Listing Thumbnail

    Trellix Helix Connect with Generative AI (GenAI)

     Info
    Sold by: Trellix 
    Deployed on AWS
    Trellix accelerates your journey to adaptive security operations with AI

    Overview

    Trellix accelerates your SOC maturity from reactive fire-fighting to an adaptive, threat driven-approach. Get out of chaos mode with AI models based on the industrys best threat intelligence, operationalized via the leading XDR platform. The Trellix advantage: - Accelerate your SOC capability and maturity with the AI-powered Trellix XDR Platform. - Gain the broadest perspective on the threat landscape with over 3,000 threat campaigns analyzed and correlated through curated intelligence. - Speed detections and responses by leveraging the industrys best threat intelligence foundation combined with playbooks and orchestrations. - Operationalize threat intelligence through threat modeling, control posture updates, deep AI-guided Investigations, and AI-powered responses. This offer is a Bring your own AI model that integrates seamlessly with Trellix XDR. The Trellix XDR platform includes the ability to ingest event data and incident data across Trellix products and over 1000 third party services, including 13 AWS integrations. Most customers will prefer an AWS Private Offer be extended, which may include customizations to the offering or additional pricing considerations. Not all purchasing options are shown due to the common requirement to customize each deployment of Trellix Helix-Connect and

    Highlights

    • Improve SOC efficiency - Adding AI can do the work of several SOC analysts who are overwhelmed with logs and alerts.
    • Reduce Risk - AI can help organizations focus on the most important threats.
    • Revolutionize your SOC with AI-powered speed, adaptive threat insights, and AI-guided investigations.

    Details

    Categories

    Delivery method

    Deployed on AWS

    Unlock automation with AI agent solutions

    Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
    AI Agents

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Trellix Helix Connect with Generative AI (GenAI)

     Info
    Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    12-month contract (6)

     Info
    Dimension
    Description
    Cost/12 months
    Helix-Connect-100
    Trellix Helix Connect - 100 users - Annual
    $6,300.00
    Helix-Connect-1000
    Trellix Helix Connect - 1000 users - Annual
    $56,700.00
    Trellix-OpenXDR-50GB
    Trellix Open XDR for External Data add-on - 50GB addon
    $21,971.25
    EDR Wise Add-on 1:1TE
    QTY Range 5-250 per user/annual
    $24.15
    EDR Wise Add-on 1:1TE
    QTY Range 251-1000 per user/annual
    $21.60
    EDR Wise Add-on 1:1TE
    QTY Range 1001-2000 per user/annual
    $19.20

    Vendor refund policy

    Refunds are handled on a per case basis.

    How can we make this page better?

    We'd like to hear your feedback and ideas on how to improve this page.
    We'd like to hear your feedback and ideas on how to improve this page.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Resources

    Support

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    10
    In Education & Research
    Top
    10
    In Security

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    0 reviews
    Insufficient data
    Insufficient data
    Insufficient data
    Insufficient data
    0 reviews
    Insufficient data
    Insufficient data
    Insufficient data
    Insufficient data
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Threat Intelligence Integration
    Comprehensive threat intelligence platform analyzing over 3,000 threat campaigns with advanced correlation capabilities
    Cross-Platform Event Ingestion
    Ability to ingest event and incident data across multiple products and over 1,000 third-party services with 13 AWS integrations
    AI-Powered Investigation
    Deep AI-guided investigations with advanced threat modeling and intelligent response capabilities
    Security Operations Automation
    Advanced AI models for operationalizing threat intelligence through control posture updates and automated response mechanisms
    Adaptive Threat Detection
    AI-driven threat landscape analysis enabling proactive and dynamic security threat identification and mitigation
    Threat Detection Mechanism
    Advanced endpoint detection and response (EDR) capabilities with multi-stage threat identification across attack vectors
    Malware Prevention Technology
    Sophisticated prevention-first approach using advanced blocking technologies against broad range of cyber attacks
    Security Investigation Tools
    Unified XDR platform enabling comprehensive threat investigation, detection, and response capabilities
    Attack Vector Coverage
    Multi-layered protection mechanism targeting different stages and types of cybersecurity threats
    Endpoint Protection Framework
    Comprehensive security solution with default strong protection settings and drift identification capabilities
    Threat Detection and Response
    Advanced extended detection and response (XDR) platform with deep and broad threat visibility across multiple digital environments
    Cloud Security Coverage
    Comprehensive security protection for cloud workloads, containers, networks, serverless functions, storage, and open source vulnerabilities
    Global Threat Intelligence
    Cybersecurity platform leveraging decades of security expertise and continuous global threat research
    Multi-Environment Protection
    Security solution spanning cloud, networks, devices, and endpoint protection with integrated monitoring capabilities
    Enterprise Security Platform
    Purpose-built threat defense platform providing unified security management across digital infrastructure

