Trellix has introduced Trellix SecondSight, a new proactive threat hunting service designed to strengthen cyber resilience by detecting subtle, low-noise signals of advanced threats that traditional automated systems often miss, addressing modern adversaries’ evolving tactics and reducing organizational risk for customers. According to the company, advanced threat actors increasingly leverage AI, which “has significantly increased alert fatigue for security analysts,” and while typical automated systems surface high-level alerts, they frequently fail to identify the nuanced signals that indicate lateral movement or stealthy penetration. “Trellix SecondSight is a critical component, offering analysts a ‘second set of eyes’ to actively monitor for these low-noise signals, acting as a force multiplier,” said John Fokker, VP Threat Intelligence Strategy at Trellix. By combining human intuition with AI-driven analytics applied across telemetry from Trellix EDR, Trellix Email Security Cloud, and Trellix NDR, Trellix threat hunters can uncover sophisticated threats and provide proactive notifications that help security teams stay ahead of adversaries while enhancing the company’s detection capabilities.
Also Read: Cisco Reinvents Enterprise Security for the Agentic AI Era with Expanded AI Defense and AI-Aware SASE
The service delivers several key benefits, including identifying emerging threats by correlating subtle, low-confidence signals with internal intelligence holdings to reveal intrusion evidence that automated filters overlook; augmenting existing intelligence to give security teams additional visibility and early warnings of attack movement across endpoint, network, and email telemetry; and improving defensive precision by combining global AI analytics with expert human insight to detect malicious behavior that automated tools alone cannot fully interpret. Highlighting the necessity of actionable threat intelligence in defending against advanced actors, Niklas Chachalatos, Business Manager Security Services at Advania Sweden, stated, “Proactive, actionable threat intelligence is no longer a nice-to-have; it’s a necessity for keeping pace with advanced actors…providing actionable guidance to thwart attacks and build cyber resilience.” Alongside the launch, Trellix also released the Trellix SecondSight Threat Hunting Report, featuring insights and defense recommendations based on critical campaigns observed over the past year, underscoring proactive hunting’s importance in combating targeted espionage, OAuth abuse, and zero-day exploits.
