Trend Micro Threat Management Services

At last week's Trend Micro Insight analyst conference, I received a briefing on Trend's Threat Management Services (TMS). TMS is what Trend calls a "network security overwatch" layer that provides an extra layer of protection for the existing security infrastructure, be it Trend's or another vendor's. TMS comes in three flavors: threat discovery, threat remediation and threat lifecycle management services. The goal is to detect and remediate malware that somehow makes it through the existing security defenses, such as that introduced via a USB stick or an employee's home computer, or even server- or gateway-based defenses.

The need for TMS is underscored by a large number of assessments that Trend has conducted with enterprise-level organizations, including some very large companies. These assessments determined that *every* organization surveyed had some form of active malware present in their network, including more than one-half that had information-stealing malware, such as a keystroke logger, and nearly three-quarters that had at least one IRC bot.

I like the concept of TMS because it provides that additional layer of oversight that even the best security solutions can use to catch the stuff that gets through. For example, NSS Labs conducted an evaluation of anti-malware solutions and found that the best solution of the 10 corporate solutions it evaluated still had "only" a 93.6% catch rate. Further, Trend is quite honest about the value it sees in TMS, since they recommend its use even if Trend's is the solution that needs the oversight from TMS.