, and ransomware.

  • Proven detection rates—using specialized engines, custom sandboxing, and seamless correlation across the entire attack lifecycle
  • In-depth analysis—correlation of local and global threat intelligence
  • Rapid response—ability to detect and block spear phishing attacks and to share IOC intelligence with both Trend Micro and third party security investments

 


Say NO to ransomware
Over 100 million threats blocked and counting

Protect yourself

Trend Micro Deep Discovery Inspector

Deep Discovery Inspector

Deep Discovery Inspector is a physical or virtual network appliance that monitors 360-degrees of your network to create complete visibility into all aspects of targeted attacks, advanced threats, and ransomware. Deep Discovery Inspector monitors all physical, virtual, north-south, and east-west traffic, all network ports, and more than 100 protocols. It delivers the most effective detection of targeted attacks, advanced threats and ransomware in a single appliance.

Through use of extensive detection techniques, monitoring of all network activity, custom sandbox analysis, and correlated threat intelligence, Deep Discovery Inspector can detect and analyze malware, command and control (C&C) communications, and evasive attacker activities that are invisible to standard security defenses.

Deep Discovery Inspector delivers tangible ROI through flexible options to deploy as a single hardware or a virtual appliance based on network throughput. Deep Discovery can enhance existing investments in NGFW/IPS, SIEM and gateways by sharing In-depth threat intelligence with your other Trend Micro and third party security products to create a real-time defense against targeted attacks, advanced threats, and ransomware.

READ DATASHEET WATCH VIDEO

White papers

Deepdiscovery Pdf

Webinar Image

See how University of New Brunswick enhanced its cyber security capabilities

Watch now


 



Key Features

Inspect all network content
Monitors all traffic across physical and virtual network segments, all network ports, and over 100 network protocols to identify ransomware, targeted attacks, and advanced threats anywhere on your network.

Extensive detection techniques
Utilizes file, web, IP, mobile application reputation, heuristic analysis, advanced threat scanning, custom sandbox analysis, and correlated threat intelligence to detect ransomware, zero-day exploits, advanced malware, and attacker behavior.

Custom sandbox analysis
Uses virtual images to precisely match your operating system configurations, drivers, installed applications, and language versions. This improves the detection rates of ransomware and advanced threats that are designed to evade standard virtual images. The custom sandbox environment includes safe live mode access to identify and analyze multi-stage downloads, URLs, C&C and more. Sandboxing capabilities are offered as part of an integrated appliance, or as a scalable standalone capability.

Deep Discovery Inspector's proven detection and correlated threat intelligence enable you to:

  • Detect targeted attacks, advanced threats, and ransomware anywhere on your network
  • Establish visibility into the entire attack lifecycle with the flexibility to customize insight
  • Rapidly respond to attempts by unwanted third parties to monetize your data, intellectual property, and communications

Nss-badge-2015
Get the report.


Say NO to ransomware
Over 100 million threats blocked and counting

Protect yourself

 

Trend Micro Deep Discovery Email Inspector

Deep Discovery Email Inspector

Trend Micro™ Deep Discovery™ Email Inspector uses advanced detection techniques to identify and block spear phishing emails that are often used to deliver ransomware and advanced malware to unsuspecting employees. By working seamlessly and in tandem with your existing secure email gateway, Email Inspector can detect and block purpose-built spear phishing emails which use malicious attachments and URLs as a common delivery vehicle for targeted attacks, advanced threats, and ransomware. Deep Discovery Email Inspector can be deployed in MTA (blocking), BCC mode (monitor only), or SPAN/TAP mode.

READ DATASHEET  WATCH VIDEO

 

 



Key Features

Email attachment analysis
Examines email attachments using multiple detection engines, and sandboxing. Attachments analyzed include a wide range of Windows executables, Microsoft Office, PDF, Zip, Web content, and compressed file types.

Document exploit detection
Specialized detection and sandboxing techniques discover malware and exploits delivered in common office documents.

Custom sandboxing
Sandbox simulation and analysis is done using environments that precisely match your desktop software configurations.

Embedded URL analysis
URLs contained in emails are analyzed using reputation, content analysis, and sandbox simulation.

Password intelligence
Unlocking of password-protected files and Zip files is attempted using a variety of heuristics and customer-supplied keywords.

Management and deployment flexibility
Granular email examination and handling policies provide controls suitable to secure any environment. The Email Inspector can be deployed in tandem with any email security solution, and functions in either MTA (blocking) or BCC (monitor) modes.

Integration and intelligence sharing
New detection intelligence (C&C, other IOC information) can be shared with other security products.
 

