Next-Generation Technologies & Secure Development , Open XDR , Security Operations

Trellix earlier this month successfully dismantled 593 instances of infrastructure running Cobalt Strike through collaboration with global law enforcement, according to CEO Bryan Palma.

See Also: 5 considerations for effective multi-cloud threat detection

"We were able to identity infrastructure that was using or running Cobalt Strike and at the end of the takedown, we were able to take down 593 of those instances," Palma said. "These were instances that were being used to go out there and obviously cause harm to customers, and now we're in the process of trying to understand how active those were and where can we go to make sure they're disabled."

Palma also discussed the dual role of generative AI in cybersecurity: Adversaries use it to enhance phishing and malware creation while Trellix leverages it to improve the efficiency of the company's Security Operations Center. By automating alert investigations, Palma said, organizations can save eight hours of SOC work for every 100 alerts and free up time for analysts to focus on the most pernicious threats (see: Trellix CEO on Unifying Endpoint, SecOps and Data Protection).

In this video interview with Information Security Media Group, Palma also discussed:

Before taking the lead at Trellix, Palma served as executive vice president of FireEye's product division and led the sale to Symphony Technology Group. He then led the integration and rebranding of McAfee Enterprise and FireEye to form Trellix. Palma was BlackBerry's president and COO, Cisco's senior vice president and general manager of Americas customer experience, Boeing's vice president of cyber and security solutions and PepsiCo Inc.'s first CISO.