November 2024

November 29—To streamline your risk reduction workflows, in Case Management you can now assign priority and ownership to cases containing risk events from Operations Dashboard. When you open a case in Operations Dashboard, you can choose which third-party ticketing system, webhook channel, or email address to notify.

November 29, 2024—You can now access the new Cloud Posture public APIs for Configurations & Reports through the Trend Vision One Automation Center.

November 29, 2024—CPU usage control is now available for Server & Workload Protection agents version 20.0.1-4540 and later. Use the feature to limit the impact of Anti-Malware Scans and Activity Monitoring on your endpoint or server processing resources.

November 29, 2024—Standard Endpoint Protection, Server & Workload Protection, and Endpoint Sensor now support Windows 11 (24H2) operation system. For details on supported Windows platforms, see Trend Vision One agent system requirements.

November 25, 2024—When closing a case associated with an insight, users can close all Workbench alerts for the insight. These related alerts can inherit the case findings if they do not already have findings. Alerts with existing findings keep those findings.

November 25, 2024—XDR for Cloud now integrates with Amazon Security Lake, allowing customers to send their Security Lake data to Trend Vision One. Connect Trend Vision One to your Amazon Security Lake to forward your CloudTrail Logs, VPC Flow Logs, WAF Logs, EKS Audit Logs, Route53 Resolver Query Logs, and SecurityHub Findings. Get actionable insight into your environment with XDR detection models that alert you about malicious and suspicious activity happening in your cloud resources, services, and network.

November 25, 2024 — Alibaba Cloud is now a supported service provider for cloud assets in Attack Surface Risk Management and Cloud Security, enhancing your cloud posture monitoring capabilities. To monitor Alibaba Cloud accounts, add your Alibaba Cloud account in Cloud Accounts.

November 18, 2024 — Pay only for what you use with consumption-based billing, available for customers who purchase a Trend Vision One pay-as-you-go contract from AWS Marketplace. The following offerings currently support pay-as-you-go, in addition to credit-based licensing:

• Attack Surface Risk Management for Cloud
• Container Security
• File Security Storage

For more information, see Pay-As-You-Go.

November 18, 2024—Create custom detection filters with the MESSAGE_ACTIVITY event type and COLLABORATION_ACTIVITY event ID to enhance email and collaboration activity detections.

For more information, see Email and Collaboration Activity Data.

November 18, 2024—You can now add custom tags to Trend Vision One resources deployed to your AWS accounts using the Cloud Accounts app. Use custom tags help support cost tracking, automation, and other downstream workflows that rely on AWS tags. The feature supports tagging resources deployed using CloudFromation.

November 18, 2024—The Zero Trust Secure Access - Internet Access On-premises Gateway now integrates the Smart Protection Network Proxy for SPN-related service connections. This reduces the number of FQDN items required for firewall exceptions. For more details refer to Firewall exception requirements for Trend Vision One .

November 15, 2024 — Administrators can now choose to include anomaly detections in both one-time and scheduled reports. The report will show the total number of anomalies detected by Correlated Intelligence, provide a summary of these anomalies for each supported service, and highlight the top 5 senders and recipients of emails containing anomalies.

November 15, 2024 — Cloud Email and Collaboration Protection enhances the access token re-creation process for Box, Dropbox, and Google Drive. Previously, access tokens can only be re-created using the same administrator of the current service account. Customers now are able to re-create access tokens with a different administrator, which is particularly useful when there are changes in team members.

To ensure that quarantined files can be managed by the new administrator, Cloud Email and Collaboration Protection also provides a guide to help customers transfer all existing quarantined files from the original administrator’s quarantine folder to the new administrator’s folder.

November 15, 2024 — Cloud Email and Collaboration Protection enhances its automatic recovery capabilities to identify false positive emails in Exchange Online (inline mode) and Gmail (inline mode). It then automatically reverses the Quarantine action, delivering these emails directly to end users’ inboxes.

November 14, 2024—You can now access the resolution information for failing misconfiguration rules within the Trend Vision One Cloud Posture console. For more information, see: Automation Center.

November 13, 2024 — Trend Vision One Container Security now enables you to move Kubernetes clusters between groups in Container Inventory. This facilitates more efficient management of your clusters.

For more information, see Container Inventory.

November 13, 2024 — Trend Vision One Container Security now offers Runtime Malware Scanning to help you detect malicious software in your production containers. This new feature provides scheduled malware scans of running containers and threat detection to identify malware in your production environment. With this release, Container Security ensures comprehensive security coverage throughout your container lifecycle by actively monitoring for both vulnerabilities and malware threats in production workloads.

For more information, see Enabling runtime security and scanning features.

November 6, 2024 — Cloud Email Gateway Protection now allows administrators to query audit logs retained for up to 180 days, instead of the previous 30 days.

November 4, 2024—Visualize potential attack paths attackers could use to reach critical assets and eliminate multiple attack paths in less time with Attack Path Prediction. Now in public preview within Attack Surface Risk Management, Attack Path Inference uses AI technology to identify all risky potential attack paths in your organization, aggregated by asset. See which asset nodes are choke points allowing multiple attack paths to form, and use the suggested steps to remediate the riskiest asset nodes first before an attack takes place.