Views:

Enhanced reports with anomaly detection information in Cloud Email and Collaboration Protection

November 15, 2024 — Administrators can now choose to include anomaly detections in both one-time and scheduled reports. The report will show the total number of anomalies detected by Correlated Intelligence, provide a summary of these anomalies for each supported service, and highlight the top 5 senders and recipients of emails containing anomalies.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Access token re-creation with a different admin for collaboration services in Cloud Email and Collaboration Protection

November 15, 2024 — Cloud Email and Collaboration Protection enhances the access token re-creation process for Box, Dropbox, and Google Drive. Previously, access tokens can only be re-created using the same administrator of the current service account. Customers now are able to re-create access tokens with a different administrator, which is particularly useful when there are changes in team members.
To ensure that quarantined files can be managed by the new administrator, Cloud Email and Collaboration Protection also provides a guide to help customers transfer all existing quarantined files from the original administrator’s quarantine folder to the new administrator’s folder.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Automatic recovery of false positive emails in Exchange Online (inline mode) and Gmail (inline mode) in Cloud Email and Collaboration Protection

November 15, 2024 — Cloud Email and Collaboration Protection enhances its automatic recovery capabilities to identify false positive emails in Exchange Online (inline mode) and Gmail (inline mode). It then automatically reverses the Quarantine action, delivering these emails directly to end users’ inboxes.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Extended Audit Log Query Period in Cloud Email Gateway Protection

November 6, 2024 — Cloud Email Gateway Protection now allows administrators to query audit logs retained for up to 180 days, instead of the previous 30 days.
Email and Collaboration SecurityCloud Email Gateway Protection

Four more predefined conditions available in Correlated Intelligence in Cloud Email and Collaboration Protection

October 25, 2024 — Cloud Email and Collaboration Protection supports four more predefined conditions for defining custom detection signals in Correlated Intelligence. The conditions check the Reply-To domain activity, the Reply-To address activity, the URL domain registration age in email, and the sender address for anomaly detection in the customer’s environment.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Enhanced Correlated Intelligence monitoring for existing ATP policies in Cloud Email and Collaboration Protection

October 25, 2024 — Cloud Email and Collaboration Protection enhances the monitoring of Correlated Intelligence detections without disrupting your email flow. This update automatically enables the Correlated Intelligence filter for policies where this filter is currently disabled, allowing you to keep track of Correlated Intelligence detections seamlessly while maintaining smooth email operations. Specifically,
  • For existing policies without Correlated Intelligence enabled, the action for Security Risks is set to Pass, and “All pre-defined rules” is selected for anomalies with the action set to Pass.
  • For existing policies with Correlated Intelligence enabled, no changes are made to the action for Security Risks. However, if “Specified pre-defined rules” was selected for anomalies with no rules specified, it is changed to “All pre-defined rules” with the action set to Pass.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Automatic recovery of false positive emails marked for deletion in Exchange Online and Gmail in Cloud Email and Collaboration Protection

October 25, 2024 — Cloud Email and Collaboration Protection extends its capabilities to identify false positive emails detected by Advanced Spam Protection, Web Reputation, and Correlated Intelligence, and then automatically restore false positive emails marked for deletion in end users’ “Recoverable Items > Deletions” folder in Exchange Online and the “Trash” folder in Gmail.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Access token re-creation for Dropbox and Google Drive service accounts in Cloud Email and Collaboration Protection

October 25, 2024 — Cloud Email and Collaboration Protection provides an option for administrators to re-create access tokens for the Dropbox and Google Drive service accounts when the current tokens become invalid or you want to refresh the existing token.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Quarantined email preview enhancement in Cloud Email Gateway Protection

October 21, 2024 — Cloud Email Gateway Protection now supports enabling quarantined email preview in quarantine digest templates. This feature allows administrators to decide whether end users can preview quarantined emails in quarantine digests. The quarantine digest preview supports inline actions for improved user interaction, including options to deliver emails or approve senders.
Additionally, enhancements are also made to allow end users and administrators to view HTML-rendered email content in the End User Console or the Quarantine Query Details screen.
Email and Collaboration SecurityCloud Email Gateway Protection

