May 2024

May 31, 2024 — Endpoint Security now includes Runtime Proxy Settings, enabling the ability to create and manage proxy policies with detailed settings which can be applied to different endpoint groups.

Runtime Proxy Policies allow you to assign endpoint groups to connect to specific Service Gateways or different third-party proxies based on the needs of your environment. Additionally, you can now separately configure proxies for use during agent deployment and installation.

May 31, 2024 — Customers can select which connected TippingPoint SMS to display for policy recommendations and configuration. Intrusion Prevention Configuration is supported on all connected SMS appliances. Information and policy tuning options for the SMS you select is displayed on the Policy Recommendations page.

For more information, see Intrusion Prevention Configuration.

May 28, 2024 — Identity Posture, part of the Identity Security app group, is now in public preview. Discover enhanced identity management plus monitoring, reporting, and security controls. Protect your organization's identity infrastructure with the help of detailed information on identity attack surface, identity behaviors, attack detections, and more. For more information, see Identity Posture.

May 27, 2024—Case Management now supports two-way sync of case status and priority changes with ServiceNow.

For more information, see Configure ServiceNow ITSM to enable the Trend Vision One for ServiceNow Ticketing System.

May 27, 2024 — To facilitate a higher-level overview, the Exposure, Attack, and Security Configuration Overview tabs in Executive Dashboard have been simplified to display current risk levels and risk scores for each category. In Risk Overview, view each category's contribution to the Risk Index at a glance, and get additional information about contributing risk factors and events from Risk Event Overview. Go to the tab for each risk category to quickly view the category's current risk level, and see contributing risk factors to more quickly prioritize risk reduction actions.

May 21, 2024 — Trend Vision One now extends its robust asset visibility capabilities to include more comprehensive data asset support. This update introduces more data asset types, including more network and cloud assets, as well as message data. Building on the existing management scope for endpoints, containers, mobile devices, accounts, unmanaged devices, Private Access Connectors and Internet Access Gateways, and web gateways, the latest update ensures that all critical data points are covered, providing a holistic view of the organization's asset landscape. This enhancement is particularly beneficial for large enterprises that require detailed, segmented visibility to manage multiple regions or teams effectively.

For more information, see Adding an asset visibility scope.

May 20, 2024 — Zero Trust Secure Access Internet Access now offers support for the AWS Europe (Spain) region. Users in the region may configure their service FQDNs to reflect the new location. For more information on available PoP sites for the Internet Access Cloud Gateway, see Port and FQDN/IP address requirements.

May 20, 2024 — Security Playbooks now includes Risk Event Response playbooks, a new feature designed to help you respond to new and ongoing risk events detected in your environment. You can set up the playbooks to respond to or send notifications about the risk events associated with all risk factors identified in Operations Dashboard, with the exception of XDR detection. For XDR detection related risk events, configure Automated Response Playbooks to enable automatic actions in response to high-priority alerts in Workbench.

For more information, see Creating Risk Event Response playbooks.

May 20, 2024—Users can now configure update settings for Virtual Network Sensor through Network Inventory, whether you want to update manually or create a schedule for automatic updates.

May 20, 2024 — For customers with expired Cloud App Security licenses, you can now have access to Cloud Email and Collaboration Protection in Trend Vision One if you have valid entitlement.

May 20, 2024 — For the mailboxes skipped in the manual scan report for Exchange Online, Cloud Email and Collaboration Protection shows you not only the mailboxes that you can rescan but also the mailboxes that cannot be scanned as well as the related reasons.

May 20, 2024 — For customers with a Delegate Account for Exchange Online, SharePoint Online, or OneDrive, you can now update your Cloud App Security to Cloud Email and Collaboration Protection in Trend Vision One. After the update, you can migrate your SharePoint Online and OneDrive Delegate Account to an Authorized Account. For Exchange Online, you can update to an Authorized Account by removing the Delegate Account and granting accessing using an Authorized Account.

May 20, 2024 — Due to enhancements in policy object features in Cloud Email Gateway Protection, you may now add descriptions for email addresses in address groups. Use email address descriptions to help better identify and manage email addresses.

