About Trellix
Trellix is a cybersecurity company formed from the merger of McAfee Enterprise and FireEye, combining decades of threat intelligence heritage with extended detection and response (XDR) capabilities trusted by enterprises and governments globally. With a living security platform that adapts continuously to the evolving threat landscape through AI-powered threat detection and tightly integrated security operations, Trellix is a strategic security partner for large organizations facing sophisticated adversaries. Teams looking to integrate with Trellix or build a Trellix integration can use Synqly to access normalized endpoint detection, threat intelligence, and security event data through a standardized connector.
About the Trellix Endpoint Security (ENS) Integration
Trellix Endpoint Security (ENS) is Trellix’s integrated endpoint protection platform, providing threat prevention, firewall, web control, and adaptive threat protection to defend endpoints against malware, ransomware, and advanced attacks. As Synqly’s EDR provider, Trellix Endpoint Security (ENS) enables security teams to access normalized endpoint detection and response data—including detections, alerts, and endpoint telemetry—through a standardized connector. Integrate with Trellix Endpoint Security to incorporate endpoint threat context into your SIEM, threat detection, and security operations workflows, enabling faster investigation and response.
Integration Use Cases
Get Endpoint
Gets a single endpoint assets matching the UID from the token-linked EDR source.
Query EDR Events
Returns a list of EDR events that match the query from the token-linked EDR source.
Query Endpoints
Returns a list of endpoint assets matching the query from the token-linked EDR source.
Query Threat Events
Returns a list of threats that match the query from the token-linked EDR source.