Trend Micro Endpoint Sensor uses a lightweight client to record endpoint activity and communication events at the kernel level. The sensor tracks these events in context across time, providing an in-depth history that can be accessed in real time by analysts.
Endpoints can be queried for specific communications, specific malware, registry activity, account activity, running processes, and more. Search inputs can be individual parameters, OpenIOC files, or YARA files.
To get better visibility of advanced attacks, our Managed Detection and Response (MDR) service collects threat indicators from endpoint security, network security, and server security (optional) and using advanced AI, correlates and prioritizes threats. Our threat researchers will then investigate further to determine the full extent and spread of the attack and provide a detailed remediation plan.
Using an XGen™ security blend of cross-generational detection techniques, Endpoint Sensor can search and discover targeted attacks.