Detection signal customization for Correlated Intelligence in Cloud Email and Collaboration Protection

September 20, 2024 – In addition to predefined detection signals for Correlated Intelligence, Cloud Email and Collaboration Protection allows administrators to define custom signals by using predefined conditions to meet specific security needs. These custom signals can then be incorporated into correlation rules, enhancing the detection capabilities of Cloud Email and Collaboration Protection within their unique environment.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Dashboard configuration checks for Correlated Intelligence in Cloud Email and Collaboration Protection

September 20, 2024 – The Configuration Health tab on the Cloud Email and Collaboration Protection Dashboard is updated to include checks related to Correlated Intelligence, providing administrators with a streamlined overview of their security configurations.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Automatic recovery of false positive emails for Exchange Online and Gmail in Cloud Email and Collaboration Protection

September 20, 2024 – Cloud Email and Collaboration Protection utilizes detection and quarantine logs to identify false positive emails detected by Advanced Spam Protection, Web Reputation, and Correlated Intelligence. It then automatically reverses the Quarantine, Move to Junk Email folder, Move to Spam actions, delivering the emails directly to end users' inboxes. This feature functions without user intervention and is independent of whether Retro Scan & Auto Remediate is activated by administrators in Advanced Spam Protection and Web Reputation settings.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Anomaly detection with predefined correlation rules in Correlated Intelligence in Cloud Email Gateway Protection

September 18, 2024 — In addition to detecting security risks, Correlated Intelligence in Cloud Email Gateway Protection now supports detecting anomalies that deviate from normal behaviors and may require your attention. Based on the organization’s security needs, administrators can enable all or partial predefined correlation rules at three levels of aggressiveness and apply the rules to detect anomalies in Correlated Intelligence policy.
Email and Collaboration SecurityCloud Email Gateway Protection
September 18, 2024 — Cloud Email Gateway Protection provides Email Recovery to retain emails marked for deletion for 14 days. This allows for restoration of emails that were mistakenly deleted before they are permanently purged, which helps ensure your business continuity and reduce the risk of data loss.
Email and Collaboration SecurityCloud Email Gateway Protection

Correlated Intelligence for inbound email threat detection in Cloud Email Gateway Protection

August 21, 2024 — Cloud Email Gateway Protection launches the Correlated Intelligence policy rules for Inbound Protection that can correlate the suspicious signals found across different scanning criteria (such as Virus Scan and Spam Filtering) to enrich threat detection for email services. With Correlated Intelligence capabilities, Cloud Email Gateway Protection also provides the reasons why an email is detected as a threat.
Email and Collaboration SecurityCloud Email Gateway Protection

Automated anomaly detection with pre-defined correlation rules in Correlated Intelligence in Cloud Email and Collaboration Protection

August 18, 2024 – When administrators enable Correlated Intelligence while creating a new ATP policy, Cloud Email and Collaboration Protection automatically applies all pre-defined correlation rules for anomaly detection. These rules are categorized into three levels of aggressiveness, allowing administrators to tailor the enforcement of these rules according to their organization's security needs and email service requirements.
For existing ATP policies, administrators need to manually configure whether to apply all or partial pre-defined rules.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Exchange Online protection enhancement with Microsoft 365 activity data in Cloud Email and Collaboration Protection

August 18, 2024 – Cloud Email and Collaboration Protection enhances its protection capabilities for Exchange Online by integrating user behavior analysis. Organizations that permit access to their Exchange Online data can further enable Cloud Email and Collaboration Protection to read activity data through the Microsoft Graph API and Office 365 Management API.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Custom data period for one-time reports in Cloud Email and Collaboration Protection

August 18, 2024 – Cloud Email and Collaboration Protection provides administrators with the flexibility to select custom time frames, ranging from days to months, for generating data in one-time reports, in addition to the fixed data periods.
Email and Collaboration SecurityCloud Email and Collaboration Protection

More granular security checks for approved senders in Cloud Email Gateway Protection

August 12, 2024 — Cloud Email Gateway Protection adds Bypass Checks for approved senders in Sender Filter Settings. This allows you to determine which scanning criteria in Connection Filtering and Spam Filtering policies you want to apply on emails from approved senders.
Email and Collaboration SecurityCloud Email Gateway Protection

