Views:

Version control policies now available for preview

October 31, 2024—Version control policies for Trend Endpoint Security provides policy-based management of agent and component updates in a centralized location. Additionally, Trend Micro delivers enhanced stability of the Trend Endpoint Agent through selective testing and staged rollouts, reducing risks and ensuring compatibility with your security environment.
Endpoint SecurityEndpoint Security ConfigurationVersion Control Policies

Cloud Posture Events and Groups Public APIs now available on Trend Vision One Automation Center

October 31, 2024—You can now access the new Cloud Posture public APIs for Events and Groups through the Trend Vision One Automation Center.
Cloud OverviewCloud Posture

CIS OpenShift benchmark scanning now available

October 31, 2024 — Trend Vision One – Container Security now supports compliance scanning with CIS benchmarks in your Red Hat OpenShift clusters. Assess and guarantee adherence to industry-leading security standards effortlessly, enhancing your OpenShift security posture.
For more information, see Compliance.
Cloud SecurityContainer SecurityContainer Protection

Identity Posture Assessment now available

October 28, 2024 — Cyber Risk Assessment is introducing Identity Posture Assessment, a new complimentary feature for all users. This feature allows you to scan your organization's identity-related assets to detect the assets that might be exposed to attack and identify risk events that most put your assets at risk.
For more information, see Identity Posture Assessment.
AssessmentCyber Risk Assessment

New security dashboard template: Cyber Insurance

October 28, 2024 — Streamline your insurance application process with our new Cyber Insurance security dashboard template. This template summarizes critical cybersecurity data required by insurance carriers, aggregating essential security control metrics to help businesses effectively demonstrate their cybersecurity posture.
Dashboards and ReportsSecurity Dashboard

Virtual Network Sensor now supports Service Gateway as a proxy

November 13, 2024—The Virtual Network Sensor now supports connecting to Trend Vision One using a Service Gateway as a proxy. Additionally, you can set custom proxy settings if you prefer to connect your Virtual Network Sensor using a third-party proxy. Update to the latest version of Virtual Network Sensor to use this capability.
Network SecurityNetwork Inventory

Find recommended trusted domains and service sources in Network Analysis Configuration

October 28, 2024—Attack Surface Discovery, part of Attack Surface Risk Management, is able to analyze your network and recommend domains and IP addresses to add as assets. You many now use this process to discover recommended domains and service sources to add to the Trusted Domains and Trusted Service Sources lists in Network Resources. Click Add Recommendations in the corresponding tab to discover the assets and choose whether to add them to a trusted list.
Network SecurityNetwork Analysis ConfigurationNetwork Resources

Four more predefined conditions available in Correlated Intelligence in Cloud Email and Collaboration Protection

October 25, 2024 — Cloud Email and Collaboration Protection supports four more predefined conditions for defining custom detection signals in Correlated Intelligence. The conditions check the Reply-To domain activity, the Reply-To address activity, the URL domain registration age in email, and the sender address for anomaly detection in the customer’s environment.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Enhanced Correlated Intelligence monitoring for existing ATP policies in Cloud Email and Collaboration Protection

October 25, 2024 — Cloud Email and Collaboration Protection enhances the monitoring of Correlated Intelligence detections without disrupting your email flow. This update automatically enables the Correlated Intelligence filter for policies where this filter is currently disabled, allowing you to keep track of Correlated Intelligence detections seamlessly while maintaining smooth email operations. Specifically,
  • For existing policies without Correlated Intelligence enabled, the action for Security Risks is set to Pass, and “All pre-defined rules” is selected for anomalies with the action set to Pass.
  • For existing policies with Correlated Intelligence enabled, no changes are made to the action for Security Risks. However, if “Specified pre-defined rules” was selected for anomalies with no rules specified, it is changed to “All pre-defined rules” with the action set to Pass.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Automatic recovery of false positive emails marked for deletion in Exchange Online and Gmail in Cloud Email and Collaboration Protection

October 25, 2024 — Cloud Email and Collaboration Protection extends its capabilities to identify false positive emails detected by Advanced Spam Protection, Web Reputation, and Correlated Intelligence, and then automatically restore false positive emails marked for deletion in end users’ “Recoverable Items > Deletions” folder in Exchange Online and the “Trash” folder in Gmail.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Access token re-creation for Dropbox and Google Drive service accounts in Cloud Email and Collaboration Protection