    Contract

     Info
    Standard contract
    No
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    |
    16 external reviews
    Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
    CESARCASTRO

    Enhancements needed for security alerts while ongoing training strengthens defenses

    Reviewed on Jan 03, 2025
    Review provided by PeerSpot

    What is our primary use case?

    I use César for our endpoints, our users, and the services from email and web services, back and forth, and also at the edge of our network. We have contracted firewalls and everything else for networking.

    What is most valuable?

    The product and the services we have are quite good. However, I cannot stay at this level forever. I have to improve continuously and dynamically. 

    Everything is working, and the company is training its personnel. I have had in a few months in the past some attacks on personnel—so phishing, for example. I have spent efforts on training our managers and others - what can software do if the knowledge base is low?

    What needs improvement?

    This year, I am going to improve some tools to be installed or maybe acquire some services to better manage our web services and work with my coworkers. 

    Application fiber also needs attention. Nowadays I am making applications that are publicly seen on the Internet. I need some protection, possibly multi-factor authentication improvements. I am seeing, for workflows, some sort of ethical hacking to test our environment.

    Knowledge of everything, not only the product - maybe some kind of alerts - needs to emerge. I see the current ones as very low-tier, and they must improve.

    For how long have I used the solution?

    I have used Trellix for some years.

    What do I think about the stability of the solution?

    I haven't had any issues. The pricing is very fine and according to the service. Trellix has done a good job reducing threats.

    How are customer service and support?

    I have spent a lot of time with this product. I have contracted support and also have an operating control so I can get various types of support.

    Which solution did I use previously and why did I switch?

    I have used Trellix for some years. In the past, the EDR was McAfee. I have worked with it for around 20 years.

    How was the initial setup?

    The initial setup is a hard issue.

    What about the implementation team?

    I have two contractors that help me support the infrastructure here. One is at the edge of networking, and the other is in the endpoints of our company.

    What was our ROI?

    I don't have any return on this investment. This is just a security policy for everything.

    What's my experience with pricing, setup cost, and licensing?

    I haven't had any really great problems with pricing in the past two or three years.

    Which other solutions did I evaluate?

    Maybe another level of product and support from manufacturers would be better.

    What other advice do I have?

    I have seen companies without any EDR services, and we were lacking information. I started with IDR around four years ago, and the support services were very light. I remember doing many tickets for Trellix support, and my EDR was not properly functioning. I didn't feel the detection or the real protection. My company is one among 17 others that are part of a corporation. I am a member of the IT Security Council.  

    Overall product rating is five out of ten.

    Sampath Acharya

    Helpful to detect malware and threats

    Reviewed on Sep 06, 2024
    Review provided by PeerSpot

    What is our primary use case?

    I use the solution in my company for malware detection. My customers are mostly banking and government organizations.

    What is most valuable?

    The most valuable feature of the solution is its area for threat detection.

    What needs improvement?

    When it comes to some unknown fileless attacks, the tool is not able to detect them properly, making it an area where improvements are required.

    The tool's support needs to improve in the areas of response it provides to users.

