Views:

Identify applications with potential security vulnerabilities that are in use within your organization.

Attack Surface Discovery detects all applications, including AI apps such as ChatGPT, that have been accessed by your organization's users and devices. Trend Vision One categorizes and assigns a risk level to each application. The consolidated visibility of all apps in your environment helps you to quickly identify potential vulnerabilities and continuously assess and prioritize risk.
The following table describes the tabs available in the Applications section of Attack Surface Discovery.
Tab
Description
Cloud Apps
Displays all cloud apps accessed by your organization's users and devices, and provides insights into how users access connected collaboration tools, such as Office 365
  • Search for cloud apps by name.
  • Click Filter to filter cloud apps by Category, Risk level, Sanctioned state, Warnings, or Last detected.
  • Click Export to generate a report for the apps currently displayed on the list.
  • Click any cloud app name to view details on the Cloud app profile screen.
  • Select cloud apps and click Change Sanctioned/Unsanctioned to set the sanctioned status of the app.
  • Select one or multiple cloud apps and click Assign Secure Access Rule to control users' access to these cloud apps.
    You can group the cloud apps as a new custom cloud app category and create an Internet Access rule for them. You can also add the cloud apps to an existing custom cloud app category. Any Internet Access or Risk rules already associated with the category apply to the cloud apps.
Note
Note
For customers that have updated to the Foundation Services release, drilling down from the Users column and the User name column (drilled from the Visits column) are only available for users with the Accounts asset visibility scope.
Local Apps
Important
Important
This is a pre-release sub-feature and is not part of the existing features of an official commercial or general release. Please review the Pre-release sub-feature disclaimer before using the sub-feature.
Displays all local apps detected on devices in your environment by the Trend Vision One Agent or Trend Micro Mobile Security
The Local app list displays the number of highly exploitable CVEs that affect each app. The app risk score equals the risk score of the highest-risk CVE for the application.
  • Search for local apps by name.
  • Click Filter to filter local apps by Operating system, App risk score, Vendor, First seen, or Last detected.
  • Click Export to generate a report for the local apps currently displayed on the list.
  • Click any column header to sort the list by that column.
  • Click any local app name to view details on the Local App Profile screen.
  • Click the number of devices in the entry for an app for a list of the devices on which the app has been detected.
  • Click the number of highly exploitable CVEs for an app for details on the CVEs that affect the app.
Select View by executable file in the dropdown menu to see a list of executable files related to detected local apps.
Note
Note
This feature is not available in all regions.
  • Search for executable files by file name.
  • Click Filter to filter executable files by Product name, Permission status, First seen, or Last detected.
  • Click on any executable file name to view details on the Executable File Profile screen.
  • Click the number of devices in the entry for an executable file for a list of the devices on which the file has been detected.
  • Select an executable file to change the file permission status to Allowed or Blocked.
    Important
    Important
    The default permission status of an executable file is Not configured.