Improved inline action process in quarantine digest notifications in Cloud Email Gateway Protection

August 12, 2024 — When end users click an inline action link in the quarantine digest notification, they're prompted to confirm on a dedicated page. This extra step ensures that actions are only taken with end users’ explicit consent, preventing unexpected access during notification transmission.
Email and Collaboration SecurityCloud Email Gateway Protection

Custom correlation rules for anomaly detection available in Correlated Intelligence in Cloud Email and Collaboration Protection

July 19, 2024 – Besides the Trend Micro predefined correlation rules, administrators can add custom correlation rules based on predefined detection signals to accommodate anomaly detection requirements in their environment. Administrators can apply custom correlation rules into the Correlated Intelligence security filter of ATP policies for Exchange Online and view details about detected anomalies in the Operations screen.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Access grant enhancement to OneDrive, SharePoint Online, and Microsoft Teams in Cloud Email and Collaboration Protection

July 19, 2024 – For OneDrive, SharePoint Online, and Microsoft Teams, Cloud Email and Collaboration Protection enhances the access grant process to remove dependency on Azure Communication Services, which is scheduled to retire in the future. When granting access to the above-mentioned services, administrators do not need to manually grant Cloud Email and Collaboration Protection permissions to receive notifications from Microsoft upon any change to the files on these services.
This enhancement is not available for the US and EU sites in this release.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Create security awareness training campaigns targeting at-risk users in Cloud Email and Collaboration Protection

July 19, 2024 – Administrators can now initiate security awareness campaigns from the following Dashboard widgets to provide training focused specifically on at-risk users: Top 5 Users with Account Takeover Risks, Top 5 High-Risk Email Recipients, and Top 5 Spam and Graymail Recipients. When viewing these users on the widgets, the available operations now include the Create Training Campaign option.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Add to Block List response action available in Cloud Email and Collaboration Protection

July 19, 2024 – Cloud Email and Collaboration Protection offers the Add to Block List response action to the OperationsUser-Reported Emails screen. It allows administrators to add senders in the end user-reported emails to the Suspicious Object List of Trend Vision One.
Cloud Email and Collaboration Protection also supports the following account-based response actions on the Top 5 Users with Account Takeover Risks Dashboard widget: Disable User Account, Force Sign Out, Force Password Reset, Add to Block List
Email and Collaboration SecurityCloud Email and Collaboration Protection

Search by action available for URL click tracking logs in Cloud Email and Collaboration Protection

July 19, 2024 – Cloud Email and Collaboration Protection adds a new search criterion (Action: Restricted) in URL click tracking logs. Using this criterion, administrators are able to filter out URLs with actions "Blocked", "Warned and accessed", and "Warned and stopped”.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Anomaly detection by Correlated Intelligence in Cloud Email and Collaboration Protection

June 21, 2024 — In addition to detecting security risks, Correlated Intelligence in Cloud Email and Collaboration Protection now supports detecting anomalies that deviate from normal behaviors and may require your attention. Cloud Email and Collaboration Protection also provides visibility of anomaly detections, which allows you to have a more comprehensive view of your security landscape.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Official release of Gmail (Inline Mode) in Cloud Email and Collaboration Protection

June 21, 2024 — Cloud Email and Collaboration Protection officially launches Inline Protection for Gmail to scan inbound and outbound emails before they are delivered to their destinations, with no MX record change required. This protection mode blocks threats before they can reach your users' mailboxes and prevents data leakage before it actually takes place.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Classic scheduled reports accessible in Cloud Email and Collaboration Protection

June 21, 2024 — For customers who have updated to Cloud Email and Collaboration Protection, instead of going to the classic console to view your scheduled reports created there, Cloud Email and Collaboration Protection now enables you to access these reports directly from the Trend Vision One console.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Approved URL list for Time-of-Click Protection in Cloud Email and Collaboration Protection

June 21, 2024 — To prevent URLs from being rewritten by Time-of-Click Protection in Web Reputation, Cloud Email and Collaboration Protection now supports defining a list of URLs that can bypass Time-of-Click Protection.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Support for moving user-reported emails to Junk Email folder in Cloud Email and Collaboration Protection

