February 28, 2012, 7:19 AM — Trend Micro today announced Deep Discovery, a threat-detection tool designed to monitor network traffic in order to detect signs of stealthy attacks aimed at stealing corporate data.
Deep Discovery is intended to focus on the question, "Is there human attacker activity in the network?" says Kevin Faulkner, senior enterprise product marketing manager at Trend Micro. He acknowledges Deep Discovery in large part represents a wholesale re-engineering of what Trend Micro previously called its Threat Management System, released last year. "It was rebuilt from the ground up," says Faulkner, noting that more than 500 business customers are now using it.
Some of the ways in which Deep Discovery is different from the past, he says, is it now has three times the processing power and takes what was a cloud-based management console, moving it out of the cloud and putting that console and analysis functions into the physical form that's now installed on the customer premises.
"Our customers didn't want this management running in cloud," says Faulkner. The product also has a security sandboxing feature that can allow malware to be safely detonated and observed.
Available as an appliance or software, the roadmap for further development of Deep Discovery includes giving it a capability to identify and track mobile devices and tell what apps they're accessing when their users have been granted access to the corporate network. Other roadmap goals, which should make it into the next release later this year, include templates for data-loss prevention so that sensitive information, such as Payment Card Industry cardholder data, for example, could be flagged if it appears to be traversing the network inappropriately.
With Deep Discovery, Trend Micro roughly aims to compete against the NetWitness threat-analysis product, which was acquired by RSA, the security division of EMC. Today, RSA also announced an expansion to the NetWitness Live 2.1 service of automated threat-intelligence feeds intended to be correlated in the NetWitness appliance to deliver actionable information.