Trellix Forms ‘Advanced Research Center’ To Boost Intelligence And Product Capabilities

‘One of the most important things that we can help our customers with is just bringing them the right intelligence, the right content,’ says CEO Bryan Palma.

Introducing a new partner program and product initiatives aren’t the only things Trellix has been unveiling of late.

The cybersecurity giant announced just prior to this week’s Trellix Expand 2022 conference that it was creating a new “advanced research center” within the company to enhance its global threat intelligence capabilities.

“One of the most important things that we can help our customers with is just bringing them the right intelligence, the right content,” said Bryan Palma, chief executive of the San Jose, Calif.-based Trellix, the major provider of XDR offerings.

[RELATED STORY: Trellix Channel Chief Shares How to Build a Services Practice with XDR]

Palma told CRN that creating the new center entailed pulling together units from the old FireEye and McAfee Enterprise entities that were combined earlier this year to create Trellix, which is owned by private equity firm Symphony Technology Group.

“We’ve got some of the most talented researchers and investigators in the business,” Palma said. “With the amount of installed technology we have, we see a lot of telemetry which helps us create the necessary intelligence to power our systems and specifically to power our XDR platform.”

“The Advanced Research Center is the coming together of multiple research and product research capabilities within Trellix,” Aparna Rayasan, chief products officer at Trellix, told CRN.

She said the new center, which employs nearly 300 employees, is built on “five pillars” of focus: product research and development, threat intelligence, adversarial resilience and advocacy, research engineering, and data science.

Each “pillar” contributes to better intelligence gathering and analysis, as well as better products and services in general, she said.

“It is creating efficiencies,” she said. “It’s creating the differentiator in our products. And it’s also helping us mine vast data. … It’s definitely covering much more surface areas than we would have otherwise.”

Rayasan, who is currently conducting a search for a permanent director of the new center, said she “absolutely” sees the center expanding in the future.

In particular, she praised the threat-intelligence unit and said it’s actively hiring “highly experienced” personnel. She noted that many of Trellix’s threat-intel employees hail from previous positions within the U.S. military and government agencies.

The center has already identified one cybersecurity threat that’s garnered some attention over the past week – a 15-year-old vulnerability in the open source Python programming language that’s still lurking in existing codes and that theoretically puts at risk 350,000 open-source coding projects.

Douglas McKee, director of vulnerability research at Trellix, said his team found no recent malicious use of the Python vulnerability. But the vulnerability, if left unpatched, could still be used to launch supply-side attacks, even if it was created in 2007, he said.

McKee, whose team is now part of Trellix’s new advanced research center, said he’s hoping and expecting further intelligence

“I’m really excited to see Trellix put together this advanced threat center,” he said. “(It) helps combine a bunch of elite researchers towards a common goal. I think it’s really going to be a positive impact for the company and the industry moving forward.”