May 20, 2024 — To speed up your search for policy event logs using threat names, Cloud Email Gateway Protection automatically displays the popular threats or top threats detected in your environment, such as quishing.

May 13, 2024—Connecting to Network Security allows Deep Discovery Inspector version 6.7 SP1 and later to synchronization the Suspicious Object List directly with Trend Vision One. The Suspicious Object List Synchronization service is no longer required to be enabled on your Service Gateway when connecting as a proxy or using the Service Gateway as a service source.

May 13, 2024—Threat Insights offers the following new features:

• CVE threat intelligence: Search all trending curated CVEs that are enriched with comprehensive content.
• Threat categorization: Enhance the relevance of threat intelligence to your security environment by viewing emerging threats and threat actors in separate tabs.
• XDR & Attack Surface Risk Management synergy: Leverage threat intelligence gathered from various Trend Vision One apps for a more comprehensive look at how emerging threats and threat actors may affect your own environment.

For more information, see Threat Insights.

May 8, 2024—Gain a better understanding of the events and executed commands detected in Observed Attack Techniques with the help of Trend Vision One - Companion.

For more information, see Observed Attack Techniques.

May 8, 2024 — Cloud Posture now supports Real-Time Posture Monitoring previously titled Real-Time Threat Monitoring (RTM) for AWS accounts connected through the Cloud Accounts app. You can enable Real-Time Posture Monitoring while connecting a new AWS account and organization or turn the feature on for existing AWS accounts or organizations.

May 7, 2024 — The auto-detect agent installer for Server & Workload Protection has significantly enhanced the system's accuracy and reliability. These improvements resolve the "system compatibility issue" error for users who are experiencing this error despite having compatible systems. If you are experiencing the same issue, use the latest auto-detect installer to re-install the agent on affected endpoints.

May 6, 2024 — Container Security now supports proxy for Amazon ECS instances, providing a secure way to connect to the Trend Vision One backend.

May 6, 2024 — Vulnerability Assessment enhancements now allow the service to collect information on Red Hat Enterprise Linux 8 modules and Red Hat Enterprise Linux 9 containers. The expanded capabilities enable more comprehensive visibility and granular analysis, strengthening your container security and allowing you to more effectively prioritize risks. For more information, see Vulnerability Assessment supported operating systems.

May 6, 2024 — The Monitoring/Scanning and Network Resources screen are now accessible from the navigation pane. Go to Network Security → Network Analysis Configuration and choose Monitoring / Scanning or Network Resources.

May 6, 2024 — Network Sensor for TippingPoint is now available for pre-release preview. The feature can be enabled on supported TippingPoint TXE-series appliances in Network Inventory.

Network Sensor for TippingPoint TXE-series appliances combines network intrusion detection prevention capabilities with in-depth visibility for unknown and targeted attacks even into encrypted network traffic. Combined with Trend Vision One detection and response capabilities, Network Sensor for TippingPoint helps create a complete network intrusion prevention solution.

Network Security → Network Inventory → TippingPoint.

May 6, 2024—You can now create custom models that include filters for Identity and Access Activity Data in Detection Model Management.

For more information, see Configuring a custom model.

May 6, 2024 — Cloud Posture Assessment is out of preview and now officially available. This feature is free for all Trend Vision One users, allowing you to scan your cloud assets and accounts—including AWS accounts, Azure subscriptions, and Google Cloud projects—against widely recognized standards and frameworks.

For more information, see Cloud Posture Assessment.

May 6, 2024 — View daily point increases and decreases of the Risk Index along with contributing risk factors now by hovering on the Risk Index graph in Executive Dashboard. Coming in June, clicking through to Operations Dashboard will take you to in-depth details on daily contributing risk events. Details now available for the Risk Index in Executive Dashboard include a breakdown of the points each risk factor has added or subtracted from the Risk Index since the previous day. In June, you may view all daily contributing risk events, including those that were resolved or mitigated, organized by risk factor. Use the detailed information provided to better understand your security posture and help prioritize risks in your environment.