June 21, 2024 — To help automatically removing emails from end users' inboxes that they have reported as spam or phishing through the Cloud Email and Collaboration Protection add-in for Outlook, Cloud Email and Collaboration Protection now provides the option to move these emails to the end users' Junk Email folder.
Email and Collaboration SecurityCloud Email and Collaboration Protection

More granular analysis results for DMARC reports available in Cloud Email Gateway Protection

June 19, 2024 — Cloud Email Gateway Protection allows you to view your DMARC report data by sending source, including email service, hostname, and IP address. Besides, the solution now presents more details from raw DMARC reports in a readable format, enabling you to quickly drill down and identify the threats.
Email and Collaboration SecurityCloud Email Gateway Protection

Notification enhancement in Cloud Email Gateway Protection

June 19, 2024 — Cloud Email Gateway Protection now supports HTML format for system notifications. You can select either predefined or custom style for HTML notifications.
Email and Collaboration SecurityCloud Email Gateway Protection

Cloud Email and Collaboration Protection launches Correlated Intelligence for email threat detection

April 19, 2024 — Cloud Email and Collaboration Protection launches the Correlated Intelligence feature that can correlate the suspicious signals found across different engines (such as Advanced Spam Protection, Web Reputation) to enrich threat detection for email services. With Correlated Intelligence capabilities, Cloud Email and Collaboration Protection also provide the reasons why an email is detected as a threat.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Cloud Email and Collaboration Protection supports quishing detection for PDF attachments

April 19, 2024 — Cloud Email and Collaboration Protection supports scanning QR codes in PDF files attached to emails to detect suspicious URLs. QR code scanning already supports attachments in the format of WEBP, JPG, PNG, BMP, TIFF, or GIF.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Cloud Email Gateway Protection supports quishing detection for PDF attachments

April 19, 2024 — In addition to detect quishing by scanning the QR code images attached or in the email body, Cloud Email Gateway Protection now supports quishing detection for PDF attachments after you have enabled submission of suspicious files with QR codes to Virtual Analyzer.
Email and Collaboration SecurityCloud Email Gateway Protection
April 19, 2024 — Cloud Email and Collaboration Protection displays quishing detection data in the Threat Detection dashboard for you to understand the QR code-based phishing email detections in your environment, including the quishing detections by email service, top 5 quishing email senders, top 5 quishing email recipients, and quishing detections by content type.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Cloud Email Gateway Protection provides granular log search for IP block list matching

April 19, 2024 — When searching the mail tracking logs for mail traffic blocked due to IP block list matching, Cloud Email Gateway Protection allows you to conduct more granular search by separately filtering for sender IPs found in the Blocked IP Address list and the Blocked Country/Region list.
Email and Collaboration SecurityCloud Email Gateway Protection

Cloud Email Gateway Protection supports X-Header insertion for messages matching scan exceptions

April 19, 2024 — Cloud Email Gateway Protection allows you to leverage the action "Insert X-Header" for messages matching scan exceptions in virus scan to meet your specific needs, for example, identify the specific scan exception for subsequent processing.
Email and Collaboration SecurityCloud Email Gateway Protection

Cloud Email and Collaboration Protection supports taking action based on email header fields

March 22, 2024 — In addition to specifying blocked email senders, Cloud Email and Collaboration Protection allows you to define a list of blocked email header fields and specify the action to take on matching emails in Advanced Spam Protection.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Cloud Email and Collaboration Protection supports Dynamic URL scanning for Teams Chat

March 22, 2024 — Cloud Email and Collaboration Protection supports dynamic URL scanning for Teams Chat to further analyzes URLs posted in chats in real-time to detect phishing URLs.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Cloud Email and Collaboration Protection supports Predictive Machine Learning Exception List

March 22, 2024 — Cloud Email and Collaboration Protection allows you to define a list of SHA-1 hash values of files to exclude from scanning by Trend Micro Predictive Machine Learning.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Cloud Email and Collaboration Protection supports reporting emails to administrator-specified mailboxes

March 22, 2024 — Cloud Email and Collaboration Protection provides you the option to allow your end users to report emails through its add-in to mailboxes you have specified. Administrators can easily access the reported emails to analyze, investigate, and take necessary actions.
Email and Collaboration SecurityCloud Email and Collaboration Protection

