April 2024

April 29, 2024— Trend Threat Intelligence Feed continuously provides up-to-date information about emerging threats and threat actors. Leveraging the feed via API into your existing security infrastructure allows your organization to stay one step ahead of cyber threats and maintain a robust and adaptive security environment.

For more information, see Trend Threat Intelligence Feed.

April 26, 2024 — Cloud Accounts now offers APIs for connecting AWS accounts to Trend Vision One. The APIs provide options for connecting your AWS accounts, including a static token API for template deployment. For more information, see Connecting AWS Accounts Using APIs.

April 22, 2024 — the Vulnerability Assessment service available in Attack Surface Risk Management now supports scanning language packages used in your ECR container images. For information on supported languages, see Vulnerability Assessment supported language packages.

April 22, 2024—You can now create and import custom filter queries including regex in Detection Model Management. For more information, see Using regex in custom filters.

April 22, 2024 — The Operations Dashboard Weekly Digest has been terminated for subscribers, and the subscription entry for the weekly digest has been removed from Notifications. Former subscribers can now receive n automatically generated weekly report based on the Risk Factors template, providing a detailed picture of current organization risks. Settings for the weekly report can be managed in the Reports app.

April 19, 2024 — Cloud Email and Collaboration Protection launches the Correlated Intelligence feature that can correlate the suspicious signals found across different engines (such as Advanced Spam Protection, Web Reputation) to enrich threat detection for email services. With Correlated Intelligence capabilities, Cloud Email and Collaboration Protection also provide the reasons why an email is detected as a threat.

April 19, 2024 — Cloud Email and Collaboration Protection supports scanning QR codes in PDF files attached to emails to detect suspicious URLs. QR code scanning already supports attachments in the format of WEBP, JPG, PNG, BMP, TIFF, or GIF.

April 19, 2024 — Cloud Email and Collaboration Protection displays quishing detection data in the Threat Detection dashboard for you to understand the QR code-based phishing email detections in your environment, including the quishing detections by email service, top 5 quishing email senders, top 5 quishing email recipients, and quishing detections by content type.

April 19, 2024 — In addition to detect quishing by scanning the QR code images attached or in the email body, Cloud Email Gateway Protection now supports quishing detection for PDF attachments after you have enabled submission of suspicious files with QR codes to Virtual Analyzer.

April 19, 2024 — When searching the mail tracking logs for mail traffic blocked due to IP block list matching, Cloud Email Gateway Protection allows you to conduct more granular search by separately filtering for sender IPs found in the Blocked IP Address list and the Blocked Country/Region list.

April 19, 2024 — Cloud Email Gateway Protection allows you to leverage the action "Insert X-Header" for messages matching scan exceptions in virus scan to meet your specific needs, for example, identify the specific scan exception for subsequent processing.

April 17, 2024 — Server & Workload Protection is now integrated with the Cloud Accounts app for Azure Subscriptions. The feature includes the following updates:

For more information, see Getting started with Cloud Accounts.

April 16, 2024 — You can now specify the time-out setting for endpoint response actions. If left unspecified, the default setting is used. For more information, see Response Management settings.

April 15, 2022 — Thanks to several backend improvements, data for your internet-facing assets are now updated more often. The increased update frequency allows you to better assess your attack surface in Attack Surface Discovery, particularly after removing domains and IP addresses and renewing certificates, and improves the accuracy of risk events created in Operations Dashboard. For more information, see Internet-Facing Assets.

April 8, 2024 — The Forensics app now includes risk scores from Attack Surface Risk Management. Forensic investigators can prioritize endpoints with high risk scores when adding endpoints in a workspace. Once added, each endpoint risk score has a Detailed Profile for further investigation.

April 8, 2024 - Trend Vision One - File Security is a scanning service that can detect all types of malicious software (malware) including trojans, ransomware, spyware, and more. File Security now offers the following features and enhancements:

April 8, 2024 — The Security Configuration index now supports Virtual Network Sensor visibility in the Network Security tab. You can view sensor deployment status and key feature adoption rate. For sensors not configured as expected, click the displayed number of sensors to drill down to the Reports app and generate reports with detailed information.

April 8, 2024 — You may now integrate Medigate as a data source in Attack Surface Risk Management to gain access to device information and vulnerabilities detected by Medigate. Connect your Medigate account in Data Sources.

April 8, 2024 — In addition to the Dismissed and Remediated statuses, an Accepted status is now available for reported risk events in Operations Dashboard. Marking a risk event as Accepted indicates that you acknowledge the risk but are unable to remediate or mitigate it at this time. Risk events marked as Accepted still contribute to your Risk Index. Create accepted risk event rules when marking a risk event as Accepted to mark all current and future instances of the risk event as Accepted within a specified time period.

April 8, 2024 — For customers that have updated to the Foundation Services release, Trend Vision One now offers the option to enable multi-factor authentication (MFA) for enhanced security. With MFA, users are required to provide multiple forms of verification before they can sign in to the console or perform response or IAM actions.

For more information, see Enabling and configuring multi-factor authentication.

March 28, 2024 — Accounts and Template Scanner Public APIs for Cloud Posture now available on Trend Vision One Automation Center. See the Automation Center for more information.