Views:

Configure and manage the Advanced Risk Telemetry module settings.

Important
Important
  • Endpoint security policies (unified assignment) are "Pre-release" features and are not considered an official release. Please review the Pre-Release Disclaimer before using the feature.
  • Endpoint security policies (unified assignment) are not available in all regions.
  • Advanced Risk Telemetry supports Windows and Linux deployments.
  • Advanced Risk Telemetry does not support non-persistent virtual desktops.
  • Navigating between the security modules or leaving the Policy Settings screen discards any unsaved changes. To avoid losing your work, always click Save before leaving the current screen.
Advanced Risk Telemetry performs vulnerability assessments for threats such as time-critical zero-day and N-day CVEs.
Advanced Risk Telemetry collects the following data from endpoints to enhance local app visibility and assist Vulnerability Assessment in identifying vulnerabilities:
  • Local app installation file paths
  • Local app executable hashes and properties
  • Related local app metadata from registry entries, file content, or running services and processes
Local app information enables app control in Attack Surface Discovery. The collected information is displayed in the Applications tab in Attack Surface Discovery. Time-critical zero-day vulnerability information is displayed in the Exposure Overview section of Cyber Risk Overview.
To allow Advanced Risk Telemetry to assess and monitor your endpoints, select Enable. Enabling Advanced Risk Telemetry sends an average of 60 KB of additional data per endpoint to Trend Vision One per day. The actual amount of data transferred varies by endpoint and depends on the number of apps installed on the endpoint. Scans occur more frequently when threats such as time-critical zero-day and N-day CVEs are present.