DMARC Report Analysis available in Cloud Email Gateway Protection

March 20, 2024 — Cloud Email Gateway Protection supports analyzing the DMARC reports for your managed domains. With the report analysis results, you can easily monitor trends and identify anomalies in emails sent on behalf of your managed domains.
Email and Collaboration SecurityCloud Email Gateway Protection

Cloud Email and Collaboration Protection supports turning off computer vision

February 23, 2024 — In the Web Reputation filter, Cloud Email and Collaboration Protection allows you to control whether to use the computer vision techniques for phishing detection. Computer vision clicks suspicious URLs in emails to access web pages and apply AI-based image analysis to detect threats. Previously, computer vision was enabled as long as you turned on Web Reputation.
Email and Collaboration SecurityCloud Email and Collaboration Protection
January 15, 2024 — Trend Vision One provides a centralized and comprehensive solution for your email and collaboration security, offering a streamlined, single-console experience.
  • Email Asset Inventory provides centralized visibility combining your protection managers with dedicated inventory views.
    • Email account inventory, managed by Cloud Email and Collaboration Protection and Email Sensor, highlights noteworthy accounts which require further investigation. You can also quickly review your Exchange Online and Gmail protection status.
    • Email domain inventory, managed by Cloud Email Gateway Protection, provides domain information and your email gateway protection status.
    • Email server inventory provides information about your email servers managed by on-premises protection solutions including ScanMail for Microsoft Exchange and InterScan Messaging Security Virtual Appliance.
  • Email Sensor provides centralized management for your email accounts allowing you to enable or disable XDR detection and response. Enabling email sensor detection and response provides XDR capabilities for email accounts as well as providing cross-layered capabilities covering identity, endpoint, network, and more.
  • Cloud Email and Collaboration Protection provides real-time protection to enhance security with powerful enterprise-class threat and data protection control, including protection against ransomware, phishing, Business Email Compromise (BEC), zero-day and hidden malware, unauthorized transmission of sensitive data, targeted attack user, and account takeover. Cloud Email and Collaboration Protection integrates cloud-to-cloud with the protected applications and services, and leverage both inline and API integration to maintain high availability and administrative functionality, as well as auto-remediation based on the latest pattern updates on incoming, outgoing and internal messages. Cloud Email and Collaboration Protection provides protection for the following cloud email and collaboration applications:
    • Microsoft Office 365 services (Exchange Online, SharePoint Online, OneDrive, Microsoft Teams)
    • Google Workspace (Google Drive, Gmail)
    • Box
    • Dropbox
    For customers with an existing Cloud App Security solution, update to Cloud Email and Collaboration Protection through the Product Instance app to seamlessly integrate with Trend Vision One to manage email and collaboration security within one console, one platform. To learn more, see Update from Cloud App Security.
  • Cloud Email Gateway Protection provides email security at the gateway level through MX record rerouting of inbound messages to block dangerous and unwanted emails before they reach your email servers. In addition to malware scanning, spam detection, and content filtering, Cloud Email Gateway Protection also supports domain-based authentication such as SPF/DKIM/DMARC, directory-based recipient verification, outbound DLP, and email encryption - all configurable through robust policy settings.
    For customers with an existing Trend Email Security solution, update to Cloud Email Gateway Protection to seamlessly integrate with Trend Vision One to manage email gateway security within one console, one platform. To learn more, see Update from Trend Micro Email Security.
October 9, 2023 — Email Account Inventory now provides an overview of how well your organization’s email accounts are protected by Email Sensor and Cloud App Security and allows you to manage protection over the accounts.
Email Account Inventory provides the following central features:
  • Email Account Inventory provides an overview of your organization’s email account inventory and available actions to protect email accounts in your organization. If you have not yet enabled any email solutions, you can set up Email Sensor and Cloud App Security from the inventory.
  • You can enable key features of Cloud App Security and configure policies for unprotected accounts.
  • You can conduct necessary investigations into suspicious account activity.
In addition, the sensor management functionality has moved from Email Account Inventory into a separate menu item.
Email and Collaboration SecurityEmail Asset Inventory