    For how long have I used the solution?

    I have been using Trellix Endpoint Detection and Response (EDR) for two and a half years.

    What do I think about the stability of the solution?

    Stability-wise, I rate the solution an eight out of ten.

    What do I think about the scalability of the solution?

    Scalability-wise, I rate the solution an eight out of ten.

    How are customer service and support?

    I rate the technical support a seven and a half out of ten.

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    The solution is SaaS-based, and we have deployed it using the hybrid cloud model.

    The tool's deployment phase is a lengthy process. For one endpoint, it takes 15 to 20 minutes.

    What was our ROI?

    The tool is cost-effective. Many agents need to be installed, and on-premises integration is required.

    What other advice do I have?

    I haven't worked on the tool to see how it works for security workflow.

    My customers have not seen any challenges while working with Trellix Endpoint Detection and Response (EDR) in terms of integrations.

    The tool does not support any AI and security initiatives.

    The tool is suitable for enterprise companies.

    If businesses are completely on the cloud, then the tool is not required. If a company has a hybrid cloud model with an on-premises model, then it will be a good tool to use.

    I rate the tool an eight out of ten.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    RiaanDu Preez

    Has behavior monitoring, DLP, and access control

    Reviewed on Aug 15, 2024
    Review provided by PeerSpot

    What is our primary use case?

    I've used Trellix EDR to improve endpoints and servers' security and feed into MDR solutions.

    What is most valuable?

    The most useful features are behavior monitoring, DLP, and access control. The automation has gotten much better in the last two years than when it was McAfee. It works better now and integrates more smoothly.

    What needs improvement?

    I'd like the tool to become more like an XDR, with one management system and endpoint activation.

    For how long have I used the solution?

    I have been using the solution for seven years. 

    What do I think about the stability of the solution?

    Sometimes, stability issues come from incorrect partner deployments, not Trellix EDR itself.

    What do I think about the scalability of the solution?

    I rate the tool a seven out of ten. To improve it, I'd like a cloud-based management system where I only need to put a correlator at the client's site, as CyberArk does. The best setup would be cloud management, a manager in a VM, and super agents on endpoints.

    How are customer service and support?

    My opinion about technical support might be biased because I have direct access to top-level senior staff. I know some people struggle with support if they go through normal channels.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    Setting up the solution is easy for me because I've been in cybersecurity for almost 30 years, but new users might find it hard. Depending on the client's needs, it can be set up on-premises, in a private or hybrid cloud, or fully in the cloud. Setting it up can take a few days for small environments or months for big companies with thousands of endpoints.

    What's my experience with pricing, setup cost, and licensing?

    Pricing is a problem in South Africa. It could be cheaper here. The rand-to-dollar exchange rate makes it expensive for us. A 25 dollar endpoint cost becomes quite significant when converted to rand.

    What other advice do I have?

    Our clients are usually medium-sized and enterprise businesses. Overall, I would recommend Trellix EDR to others. I'd rate it eight and a half out of ten. No EDR or XDR solution gets a nine from me right now because they all have room for improvement. 

    Abdullah Al Hadi

    Helps to detect and identify critical management activities with dashboard to analyze data

    Reviewed on Aug 12, 2024
    Review provided by PeerSpot

    What is our primary use case?

    We use the solution to detect and identify critical management activities. Within the network level, you can understand what is happening in the environment. Organizations using complex systems for various purposes can easily identify shared activity within the environment. There is a detection base that allows us to identify and manage threat events. The solution also includes licenses for forensic investigations of any attack that occurs. Details can be found within the platform's release at the end of the month or whenever needed. Any Trellix malware activity will be displayed on the dashboard, and the moderating services will be integrated into everything we have built.

    What is most valuable?

    The dashboard makes it easier and more effective to analyze data. It also allows us to access the AWS analytics and system features in one place. If we need to find specific details about an endpoint, we can determine what is happening and how any organization is affected by the data provided.

    What needs improvement?

