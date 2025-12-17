Trellix announced Trellix NDR innovations, strengthening OT-IT security with integrated visibility across complex environments, enhanced detection capabilities, and automated investigation and response to reduce the threat detection-to-response gap.

“We know cybercriminals are increasingly targeting the OT-IT boundary, where threats can hide in the absence of complete visibility,” said Rohit Unnikrishnan, SVP Product Management, Trellix. “To keep pace, organizations must prioritize proactive defense with enhanced perimeter visibility and enriched intelligence extending across environments for greater resilience and risk management.”

Threat actors focus on the IT/OT boundary as an easier, scalable entry point, establishing lateral movement by compromising systems bridging the networks. The need for OT-IT security convergence to strengthen perimeter defense and build resilience is apparent, with 82% of CISOs believing failure to converge OT and IT security will increase organizational risk and compliance exposure.

Infused with threat intelligence, Trellix NDR provides deep behavioral detections, threat prioritizations, and visibility across East-West and North-South network traffic. Additionally, Trellix NDR released a certified integration with Nozomi Networks to extend visibility into an OT environment without needing an agent installed.

With sensors in place in the OT architecture, Trellix has the ability to detect anomalies within the OT traffic and bridge the IT and OT SOC visibility, supporting threat hunting and forensics within the OT environment. SOC teams are empowered with faster threat detections, OT-IT security convergence, increased visibility, high-fidelity alerts, automated triage and containment, and reduced analyst workload.

Benefits of Trellix NDR include:

Enhanced OT-IT visibility for strengthened defense: Trellix NDR’s certified integration with Nozomi Networks correlates Nozomi Networks AI-powered alerts, assets, insights, and network behaviors with enterprise traffic for unified IT/OT visibility and enhanced perimeter defense.

Hyperautomation for narrowed detection-to-response gap: Trellix Hyperautomation for Trellix NDR offers a no-code, drag-and-drop workflow builder to automate response and security processes, significantly reducing the mean time to detect and respond to threats like encrypted traffic detections, lateral movements, and DNS tunneling.

Trellix NDR protects organizations from advanced threats by providing visibility into their extended network infrastructure and enabling security teams to accelerate and automate investigation and response. Greater visibility across environments gives teams the context they need to detect, contain, and resolve issues before they escalate, reinforcing protection for critical infrastructure and supporting compliance.