Views:

Manage the detection models and filters TrendAI Vision One™ uses to detect events and trigger alerts.

Detection Model Management (Agentic SIEM & XDRDetection Model Management) enables you to configure how TrendAI Vision One™ detects events in Observed Attack Techniques and generates alerts in Workbench.
The detection models combine multiple rules and filters using a variety of analysis techniques including data stacking and machine learning.
TrendAI™ refines and adds detection models and filters to improve threat detection capabilities and reduce false positive alerts on a regular basis.
The following table outlines the tabs available in Detection Model Management:
Tab
Description
Detection Models
View all predefined detection models provided by TrendAI Vision One™
Custom Models
  • Create, manage, edit, import, and export custom detection models
  • Filter custom detection models by severity, status, and time of last update
  • Search for custom detection models by model ID, name, or filters
Custom Filters
  • Create, manage, edit, import, and export custom filters
  • Filter custom filters by risk level, event type, and time of last update
  • Search for custom filters by filter ID, name, or query
Exceptions
  • Add, manage, and edit exceptions to detection models
  • Search for exceptions by name or criteria
Related information