Views:

Detection Models lists all the detection models that TrendAI Vision One™ provides.

The following table outlines the actions available in Detection Models (Agentic SIEM & XDRDetection Model Management).
Action
Description
Filter detection model data
Use the search and filters to locate specific detection models:
  • Severity: The severity level TrendAI Vision One™ assigns to the model depending on the type of event and MITRE information
  • Applicable products: The products that can apply the model for alert triggering
  • Status: Whether TrendAI Vision One™ triggers alerts for the model
  • Last updated: When TrendAI™ last updated the model
For more information, see Detection model data.
Enable detection models
Enable or disable detection models for your organization based on your security requirements.
  • Hover over the Status to view the required products for enabling the specific model.
  • Click to enable or disable the Status.
Note
Note
TrendAI Vision One™ automatically enables all detection models if you have required products connected. As you add more supported products to your environment, TrendAI Vision One™ automatically enables the newly-supported alert triggers.
Note
Note
Threat Intelligence Sweeping, enabled by default, is a predefined detection model which supports alert triggers for intelligence-driven sweeping tasks.
For more information about sweeping tasks, see Intelligence Reports.
Related information