Respond quickly to security incidents, conduct compromise assessments, threat hunting, and monitoring.
 |
ImportantThis feature is not available in all regions.
|
Forensics () allows you to conduct security investigations. From the Trend Vision One console,
you can gather digital evidence from endpoints, organize collected data within workspaces,
and quickly triage endpoints using YARA and osquery.
The following table outlines the sections available in Forensics.
|
Section
|
Description
|
|
Create, modify, or delete workspaces to organize the collected
evidence and conduct incident investigations.
|
|
|
Collect and manage digital evidence from the endpoints in your environment.
|
|
|
Monitor the status of tasks generated within the Forensics app, such as
evidence collection.
|