Deep Discovery Email Inspector’s proven detection and sharing of threat intelligence enable you to:

  • Detect and block spear phishing emails containing targeted attacks, advanced threats, and ransomware
  • Analyze of email attachments and URLs, including Office Docs (+macros), PDFs, archives, executables, scripts, multimedia, and more
  • In-depth virtual analysis of URLs, including URLs embedded in body or subject of messages and URLs embedded within documents
  • Script emulation and zero-day exploit detection to detect advanced malware, ransomware, and related activity, including mass file modifications, encryption behavior, and other modifications
  • Stop attempts by unwanted third parties to monetize your data, intellectual property, and communications

Trend Micro Deep Discovery Endpoint Sensor

Deep Discovery Endpoint Sensor

Deep Discovery Endpoint Sensor is a context-aware endpoint security monitor that records and reports detailed system-level activities to allow threat analysts to rapidly assess the nature and extent of an attack. Deep Discovery attack intelligence and other IOCs can be used to match endpoint tracking data to verify infiltrations and uncover the full context and timeline of an attack.

Investigations can use individual parameters, OpenIOC and YARA files, or detection intelligence from Trend Micro products. They can be executed from a dedicated console or within Trend Micro Control Manager.

READ DATASHEET WATCH VIDEO

 



 

Key Features

Endpoint event recording
Endpoint Sensor uses a lightweight client to record significant endpoint activity and communication events at the kernel level. It tracks these events in context across time, providing an in-depth history that can be accessed in real time by analysts.

Rich search parameters
Endpoints can be queried for specific communications, specific malware, registry activity, account activity, running processes, and more. Search inputs can be individual parameters, OpenIOC files, or YARA files.

Multi-level contextual analysis and results
Interactive dashboards include a sandbox-like view of activity over time, cross-endpoint activity timelines, results drill-down, and export of investigation results.

Standalone and Trend Micro Control Manager search and analysis
Searches can be executed from the Endpoint Sensor console or within the Control Manager console, leveraging IOC and activity data from other products.

On-premises, remote, and cloud
Endpoint Sensor reports and records detailed system-level activities across Windows-based servers, desktops, and laptops, regardless of location.

Deep Discovery’s custom detection, intelligence, and controls enable you to:

  • Detect and analyze your attackers
  • Immediately adapt protection against attack
  • Rapidly respond before sensitive data is lost

Trend Micro Network Defense

The Deep Discovery platform is the foundation of the Trend Micro Network Defense, weaving your security infrastructure into a comprehensive defense tailored to protect your organization against targeted attacks.


Say NO to ransomware
Over 100 million threats blocked and counting

Protect yourself

 

Trend Micro Deep Discovery Analyzer

Deep Discovery Analyzer

Trend Micro™ Deep Discovery™ Analyzer provides advanced sandbox analysis to extend the value of security products such as endpoint protection, web and email gateways, network security, and other Deep Discovery offerings. Suspicious objects or URLs can be automatically or manually sent for analysis. Using extensive detection and anti-evasion techniques, Deep Discovery Analyzer can detect ransomware, advanced malware, zero- day exploits, command and control (C&C) and multi-stage downloads resulting from malicious payloads or URLs on Windows and Mac OS systems. Deep Discovery Analyzer can also share threat insight automatically with both Trend Micro and third party products.

READ DATASHEET WATCH VIDEO

 



Key Features

Advanced detection methods
Uses static, heuristic and behavior analysis, and web and file reputation, to detect ransomware and advanced threats. Suspicious samples can be submitted automatically or manually to detect multi-stage malicious downloads, outbound connections and C&C from malicious attachments and URLs.

Custom sandbox analysis
Uses virtual images to precisely match your operating system configurations, drivers, installed applications, and language versions. This improves the detection rates of ransomware and advanced threats that are designed to evade standard virtual images. The custom sandbox environment includes safe live mode access to identify and analyze multi-stage downloads, URLs, C&C and more. Sandboxing capabilities are offered as part of an integrated appliance or as a scalable standalone capability.

Automated threat sharing
Leverages existing security investments by sharing ransomware and threat insight with Trend Micro and third party products.

Flexible deployment options
Deploys as a standalone sandbox service or as additional sandbox capacity for other Deep Discovery products. Deep Discovery Analyzer appliances can be clustered for high availability or configured for a hot or cold backup.

Deep Discovery Analyzer’s advanced detection methods, custom sandbox analysis, and automated threat sharing enable you to:

  • Enhance the value of existing security investments by adding the ability to detect ransomware and advanced malware embedded in payloads and URLs
  • Expand the sandbox processing capacity of other Deep Discovery appliances

Connect with us on