Views:

Enable cloud security features and permissions to give Trend Vision One greater visibility and protection over your cloud assets.

Enabling the Cloud Account features and permissions on your AWS accounts allows various Trend Vision One apps and security features to access your cloud account and gain greater visibility over assets and monitor for potential threats. Each feature and permission is described in the table below.
Important
Important
  • Some features support a limited number of AWS regions. For more information, see AWS supported regions and limitations.
  • Agentless Vulnerability & Threat Detection is a pre-release sub-feature and is not part of the existing features of an official commercial or general release. Please review the Pre-release Sub-Feature Disclaimer before using the sub-features.
  • For accounts managed by AWS organizations, Cloud Accounts currently only supports enabling the following features:
    • Core features
Feature
Description
Core Features
The core set of features and permissions required to connect your AWS account
Core features enable you to connect your AWS account to Trend Vision One to discover your cloud assets and rapidly identify risks such as compliance and security best practice violations on your cloud infrastructure.
Note
Note
Core features are required to connect your AWS account and cannot be disabled. If you need to disconnect your account, see AWS accounts
Agentless Vulnerability & Threat Detection
The feature and permission set to enable Attack Surface Risk Management (ASRM) capabilities for your account
This feature set allows Trend Vision One to deploy Agentless Vulnerability & Threat Detection in your AWS account to discover vulnerabilities in your Amazon EC2 instances with zero impact to your applications.
Cloud Detections for AWS CloudTrail
The feature and permission set to enable Cloud Audit Log Monitoring for your account
This feature set enables XDR monitoring of your cloud account to gain actionable insight into user, service, and resource activity with detection models identifying activity such as privilege escalation, password modification, and other attack techniques. Detections generated by this feature can be viewed in the Search and Workbench apps.
This feature requires additional configuration of your CloudTrail settings. For more information, see CloudTrail configuration.
Note
Note
Cloud Detections requires credits to use. Click the Credit Settings icon (gear-icon.png) to manage credit allocation.
Cloud Response for AWS
The feature and permission set to allow response actions for your account
This feature set allows Trend Vision One permission to take response actions to contain incidents within your cloud account, such as revoking access for suspicious IAM users. Additional response actions leverage integration with third party ticketing systems. Response actions can be taken from the context menu in the Workbench app.
This feature requires enabling Cloud Detections for AWS CloudTrail for your account.
File Security Storage
The feature and permission set to allow the File Security app to monitor and scan files and cloud storage
This feature allows Trend Vision One permission to view and scan files and cloud objects within your cloud storage to search for and detect possible malware. For more information, see .
Real-Time Posture Monitoring
The feature and permission set to enable Real-Time Posture Monitoring for the Cloud Posture app
This feature allows Trend Vision One permission to monitor your cloud account to provide live monitoring with instant threat and remediation alerts for activities and events within your cloud environment. For more information, see .
This feature requires enabling Cloud Detections for AWS CloudTrail for your account.
Related information