XcellSecure^SM | X Detection & Response (XDR)

Round-the-clock expert monitoring to defendagainst threats and stop attackers on theirtracks.

Detect more with built-in threat expertise and global threat intelligence.

Detection and response across email, endpoint, server, cloud workloads, and networks.

Buy Now Schedule Demo Take Tour Play Video

Clearer contextual view of threats

By viewing more contextual alerts across more threat vectors, events that seem benign on their own suddenly become meaningful indicators of compromise. This allows you to connect more dots into a single view, enable more insightful investigations, and gives you the ability to detect threats earlier.

More effective analysis

With native integration into endpoint, email, server, network, and cloud environments, Trend Micro XDR sensors benefit from a deep understanding of data sources. This results in more effective analytics, compared to having third-party integration through application programming interfaces (APIs).

Prioritized view of threats across the organization

By correlating threats across the organization and adding expert threat intelligence, AI, and big data analytics, security personnel will get fewer, more meaningful, and richer alerts— prioritized by severity.

Increased effectiveness and efficiency of threat investigation

By automatically correlating threat data from multiple sources, Trend Micro XDR speeds up and removes manual steps involved in investigations and enables detailed analysis that can’t be done today.

Reduces time to detect threats

Collapses the time it takes to detect, contain, and respond to threats, minimizing the severity and scope of impact.

Disconnected security layers with siloed tools and data sets make it difficult to correlate information and detect critical threats.

Stealthy threats continue to evade even the best defenses

Too many alerts and overloaded organizations don’t have the time or resources to investigate

All this means detecting more, earlier, and with confidence.

Trend Micro XDR applies the most effective AI and expert analytics to the activity data collected from its native sensors in the environment to produce fewer, higher-fidelity alerts. Global threat intelligence from the Trend Micro Smart Protection Network™ combined with expert detection rules continually updated from our threat experts maximise the power of AI and analytical models in unparalleled ways.

We help you stop collecting and analysing data in silos.

XDR collects and correlates data across email, endpoint, servers, cloud workloads, and networks, enabling visibility and analysis that is difficult or impossible to achieve otherwise.

With more context, events that seem benign on their own suddenly become meaningful indicators of compromise, and you can quickly contain the impact, minimising the severity and scope.

Easily connect the dots with

A Single Platform That Gives You

1

Prioritised alerts based on one expert alert schema to interpret data in a standard and meaningful way

2

A consolidated view to uncover events and the attack path across security layers

3

Guided investigations to understand the impact and identify the path to resolution

OUR SERVICES

Rapid Detection service is an enterprise-grade managed service that detects, quantifies & gathers evidence regarding advanced attacks

24x7 Support

Experienced threats hunters from XcedllHost watching over your environment 24/7

Quick Response

Max 30 minutes from breach detection to response, as agreed in a service level agreement

Guidance

High quality detection’s, with actionable response guidance by XcellHostexperts

Block Ransomeware

Advanced Threat Protection

Exploit prevention- Zero day Vulnerability

Data Center Security

Clean up-Automatic Remediation

Security For Hybrid Enviornment

AI and Expert Security
Analytics

Built-in threat expertise and global threat intelligence to detect more

Combine threat and detection data from your environment with Trend Micro’s global threat intelligence in the Trend Micro™ Smart Protection Network™ for richer, more meaningful alerts
More context means faster detection and higher fidelity alerts
Optimal AI and big data analytics provide you with a deeper understanding of data collected from Trend Micro’s intelligent sensors
Gain the power that only humans can bring to bear with new expert detection rules based on what from Trend Micro threat experts are finding in the wild

Beyond the Endpoint

Detect and respond to threats across multiple layers and gain greater context to understand better

Automatically correlate data from sensors from native Trend Micro solutions that collect detection and activity data across email, network, endpoint, and servers, eliminating manual steps
Activity that may not seem suspicious on its own suddenly becomes a high-priority alert, allowing you to contain its impact faster
Contain threats more easily, assess the impact, and action the response across email, endpoint, server, cloud workloads, and network

Complete Visibility

Built-in threat expertise and global threat intelligence to detect more

ONE source of prioritized alerts based on one expert alert schema to interpret data in a standard and meaningful way
ONE consolidated view to uncover events and the attack path across security layers
ONE source for guided investigations to understand the impact and identify the path to resolution

FREQUENTLY ASKED QUESTIONS

What Is VectorN Detection Engine?