    The better approach is to apply the necessary improvements to make the dashboard more effective and user-friendly. If simplified, users can investigate issues in more detail by clicking on the relevant sections. Making it simpler would enhance understanding and improve the investigation process. Customers currently using the system can view everything on a single dashboard, which is very effective for understanding all scenarios and activities.

    Customers rely on a single platform When they notice an incident, response, or attack. In SOC analysis teams, especially in banks or traditional organizations, the entire team needs access to the scenario on one platform. This allows them to understand the dashboard and detect any ongoing activity easily. Once they identify an issue, they can proceed with further analysis. Customers need a clear and visible platform that helps them understand when and how their site is being compromised.

    The dashboard is split across different platforms. For example, if you want information on Incident Detection, you have to access one dashboard, and for DLP reporting, there's a separate platform. This fragmentation means you can't access everything from a single dashboard. Instead, you must navigate various options to find the right dashboard. This setup results in a separate view for each function. Ideally, we'd like to consolidate this into a unified platform, making it easier to identify site behaviors from one centralized dashboard.

    For how long have I used the solution?

    I have been using Trellix Endpoint Detection and Response (EDR) as a reseller.

    What do I think about the stability of the solution?

    We initially used McAfee's VSP and Varia System Enterprise products. After transitioning to Endpoint Security, particularly in version 10 or 7, we encountered performance issues on systems running Windows 7. The high resource utilization caused significant slowdowns, leading to numerous complaints, especially from Sakasho. The EDR was consuming too many system resources, which impacted overall performance. However, with the newer versions, like those in the InVision EPO, these issues seem to have been resolved, and the system now operates more efficiently. The current product is expected to be much lighter and more stable.

    I rate the solution’s stability an eight out of ten.

    What do I think about the scalability of the solution?

    I highly appreciate service architecture. They are developing day by day.

    We are an enterprise that provides solutions through Trellix EDR that various external customers use. Our solutions are deployed in a large and diverse environment, including companies, telecoms, and major banks. These organizations rely on our products for their protection needs.

    How are customer service and support?

    There are multiple ways to get support. You can create a case through your partner or support portal by calling. If necessary, you can raise a call and follow up immediately.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    We operate within our environment and country. One of our clients, is interested in using our on-premises solution. They are hesitant to adopt a cloud-based solution due to concerns about data security. They worry that storing data in the cloud could expose it to unauthorized access. They are confused about how the cloud handles sensitive data like CPU data and prefer to keep their information on-premises. However, other banks have embraced cloud solutions and understand their value. Over time, as more companies study and become comfortable with cloud technology, we believe others will also follow and move to the cloud. We hope to maintain their interest in our services.

    What other advice do I have?

    Its machine learning capability is strong, and the AI configurations and system integration enhance its effectiveness. The API solutions added to this system allow us to detect and respond to incidents quickly. The quick response is also due to Edge Solutions and specific-type solutions, enabling us to conduct thorough investigations and generate reports on the platform. 

    I recommend Trellix Endpoint Detection and Response (EDR) because it offers strong capabilities. It’s worth noting that XDR solutions are also available and might be more effective. These XDR solutions are advanced technologies with enhanced features, including improved API integration.

    Overall, I rate the solution an eight out of ten.

    ObaseunAwoyinfa

    Has investigative capabilities with real-time search but lacks supports

    Reviewed on Jun 05, 2024
    Review provided by PeerSpot

    What is most valuable?

    It relies on external systems for detection and then asks the endpoint to handle blocking. However, the most crucial feature is its investigative capabilities. With real-time search and other functionalities, it enables comprehensive detection and response. This capability resembles a layered approach, integrating and correlating all relevant data for thorough investigation.

    What needs improvement?

    Trellix needs to focus on gaining traction with partners and building trust among users. Many users may have moved on due to the name change, but concerns about resource intensity are more related to endpoint security than EDR itself. Improving its position in Gartner's quadrant and enhancing the product's image are crucial.

    For how long have I used the solution?

