Apex
Central integrates with Trend Micro Threat Investigation Center to enable Managed Detection and
Response capabilities.
 |
Important
|
Procedure
- Go to .The Managed Detection and Response screen appears.
- Click the Settings tab.
- Specify the following information:
-
Server address: The Threat Investigation Center server address provided by Trend Micro sales or your reseller
-
Company GUID: The Managed Detection and Response Service GUID provided by Trend Micro sales or your reseller
-
- Configure automatic approval settings for new investigation
tasks.
Note
-
If automatic approval is enabled, Apex Central will send email notifications to inform recipients of new automatically approved investigation tasks.
-
If automatic approval is disabled, Apex Central will send email notifications for all new investigation tasks to request manual approval.
-
Select the Automatically approve investigation tasks check box to enable automatic approval of new investigation tasks.
-
Clear the Automatically approve investigation tasks check box to disable automatic approval of new investigation tasks.
-
- (Optional) Configure notification recipients.
Note
-
You can add new user accounts on the User Accounts screen ().
-
You can add new contact groups on the Contact Groups screen ().
-
To add recipients, select contacts from the Available Users and Groups list and click >.The selected contacts appear in the Selected Users and Groups list.
-
To remove recipients, select contacts from the Selected Users and Groups list and click <.The selected contacts appear in the Available Users and Groups list.
-
- Click Register.
-
The Server address field displays the address of the registered Threat Investigation Center server.
-
The Sender ID field replaces the Company GUID field and displays the GUID of the Apex Central server that receives investigation tasks from the registered Threat Investigation Center server.
-