The VectorN Detection engine is a new feature and its purpose is to search for patterns within the blocks that Thor's Traffic Scanning records.

It works across-the-board on any Windows™ device;
It does not rely on scanning the code or auditing any system processes. Instead, the new technology uses Machine Learning Detection (MLD) to perform an in-depth analysis of all incoming and outgoing HTTP, HTTPS and DNS traffic.
It matches Machine Learning (MLD) insights with Indicators of compromise/attack (IOC/IOA) and network forensics, turning Thor Foresight into a unique, proactive cybersecurity suite.
It helps users discover even hidden, second-generation malware that tries to infect the endpoint or attempts to harvest data from the compromised system.
By tracking device-to-infrastructure communication, this technology enables users to detect and block advanced malware, regardless of the attack vector.

Example:

If Thor Foresight's Traffic Scanning is blocking a specific domain or multiple domains at a specific time of the day, VectorN Detection will consider this a pattern and will inform the user that there might be a possible threat.

Patterns:

- A domain is blocked multiple times a day in a very short time period.

- A domain is blocked every day at a specific time

- Multiple domains are blocked in a very short time period.

What Kind Of Security Solution Is Thor? What Does It Do?

Thor Premium product line-up includes 2 main product branches: Thor Foresight and Thor Vigilance. The products complement each other, and they should be combined in order to offer maximum system and network protection.

Thor Foresight has been specifically designed to protect you from financial and data-stealing malware while doing banking operations and keep you safe from Zero Hour malware and security exploits frequently employed by IT, criminals.

What Changes Does Thor Apply When Installed?

When Thor is installed your local DNS is changed to 127.7.7.x and your DNS server is saved by Thor in the registries.
Four new services will be activated: Heimdal Antivirus, Heimdal Client Host, Heimdal DarkLayer Guard and Heimdal Uptime Checker, all of them set to Automatic
Two new folders will be created, one in Program Files or Program File (x86), depending on the OS architecture and one in ProgramData.
One icon in the Taskbar
One certificate in the Trusted People folder.

What Files Can I Add In My Antivirus Exclusion List?

In case you suspect that your antivirus is interfering with Heimdal Security’s functionality, you’ll need to add some exceptions to allow Thor to work properly.

Here are some examples of potential interferences:

The Heimdal services do not start at Windows’s start-up or the network adapter’s DNS 127.0.0.1 is not set for some reason even if the Traffic Scanning is ON.

The files you need to add are located in this path: C:\Program Files (x86)\Heimdal (you need to add them one by one)

- Heimdal.Agent
- Heimdal.AgentLoader
- Heimdal.ClientHost
- Heimdal.SecureDNS
- Heimdal.UptimeChecker.exe
- Heimdal.AgentError.exe

Restart the computer and check if everything is working as it should!

What Is Thor RC?

What Changes Does Thor Apply When Installed?

When Thor is installed your local DNS is changed to 127.7.7.x and your DNS server is saved by Thor in the registries.
Four new services will be activated: Heimdal Antivirus, Heimdal Client Host, Heimdal DarkLayer Guard and Heimdal Uptime Checker, all of them set to Automatic
Two new folders will be created, one in Program Files or Program File (x86), depending on the OS architecture and one in ProgramData.
One icon in the Taskbar
One certificate in the Trusted People folder.

X Detection & Response

Round-the-clock expert monitoring to defend against threats and stop attackers on their tracks.Detect more with built-in threat expertise and global threat intelligence.Detection and response across email, endpoint, server, cloud workloads, and networks.

Learn More