TrendMicro Adds Net New Security Layer to Address Zero-Day Threats

Trend Micro on Tuesday unveiled a services solution that it says will enable the channel to offer customers better visibility into dynamic malware threat vectors through a net new technology layer.

Dubbed Trend Micro Threat Management Services (TMS), the new offering provides early warning, containment and remediation of data-stealing malware infiltrations already within the network. The idea behind the service is to fill in gaps left by signature-based anti-malware technologies that miss unknown zero-day attacks for which there are no signatures.

“We’re recognizing that traditional or conventional content security, though it is critical, is still missing a lot of malware,” says Dan Glessner, senior vice president of North American marketing for Trend Micro, adding, “Organizations typically have poor visibility into what is actually happening in their environments.”

According to Jai Balasubramaniyan, director of TMS, TMS adds a new layer of security on top of existing content security such as endpoint antivirus, messaging security and Web security. For example, on top of endpoint security the new service adds another level of heuristics and behavioral analysis, plus “a really smart correlation engine to ferret out new threats,” he says. Layered onto messaging security, the service adds visibility and control over Web-based e-mail, not just the typical corporate e-mail system covered in traditional messaging solutions. And on top of typical Web security offerings, TMS adds the capability to detect more advanced attacks such as cross-site scripting and Web request response correlation attacks.

The new system is able to see and correlate attack symptoms on over 80 protocols across the network, Balasubramaniyan says.

“TMS is able to very much act like a human being, look into that specific system, do all of the analysis and help clean up the malware. And the nice thing is what it does is it also goes back into the history and says why that infection happened,” Balasubramaniyan says. “A lot of tools are very good at saying an infection happened, with some cryptic line like, ‘This worm was found,’ but what we are good at mentioning is why that [infection] happened, [and which] employee action created that [infection, whether] it was because an employee was visiting a specific Website [or] it was because he brought in an infected USB stick.”

TMS is actually based on 15 months’ worth of market testing conducted through Trend Micro’s experiment with Trend Micro Threat Management Solution. According to Glessner, Trend Micro shifted gears to offer the product as a services solution once success with Threat Management Solution validated that enterprises needed help filling a malware gap left by existing security systems.

The new slate of services will be offered via three distinct components. Threat Discovery Services identify and analyze existing threats on the network. Threat Remediation Services offer signature-less cleanup technology to do something about those discovered threats. And Threat Lifecycle Management Services add expanded support of Trend Micro’s security experts, real-time infection monitoring and root-cause analysis, plus security planning.

Glessner believes that the new service offers the channel an opportunity to add more security value to existing and prospective customers.

“This is an exciting opportunity for our channel partners,” Glessner says. “With our new threat management services, they really can be a hero to go in and help their customers understand where these infected endpoints are and then to clean them and provide an ongoing service and a lot of value add that kind of ties [security] together.”