Views:
This version of Trend Micro Apex Central includes the following new features and enhancements.
Feature
Description
Trend Vision One integration enhancement
Trend Vision One integration has been enhanced to allow Trend Micro Apex Central to:
  • Send policy resource data to the Attack Surface Discovery app
  • Promptly update the Security Agent endpoint information to the Endpoint Inventory app
    Note
    Note
    This feature requires the installation of Apex One Service Pack 1 Patch 2 (or above) or Apex One (Mac) Patch 14 (or above).
Component update
This release of Trend Micro Apex Central updates the following components to enhance product security:
  • JQuery library
  • PHP scripting module

Previous Updates

Feature
Description
Trend Vision One integration enhancement
Trend Vision One integration has been enhanced to include an option that enables Trend Micro Apex Central to synchronize suspicious object lists from Trend Vision One.
Trend Vision One integration enhancement
This release of Trend Micro Apex Central enables managed Apex One servers to send server configuration information to Trend Vision One to enhance product integration.
Note
Note
This feature requires the installation of Apex One Service Pack 1 Patch 1 or above.
Trend Vision One integration
Integration with Trend Vision One allows Trend Micro Apex Central to forward detection events and managed Security Agent information to Trend Vision One for correlated detection and other advanced analytics.
Enhancement Security Agent management
This release of Trend Micro Apex Central supports multi-layer domain tree (up to five layers) for managed servers to enhance Security Agent management.
New platform
Trend Micro Apex Central supports installation on Windows Server 2022.
Event Notifications
The following Event Notification settings have been disabled to prevent too many unnecessary notifications from being sent to recipients (DetectionsNotificationsEvent NotificationsAdvanced Threat Activity):
  • C&C callback alert
  • C&C callback outbreak alert
  • Correlated incident detections
Additional Advanced Threat Activity notifications
Trend Micro Apex Central supports Advanced Threat Activity event notifications for Behavior Monitoring violations and Predictive Machine Learning detections.
Advanced Logging Policy optimization
The Advanced Logging Policy for Apex One Vulnerability Protection (PoliciesPolicy ManagementApex One Security AgentVulnerability Protection SettingsNetwork Engine Settings) uses "Stateful, Frag, and Verifier Suppression" by default to exclude fragmentation and verifier related events.
Concurrent session limitation
Trend Micro Apex Central allows administrators to prevent multiple web console sessions per user account.
Critical event auditing
The Apex One server and Security Agents collect Windows event logs related to critical system events (move Security Agent, uninstall Security Agent, reset password) and sends the logs to Trend Micro Apex Central Product Auditing Event logs.
Dashboard enhancements
  • The name of the Operation Center tab has changed to Security Posture, the name of the Threat Detection tab has changed to Threat Statistics, and the widgets on the former DLP Incident Investigation tab have moved to the Data Loss Prevention tab.
  • Toggle the Table view on the Security Posture dashboard tab to display the chart nodes, critical threats, and antivirus pattern compliance information in a table.
Enhanced API integration
Trend Micro Apex Central provides APIs for forwarding detection logs in CEF format, Product Auditing Events, Security Agent pattern update statuses, or Security Agent engine update statuses to SIEM servers.
For more information, see https://automation.trendmicro.com/apex-central/home.
Impact Analysis enhancement
The Affected Users screen automatically refreshes every 60 seconds when running an Impact Analysis.
New dashboard widgets
  • The Quick Investigation widget allows you to start Historical Investigations directly from the dashboard.
  • Use the Attack Discovery Detections widget to view detection logs generated by the Endpoint Sensor Attack Discovery feature.
    Attack Discovery logs include MITRE™ Tactics and Techniques information and Windows Antimalware Scan Interface (AMSI) data.
  • The Top Endpoints Affected by IPS Events, Top IPS Attack Sources, and Top IPS Events widgets provide greater visibility for Intrusion Prevention events on your network.
Password complexity enhancement
  • Trend Micro Apex Central user accounts have stronger password complexity requirements.
  • The Unload and Uninstall Security Agent features include enhanced password complexity requirements for better security.
Policy inheritance
Enhancements to Behavior Monitoring, Predictive Machine Learning, and the Trusted Program List policies allow for policy inheritance support.
SQL Server support
Apex Central supports Microsoft SQL Server 2019 Cumulative Update 4 (CU4) and SQL Server Express CU4.
Syslog enhancements
  • Apex Central allows you to forward Intrusion Prevention and Product Auditing Event logs to a syslog server.
  • Common Event Format (CEF) syslogs indicate the type of critical threat detected.
Vulnerability patches
Apex Central has patched Cross Site Scripting (XSS) and SQL injection vulnerabilities.
Web browser support
Apex Central supports Microsoft Edge (Chromium).