Object-specific actions allow you to directly respond to threats without leaving the Trend Vision One console.
You can take specific actions on events or objects found on the Trend Vision One console. After triggering a response, the Response Management app creates a task
and sends the command to the target.
Endpoint
|
Action
|
Description
|
Supporting Services
|
||||
|
Dump Process Memory
|
Directly accesses an endpoint and executes remote shell
commands to identify currently running processes that may be causing suspicious activity
during an investigation
|
|
||||
|
Isolate Endpoint
|
Disconnects the target endpoint from the network, except for
communication with the managing Trend Micro server product
For more information, see Isolate Endpoint task.
|
|
||||
|
Restore Connection
|
Restores network connectivity to an endpoint that already applied the
Isolate Endpoint action
For more information, see Restore Connection task.
|
|
||||
|
Start Remote Shell Session
|
Connects to a monitored endpoint and allows you
to execute remote commands or a custom script file for investigation
For more information, see Start Remote Shell Session task.
|
|
||||
|
Scan for Malware
|
Performs a one-time scan on one or more endpoints for file-based threats such as viruses,
spyware, and grayware. For more information, see .
|
|
