Views:

Enable cloud security features and permissions to give Trend Vision One greater visibility and protection over your cloud assets.

Enabling the Cloud Account features and permissions on your AWS accounts allows various Trend Vision One apps and security features to access your cloud account and gain greater visibility over assets and monitor for potential threats. Each feature and permission is described in the table below.
Important
Important
  • Some features support a limited number of AWS regions. For more information, see AWS supported regions and limitations.
  • Agentless Vulnerability & Threat Detection is a pre-release sub-feature and is not part of the existing features of an official commercial or general release. Please review the Pre-release Sub-Feature Disclaimer before using the sub-features.
  • For accounts managed by AWS organizations, Cloud Accounts currently only supports enabling the following features:
    • Core features
    • Container Protection for Amazon ECS
Feature
Description
Core Features
The core set of features and permissions required to connect your AWS account
Core features enable you to connect your AWS account to Trend Vision One to discover your cloud assets and rapidly identify risks such as compliance and security best practice violations on your cloud infrastructure.
Note
Note
Core features are required to connect your AWS account and cannot be disabled. If you need to disconnect your account, see AWS accounts
Agentless Vulnerability & Threat Detection
The feature and permission set to enable Attack Surface Risk Management (ASRM) capabilities for your account
This feature set allows Trend Vision One to deploy Agentless Vulnerability & Threat Detection in your AWS account to discover vulnerabilities in your Amazon EC2 instances with zero impact to your applications.
Container Protection for Amazon ECS
The feature and permission set to view and protect your containers
This feature set allows Container Security to connect and deploy components to your AWS account to protect your containers and container images in Elastic Container Service (ECS) environments.
Important
Important
  • As of November 2023, AWS private and freemium accounts only allow a maximum of 10 Lambda executions. Container Protection deployment requires at least 20 concurrent Lambda executions. Please verify your AWS account status before enabling this feature.
  • At this time, the ECS runtime vulnerability scanning feature does not support scanning ECR images installed on AWS accounts where Container Security is not installed.
For more information, see Container Security.
Cloud Detections for AWS CloudTrail
The feature and permission set to enable Cloud Audit Log Monitoring for your account
This feature set enables XDR monitoring of your cloud account to gain actionable insight into user, service, and resource activity with detection models identifying activity such as privilege escalation, password modification, and other attack techniques. Detections generated by this feature can be viewed in the Search and Workbench apps.
This feature requires additional configuration of your CloudTrail settings. For more information, see CloudTrail configuration.
Note
Note
Cloud Detections requires credits to use. Click the Credit Settings icon (gear-icon.png) to manage credit allocation.
Cloud Response for AWS
The feature and permission set to allow response actions for your account
This feature set allows Trend Vision One permission to take response actions to contain incidents within your cloud account, such as revoking access for suspicious IAM users. Additional response actions leverage integration with third party ticketing systems. Response actions can be taken from the context menu in the Workbench app.
This feature requires enabling Cloud Detections for AWS CloudTrail for your account.
File Security Storage
The feature and permission set to allow the File Security app to monitor and scan files and cloud storage
This feature allows Trend Vision One permission to view and scan files and cloud objects within your cloud storage to search for and detect possible malware. For more information, see File Security.
Real-Time Posture Monitoring
The feature and permission set to enable Real-Time Posture Monitoring for the Cloud Posture app
This feature allows Trend Vision One permission to monitor your cloud account to provide live monitoring with instant threat and remediation alerts for activities and events within your cloud environment. For more information, see Real-Time Posture Monitoring.
This feature requires enabling Cloud Detections for AWS CloudTrail for your account.