Government
Support
Contact
Login

Trellix Login Trellix Hive Developer Portal Marketplace
Search

Clear | Search Tips

Quick Links

Why Trellix? | Products | Advanced Research Center | Newsroom | Blogs
Change Language

Australia (English) Brasil (Português) Canada (English) Canada (Français) Deutschland (Deutsch) España (Español) France (Français) Hong Kong (English) India (English) Italia (Italiano) 日本 (日本語) 대한민국 (한국어) México (Español) Singapore (English) United Kingdom (English) United States (English)

PLATFORM CAPABILITIES

Trellix XDR Platform

Strengthen your security posture and protect your organization with confidence.

Trellix Wise

Your sixth sense for security, Trellix Wise is GenAI to solve your toughest security operations challenges with hyper automation.

PROFESSIONAL SERVICES

EDUCATION AND TRAINING

Trellix Thrive

Make the most of your investment in Trellix’s industry-leading cybersecurity technologies.

RESEARCH

Latest Research Blogs

Get the latest cybersecurity trends, best practices, security vulnerabilities, and more.

Latest Report

Trellix’s Advanced Research Center highlights insights, intelligence, and guidance gleaned from multiple sources of critical data.

Get Started

Take a Product Tour Request a Demo Cybersecurity Assessment Contact Us

Learn More About the CrowdStrike Outage and Get Help

Read the Technical Blog From our Experts

Need help getting systems restored?

Get Help Now

What happened and why?

A software update from CrowdStrike caused Microsoft Windows systems to crash, disrupting airline travel, healthcare, government services, and many other critical industries and organizations globally.

CrowdStrike released a content update for Falcon customers designed to detect newly observed, malicious named pipes being used by common C2 frameworks in cyberattacks. The erroneous update sent computers around the globe into the dreaded blue screen of death.

How is Trellix different?

First, we believe security vendors hold great responsibility. We all occupy a privileged position with access to the heart of customers’ systems known as the kernel, and there are best practices to ensure that all code deployed there is certified by Microsoft, and not changed without the approval and knowledge of the customer.

And second, at Trellix we employ a conservative approach anchored by three imperatives: Transparency, Choice, and Responsibility.

Transparency
Our customers have visibility into the way we package our code.

Code that sits at the kernel level should be minimized to limit the potential for a cascading catastrophic system outage.
We follow kernel driver best practices: separating content from executable code, ensuring all kernel drivers are certified and signed by Microsoft.
This separation of security content and code ensures if there is ever a crash caused by an erroneous file, our program terminates independent of the operating system, and permits remote recovery.

Choice
Our customers have control over kernel level changes.

This outage is a reminder of why the choice of updates to kernel drivers should always be in the hands of those that can best assess risk—the customer.
Trellix customers can determine if, when, and how to roll out updates to kernel drivers. Trellix will not override a customer’s update distribution preferences or controls.

Responsibility
Our customers should be protected against people and process errors.

Trellix follows rigorous processes to validate the quality and stability of both agent and security content updates before they are released, and has multiple controls to limit the impact if an error ever does occur.
We follow a phased roll out to prevent wide scale impact, even for our daily security content.
Our customers require us to provide high quality releases across cloud, on-premises, air-gapped, and embedded environments at scale.

How can Trellix help now, during, and after recovery

Our support and services teams are mobilized to help you rebuild and recover. Trellix customer or not, you can contact our support and we can help with recovery procedures.

Existing Customers: Log in to Thrive and open a case - we have support standing by.
New Customers: Call 1-800-937-2237 or a local support phone number.