Endpoint Sensor

Assess the nature and extent of targeted attacks
with context-aware endpoint forensics

Key Features

Endpoint event recording

Trend Micro Endpoint Sensor uses a lightweight client to record endpoint activity and communication events at the kernel level. The sensor tracks these events in context across time, providing an in-depth history that can be accessed in real time by analysts.

windows mac android ios new power

Rich search parameters

Endpoints can be queried for specific communications, specific malware, registry activity, account activity, running processes, and more. Search inputs can be individual parameters, OpenIOC files, or YARA files.

windows mac android ios new power

Works on and off the network

Endpoint Sensor reports and records detailed system-level activities across Windows-based servers, desktops, and laptops regardless of location.

windows mac android ios new power

Attack discovery and highlight

Using an XGen™ security blend of cross-generational detection techniques, Endpoint Sensor can search and discover targeted attacks.

windows mac android ios new power

Server

Memory
  • 4 GB minimum, 16 GB recommended.
  • Available disk space: 500 GB minimum, 1 TB recommended
Operating Systems
  • Windows Server 2008 SP2 (32-bit/64-bit)
  • Windows Server 2008 R2 (64-bit)
Microsoft Internet Information Services (IIS) 7
with all of the following role services:
  • Static Content
  • Default Document
  • Directory Browsing
  • HTTP Errors
  • HTTP Redirection
  • ASP.NET
  • ASP
  • CGI
  • ISAPI Extensions
  • ISAPI Filters
  • Request Filtering
  • IIS Management Console
  • PHP version 5.4.38
Database
  • Microsoft SQL Server 2008 Express
  • Microsoft SQL Server 2008 R2 Standard recommended
Web Browsers
  • Microsoft Internet Explorer 9 or later
  • The latest version of Google Chrome
  • The latest version of Mozilla Firefox

Agent

Hardware
RAM:
  • 512 MB minimum for Windows XP
  • 1 GB minimum for other operating systems
Available Disk Space:
  • 3 GB minimum for Windows XP, Vista, 7, 8, or 8.1
  • 3 GB minimum for Windows Server operating systems
Software
  • Windows Vista Service Pack 1 (32-bit and 64-bit)
  • Windows XP Service Pack 3 (32-bit)
  • Windows 7 (32-bit and 64-bit)
  • Windows 8 (32-bit and 64-bit)
  • Windows 8.1 (32-bit and 64-bit)
  • Windows 10 (32-bit and 64 bit)
  • Windows Server 2003 (32-bit and 64-bit)
  • Windows Server 2003 R2 (32-bit and 64-bit)
  • Windows Server 2008 (32-bit and 64-bit)
  • Windows Server 2008 R2 (64-bit)
  • Windows Server 2012 (32-bit and 64-bit)
  • Windows Server 2012 R2 (64-bit)

Gain visibility into data breaches

Endpoint Sensor gives you complete visibility into the attack vector, spread, and extent of impact of a targeted attack.  By providing complete visibility, Incident Response staff can plan for the remediation and prevention of future attacks.

 

Part of a Connected
Threat Defense

When Deep Discovery detects advanced malware, Indicators of Compromise (IOC) can be sent to Endpoint Sensor, which searches for infiltration, scans for similar IOCs, and maps the timeline/progression. Suspicious objects are collected and sent to Deep Discovery Analyzer for sandbox analysis. This approach provides complete visibility and control of targeted attacks and ransomware, including its latest variants, such as WannaCry.

Connected Threat Defense

What customers say

 

"Trend Micro has given us an extra layer of security against advanced and unknown threats. At the same time, having Trend Micro Deep Discovery and Trend Micro Endpoint Sensor means that we have an analysis tool that gives us a much better understanding of how our security system is being challenged." ...more

Peter Mejlby,
Director, Shared Services

 

 

Peter Mejiby
Protect more

Protect more

Deep Discovery Endpoint Sensor is part of the Network Defense family of network security products, including:

Trend Micro™ Deep Discovery™ Inspector to monitor all network ports and over 105 protocols to provide 360 degrees of visibility into all aspects of targeted attacks.

Add endpoint forensics to analyze the source and spread of targeted attacks on endpoints with Trend Micro™ Endpoint Sensor

Trend Micro™ Deep Discovery™ Email Inspector to protect end users from spear phishing attacks, the most common attack vector of targeted attacks and ransomware.

Trend Micro™ Deep Discovery™ Analyzer provides advanced custom sandboxing for Trend Micro and third-party security products to add protection for unknown threats.