    I have been using Trellix Endpoint Detection and Response (EDR) for three to four years.

    What do I think about the stability of the solution?

    It's pretty stable.

    What do I think about the scalability of the solution?

    Trellix EDR is designed to scale seamlessly, leveraging cloud infrastructure that eliminates traditional hardware limitations. This allows scalability up to fifteen thousand nodes or even two hundred thousand nodes, depending on the licensing. The cloud-based architecture enables centralized management from anywhere globally, facilitating comprehensive coverage across different geographical locations. In essence, it offers robust scalability and management capabilities.

    For SMBs and enterprises, Trellix EDR typically recommends environments with more than fifty computers. The rationale is that the more computers there are, the greater the likelihood of being targeted by malicious actors. With an EDR solution, there's a better chance of detecting and mitigating malicious activities on your systems. 

    How are customer service and support?

    Support for Trellix EDR is not great. There have been instances where we encountered issues that required support intervention. In some cases, we were unable to resolve the problem ourselves, and escalated it to support. Unfortunately, there were delays in getting responses from support, which sometimes led to frustration and caused us to consider alternative solutions. 

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    Administering Trellix EDR involves specific procedures. For instance, real-time searching requires using predefined keywords, which aren't readily visible unless you consult with Trellix support or a SE. A comprehensive manual simplifying these administrative tasks would greatly enhance usability. Despite this, setting up the product is straightforward and quick, since it operates in the cloud. Connecting to either cloud-based or on-premises APIs is seamless. However, the challenge lies in product administration, which some users might find complex, leading them to opt for alternative solutions over Trellix EDR.

    What was our ROI?

    Trellix EDR provides capabilities similar to AI, significantly aiding your software or IT support team in conducting investigations rapidly. Tasks that might have taken months can now be resolved quickly using the platform. This ability to swiftly identify and address the root causes of attacks is a major advantage. Moreover, by preventing breaches, Trellix EDR helps safeguard data and avoids the need for compliance measures with regulatory bodies. This security is crucial because, in regions like Africa or Nigeria, where certain breaches may go unnoticed, Trellix ensures compliance and transparency, such as mandatory breach reporting in other jurisdictions. Maintaining trust with customers is paramount, as damage to brand reputation can be difficult to repair. Therefore, investing in a solution like Trellix EDR not only protects your organization but also enhances its credibility and operational resilience.

    What's my experience with pricing, setup cost, and licensing?

    Trellix Endpoint Detection and Response (EDR) is not expensive. When compared to competitors, the main difference lies in their flexibility. 

    I rate the product’s pricing a five out of ten, where one is cheap and ten is expensive.

    What other advice do I have?

    Technical personnel often recommend Trellix Endpoint Detection and Response (EDR) for environments that are not necessarily small, but rather SMBs, those with around 50 computers. EDR solutions are increasingly aligned with the evolving threat landscape.

    Trellix EDR provides advantages beyond just detection and response; it facilitates thorough investigation. It operates more like a layered approach, enabling detailed investigation through Trellix Investigator. This allows you to drill down into threats. With real-time search capabilities, you can monitor threats as they occur. Historical search features let you trace when a threat entered the environment and its progression. This granularity extends to file searches and other detailed inquiries, simplifying and enhancing threat management tasks.

    In terms of integration, there is still room for growth. Currently, apart from basic anonymized data sharing, there isn't much integration visible. The ability to leverage EDR with other security solutions seems limited, except perhaps through programming. 

    Trellix EDR has the potential to be among the top EDR solutions with a few adjustments. It could become the best out there. When considering factors like support, pricing, and ease of use, Trellix EDR has the opportunity to excel. However, currently, there are areas where it can enhance user experience, particularly in simplifying tasks that end users might find challenging on the EDR platform. While it promises to enhance security posture and threat detection speed, these improvements may not be immediately apparent to users, impacting their confidence in the product.

    Overall, I rate the solution a seven out of ten.

    View all reviews