Trellix has announced new innovations for its Network Detection and Response (NDR) solution aimed at strengthening security convergence between Operational Technology (OT) and Information Technology (IT) environments. Key to this is a certified integration with Nozomi Networks, providing security teams with unified visibility and automated investigation capabilities across complex IT and OT networks.
Trellix NDR introduces new capabilities to strengthen security convergence between OT and IT environments.
A key feature is a certified integration with OT security specialist Nozomi Networks.
This integration provides unified visibility across IT and OT networks without requiring agents in the OT environment.
The solution aims to detect threats at the OT-IT boundary, a prime target for lateral movement by attackers.
Trellix NDR uses AI-powered behavioral detections mapped to the MITRE ATT&CK framework.
Hyperautomation features allow for no-code workflow building to accelerate threat response.
The convergence of OT and IT networks has expanded the attack surface, with threat actors specifically targeting the boundary between these systems. Trellix's certified integration with Nozomi Networks is designed to address this by correlating Nozomi's OT-specific alerts and asset data with Trellix NDR's visibility into enterprise IT traffic. This provides Security Operations Center (SOC) teams with a single pane of glass for monitoring, threat hunting, and forensic investigations across both domains.
Trellix NDR leverages AI and deep behavioral analysis to detect anomalies and advanced threats across all stages of the attack chain, as mapped by the MITRE ATT&CK framework. To accelerate response, the platform's Hyperautomation feature offers a no-code, drag-and-drop workflow builder. This allows security teams to automate investigation and containment actions for specific threats, such as lateral movement or DNS tunneling, significantly reducing the time from detection to response.
The innovation addresses a recognized executive-level risk. According to Trellix, 82% of Chief Information Security Officers (CISOs) believe that failing to converge OT and IT security increases organizational risk and compliance exposure. By providing integrated visibility and automated defense at this critical boundary, Trellix NDR aims to help organizations build greater resilience and manage risk more effectively.
The enhancements to Trellix NDR underscore the growing imperative for unified security in converged IT-OT environments. As critical infrastructure and industrial operations become more digitally connected, the ability to detect and respond to threats that traverse both IT and OT networks is no longer optional. Trellix's approach, particularly its partnership-driven integration with Nozomi Networks, provides a pragmatic path for organizations to close a dangerous visibility gap and defend against increasingly sophisticated cross-domain attacks.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.