Views:

Learn which resources are deployed in your Azure environment for each Trend Vision One feature that you can enable on an Azure subscription.

Feature name
Services deployed (number)
Core features and Cyber Risk Exposure Management
Resources:
  • App Registration (1)
  • Federated Credential (1)
  • Applications (1)
  • Role and Role Assignments of the Service Principal (1)
Agentless Vulnerability & Threat Detection
Resource Groups:
  • resource group (1 common)
  • resource group (3, one each for US/AS/EU)
IAM and Security:
  • custom role (1 for Sentry)
  • role assignment (32 per region)
Key Vault
  • key vault (1)
  • key vault access policy (1 for primary location, 2 per region)
  • key vault secret (2 for primary location)
Storage
  • storage account (1 per region)
  • storage container (3 per region)
  • storage blob (21 per region)
  • storage queue (8 per region)
  • storage table (1 per region)
  • storage share (2 per region)
  • storage management policy (1 per region)
Service Bus
  • servicebus namespace (1 per region)
  • servicebus queue (1 dispatcher for primary location, 3 per region)
App Services
  • service plan (1 dispatcher and 1 secret token rotator for primary location, 6 per region)
  • linux function app (1 dispatcher for primary location, 16 per region)
Virtual Machines
  • virtual machine (3 per region when disks are available for scanning)
Real-Time Posture Monitoring
Azure resources:
  • Resource Group (1)
  • Logic App Workflow (1)
  • Logic App HTTP Request Trigger (1)
  • Monitor Action Group (1)
  • Monitor Activity Log Alert (1)
Data Security Posture
Terraform resources:
  • azurerm_network_security_group
  • azurerm_network_security_rule
  • azurerm_resource_group
  • azurerm_automation_account
  • azurerm_role_assignment
  • azurerm_automation_webhook
  • azurerm_monitor_action_group
  • azurerm_automation_python3_package
  • azurerm_automation_runbook
  • azurerm_automation_job_schedule
  • azurerm_public_ip
  • azurerm_subnet
  • azurerm_subnet_network_security_group_association
  • azurerm_bastion_host
Microsoft Defender for Endpoint Log Collection
Azure resources:
  • Resource Groups (1)
  • Event Hubs Namespace (1)
  • Event Hubs (1)
  • App Service Plans (1)
  • Function Apps (6)
  • Application Insights (6)
  • Log Analytics Workspaces (1)
  • Key Vault (1)
  • Key Vault Secrets (3)
  • Storage Accounts (1)
  • Storage Tables (1)
  • Storage Containers (1)
  • Role Assignments (12)
  • Azure AD App Role Assignments (7)
Cloud Detections for Azure Activity Log
Azure resources:
  • Resource Groups (1)
  • Event Hubs Namespace (1)
  • Event Hubs (1)
  • App Service Plans (1)
  • Function Apps (3)
  • Application Insights (3)
  • Log Analytics Workspaces (1)
  • Key Vault (1)
  • Key Vault Secrets (2)
  • Storage Accounts (1)
  • Storage Tables (1)
  • Storage Queues (1)
  • Storage Containers (1)
  • Role Assignments (8)