Views:
This version of Apex Central includes the following new features and enhancements.
Feature
Description
Trend Vision One integration enhancement
Trend Vision One integration has been enhanced to allow Apex Central to:
  • Send policy resource data to the Attack Surface Discovery app
  • Promptly update the Security Agent endpoint information to the Endpoint Inventory app
    Note
    Note
    This feature requires the installation of Apex One Service Pack 1 Patch 2 (or above) or Apex One (Mac) Patch 14 (or above).
Component update
This release of Apex Central updates the following components to enhance product security:
  • JQuery library
  • PHP scripting module

Previous Updates

Feature
Description
Trend Vision One integration enhancement
Trend Vision One integration has been enhanced to include an option that enables Apex Central to synchronize suspicious object lists from Trend Vision One.
Trend Vision One integration enhancement
This release of Apex Central enables managed Apex One servers to send server configuration information to Trend Vision One to enhance product integration.
Note
Note
This feature requires the installation of Apex One Service Pack 1 Patch 1 or above.
Trend Vision One integration
Integration with Trend Vision One allows Apex Central to forward detection events and managed Security Agent information to Trend Vision One for correlated detection and other advanced analytics.
Enhancement Security Agent management
This release of Apex Central supports multi-layer domain tree (up to five layers) for managed servers to enhance Security Agent management.
New platform
Apex Central supports installation on Windows Server 2022.
Event Notifications
The following Event Notification settings have been disabled to prevent too many unnecessary notifications from being sent to recipients (DetectionsNotificationsEvent NotificationsAdvanced Threat Activity):
  • C&C callback alert
  • C&C callback outbreak alert
  • Correlated incident detections
Additional Advanced Threat Activity notifications
Apex Central supports Advanced Threat Activity event notifications for Behavior Monitoring violations and Predictive Machine Learning detections.
Advanced Logging Policy optimization
The Advanced Logging Policy for Apex One Vulnerability Protection (PoliciesPolicy ManagementApex One Security AgentVulnerability Protection SettingsNetwork Engine Settings) uses "Stateful, Frag, and Verifier Suppression" by default to exclude fragmentation and verifier related events.
Concurrent session limitation
Apex Central allows administrators to prevent multiple web console sessions per user account.
Critical event auditing
The Apex One server and Security Agents collect Windows event logs related to critical system events (move Security Agent, uninstall Security Agent, reset password) and sends the logs to Apex Central Product Auditing Event logs.
Dashboard enhancements
  • The name of the Operation Center tab has changed to Security Posture, the name of the Threat Detection tab has changed to Threat Statistics, and the widgets on the former DLP Incident Investigation tab have moved to the Data Loss Prevention tab.
  • Toggle the Table view on the Security Posture dashboard tab to display the chart nodes, critical threats, and antivirus pattern compliance information in a table.
Enhanced API integration
Apex Central provides APIs for forwarding detection logs in CEF format, Product Auditing Events, Security Agent pattern update statuses, or Security Agent engine update statuses to SIEM servers.
For more information, see https://automation.trendmicro.com/apex-central/home.
Impact Analysis enhancement
The Affected Users screen automatically refreshes every 60 seconds when running an Impact Analysis.
New dashboard widgets
  • The Quick Investigation widget allows you to start Historical Investigations directly from the dashboard.
  • Use the Attack Discovery Detections widget to view detection logs generated by the Endpoint Sensor Attack Discovery feature.
    Attack Discovery logs include MITRE™ Tactics and Techniques information and Windows Antimalware Scan Interface (AMSI) data.
  • The Top Endpoints Affected by IPS Events, Top IPS Attack Sources, and Top IPS Events widgets provide greater visibility for Intrusion Prevention events on your network.
Password complexity enhancement
  • Apex Central user accounts have stronger password complexity requirements.
  • The Unload and Uninstall Security Agent features include enhanced password complexity requirements for better security.
Policy inheritance
Enhancements to Behavior Monitoring, Predictive Machine Learning, and the Trusted Program List policies allow for policy inheritance support.
SQL Server support
Apex Central supports Microsoft SQL Server 2019 Cumulative Update 4 (CU4) and SQL Server Express CU4.
Syslog enhancements
  • Apex Central allows you to forward Intrusion Prevention and Product Auditing Event logs to a syslog server.
  • Common Event Format (CEF) syslogs indicate the type of critical threat detected.
Vulnerability patches
Apex Central has patched Cross Site Scripting (XSS) and SQL injection vulnerabilities.
Web browser support
Apex Central supports Microsoft Edge (Chromium).