Trellix accelerates threat detection and response with GenAI capabilities

Trellix announced its generative artificial intelligence (GenAI) capabilities, built on Amazon Bedrock and supported by Trellix Advanced Research Center.

Amazon Bedrock is a fully managed service from AWS making foundation models (FMs) from leading AI companies accessible via an API to build and scale generative AI applications. By expanding its relationship with AWS, Trellix continues to make investments in GenAI to provide customers with accelerated threat remediation and improved support.

Adopting a comprehensive threat detection and response program is essential for reducing cyber risk. Every second counts when identifying and responding to threats, and the majority of CISOs struggle with resource shortages. With Trellix GenAI and Amazon Bedrock, SecOps teams will be able to more quickly accelerate from detection to investigation through response, helping constrained security analysts be more efficient.

“As security threats evolve, businesses require innovative solutions to quickly move from detection to mitigation, and the ability to communicate cyber and business risk in simple language,” says John Morgan, GM XDR, Trellix. “AWS enables Trellix to continue delivering transformative products to our customers, leveraging the power of GenAI to accelerate their cybersecurity initiatives.”

Customers receive the following benefits:

• Accelerated threat detection and response: AI-guided investigations quickly assess the risk of cyber detection events, lowering the signal-to-noise ratio, and reducing the time to respond.
• Enhanced customer support: The Trellix customer support chatbot is capable of answering almost any question covered in Trellix documentation, removing the need and extra time it takes to search across product documentation.
• Automated content development: Partnering with Trellix Professional Services and leveraging the Trellix XDR Platform’s expansive ecosystem, playbook workflows, custom rule development, and product integrations are expedited through AI-powered tooling, adapting to customers’ unique environments.

“We partnered with Trellix to explore new ways to automate investigations,” says Chuck Lerch, CXO Head of Cybersecurity, Cyberuptive. “In this groundbreaking work, we combined Trellix XDR Platform’s rich data and investigative playbooks with LLMs running on AWS to make comprehensive assessments of alerts. The results are providing useful insights and showing the value of being able to focus on security research instead of how to run an LLM at scale.”

Trellix and AWS believe in responsible AI with data privacy at the core, allowing users to custom-train AI output while keeping data and results private. Additionally, Trellix follows an ethical-use AI technology policy and is actively engaged with influential entities, including the Open Worldwide Application Security Project (OWASP), World Economic Forum (WEF), National Security Telecommunications Advisory Committee (NSTAC), UK, EU, and other governments to educate and provide input to proposals to govern the responsible use of AI.

“Amazon Bedrock is built with security and privacy in mind and makes it easy for customers to easily and securely experiment with a variety of top foundation models (FMs) and customize them privately using their proprietary data,” said Atul Deo, GM of Amazon Bedrock, AWS. “As one of the early adopters, Trellix integrated Amazon Bedrock capabilities into threat detection services to analyze evidence and provide AI-powered suggestions to help customers determine the severity of an alert. Through this integration, we look forward to customers using the power of generative AI to help identify and remediate cybersecurity threats.”