Smart Protection Network – Global Threat Intelligence

Smarter security built on over 30 years of cyber threat experience

Up-to-the-second threat intelligence

The Trend Micro™ Smart Protection Network™ delivers proactive global threat intelligence against zero-hour threats to ensure that you are always protected. We use our up-to-the-second threat intelligence to immediately stamp out attacks before they can harm you. And combined with XGen™ security, powering all of our products and services, we’re protecting millions of businesses and users around the globe. See performance results.

How do we keep you ahead of threats?

We use the latest data science techniques, like hybrid cloud machine learning, to analyze cyber threats affecting our customers. We rapidly and accurately collate this wealth of global threat intelligence to customize protection to the specific needs of your home or business. It’s not just an amazing amount of threat data. It’s global threat intelligence that uses predictive analytics to protect against the threats that are most likely to impact you.

Round-the-clock threat visibility and protection

To maintain this immense scale of threat protection, we’ve created one of the world’s most extensive cloud-based protection infrastructures. Our threat defense experts and vast global network are constantly collecting data, identifying threats, and protecting your data.

We innovated the immediate protection of a cloud-based approach back in 2008. We developed the automatic correlation of threats to customize protection just for you. And we’re ahead of the pack in giving you threat visibility across platforms, security layers, and users globally.

Check out the following infographic to get a better understanding of how the Smart Protection Network works.

Powerful multilayered protection

A vast set of cross-generational techniques, continuously improved over time, builds a layered defense against the ever-changing threats targeting you. 

**NEW** IoT Reputation Service

IoT Reputation Service (IoTRS) analyzes billions of transactions every day collected from tens of millions of sensors and devices from all over the world. They include home routers, industrial IoT devices, as well as consumer and commercial IoT devices, like DVRs and networked security cameras.

With big data analytics and machine learning, a bulk list of insecure IoT connections is generated and queried in real time to help protect against malicious or compromised IoT devices. This approach ensures people and organizations are protected against the botnet-like activity we saw with the Mirai and Perserai botnets and the similar attacks we will likely see from and against IoT devices.

Hybrid cloud machine learning

Automated discovery of new threats using machine learning both in-the-cloud and on-premises to detect against zero hour spam, phishing (i.e Business Email Compromise), malware (i.e. ransomware), exploits, and social media attacks.  

Hybrid cloud sandbox

Analyze files (like email attachments) and URLs in a virtual sandbox available both on-premises and in-the-cloud to identify new threats in a safe environment.


Breach detection

Detect potential targeted attacks by analyzing north/south and east/west network traffic, command-and- control traffic, and lateral movement within a corporate network giving you visibility into potential threat actors. 

Reputation services

Email, web, file, and mobile app reputation services check the reputation of these threat vectors to block spam/phishing, compromised websites, malicious files, and malicious mobile apps.

Vulnerability research

Using one of the industry’s best vulnerability research teams from Trend Micro and Zero Day Initiative (ZDI) to discover and responsibly disclose third-party vulnerabilities with the help of 3000+ ZDI external researchers, get protection against known and zero-day exploits with virtual patches. 

Command-and-Control communication protection

Quickly identifies botnet or targeted attack behaviors by identifying communications between target victims and threat actors’ attack infrastructure

Safelisting and application control

Protects against false positives using constantly updated, in-the-cloud safelists from one of the world’s largest databases of known good files and supports an effective defense using application control to allow only good applications and OS files from running on a device. 

Threat actor intelligence

Threat researchers actively investigate and analyze new tactics, techniques, and procedures (TTP) utilized by the threat actors across the globe to ensure your protected from new threats using these TTPs. 

Smart Protection server

Safeguards network bandwidth, endpoint efficiency, and privacy by performing reputation queries directly to local servers, instead of the public cloud. 

Smart feedback

Speeds protection by automatically updating Trend Micro's global threat intelligence each time a new threat is identified on a single customer's routine reputation check.