October 25, 2024 — Cloud Email and Collaboration Protection provides an option for administrators to re-create access tokens for the Dropbox and Google Drive service accounts when the current tokens become invalid or you want to refresh the existing token.
Email and Collaboration SecurityCloud Email and Collaboration Protection

Enhanced Automated Response Playbooks: Response Actions for AWS Accounts and Containers

October 23, 2024 — Automated Response Playbooks now offer expanded capabilities with new response actions. You can select the Revoke Access Permission action to revoke access permissions of IAM users with potentially compromised AWS accounts, applicable to accounts with Cloud Response for AWS enabled. Additionally, you can now choose the Isolate Container or Terminate Container actions to manage container security effectively.
For more information, see Creating Automated Response Playbooks.
Workflow and AutomationSecurity Playbooks

Cloud Posture moving to Cloud Security app group

October 28, 2024—On December 2nd, 2024, Cloud Posture will be fully relocated to the new Cloud Security app group, where you can get a unified view of your cloud resources and security. Until that date, you may access Cloud Posture from within the Attack Surface Risk Management app group or in the new Cloud Security app group.
Cloud SecurityCloud Posture

Cloud Posture includes Cloud Infrastructure Entitlement Management (CIEM)

October 21, 2024—Get central visibility of your cloud entitlements and related risks in Cloud Posture. With over 200 different types of cloud resources currently available, cloud operations and security teams are increasingly challenges by the complexity of cloud infrastructure entitlement management.
A dedicated entitlements tab in Cloud Overview now gives users centralized visibility into cloud identities and related risks. Take action and focus remediation efforts based on prioritized risks, including risky identity types, identity misconfigurations, and potential attack paths. To learn more, see Entitlements.
Attack Surface Risk ManagementCloud PostureCloud Overview

Assess for and view all CVEs in Attack Surface Risk Management

October 21, 2024—The Detected Vulnerabilities widget in Exposure Overview now displays CVEs by impact level, including detected low-impact CVEs. New widgets in Operations Dashboard allow you to filter CVEs by high, medium, and low impact. To learn more about how CVE impact scores are calculated, see CVE impact score.
Attack Surface Risk ManagementOperations Dashboard
Attack Surface Risk ManagementExecutive Dashboard

View All CVEs for Containers, Cloud VMs, and Serverless Functions

October 21, 2024—Attack Surface Risk Management prioritizes the most critical vulnerabilities across your entire attack surface, allowing you to focus your remediation efforts. However, visibility into lower impact CVEs is now available for containers, cloud VMs, and serverless functions, providing you the vulnerability information you needs for compliance or internal audits. View lower impact CVEs in the Vulnerabilities section of Operations Dashboard or Exposure Overview in Executive Dashboard.
Attack Surface Risk ManagementOperations Dashboard
Attack Surface Risk ManagementExecutive Dashboard

Proxy support for TippingPoint Network Sensor

October 16, 2024 — Network Inventory now supports the option to connect your TippingPoint Network Sensor to Trend Vision One through a proxy. This configuration option is available only when you enable TippingPoint Network Sensor.
For more information, see Enabling Network Sensor for TippingPoint.
Network SecurityNetwork InventoryTippingPoint

Cloud Accounts now supports excluding accounts when connecting AWS organizations

October 14, 2024—You can now specify accounts to exclude when connecting or updating AWS Organizations in the Cloud Accounts app. This feature can be used to exclude certain accounts from being monitored by Trend Vision One, or to allow connecting excluded accounts individually to set up feature and account configurations different from the organization.
Service ManagementCloud Accounts

Create cluster-managed policies in Container Security

October 9, 2024—You can now interact directly with the Kubernetes API to create and manage Container Security cluster-managed policies and rulesets within your Kubernetes clusters. This integration facilitates seamless deployment of Container Security policies and rulesets with your GitOps workflows.
For more information, see Cluster-managed policies.
Cloud SecurityContainer SecurityContainer Inventory

Container Image Scanning now viewable from the Trend Vision One console

October 9, 2024—Container Security now supports access to detailed results and statistics for scanned artifacts on the Container Image Scanning page from the Trend Vision One console. View the scan results of registry image artifacts for vulnerabilities, malware, and secrets within your continuous integration (CI) or continuous delivery (CD) pipeline.
For information, see Container Image Scanning.
Cloud SecurityContainer SecurityContainer Protection

View Risk Subindex per asset group in Attack Surface Risk Management

October 8, 2024—Executive Dashboard now supports the ability to view and compare the Risk Index for specific subsets of assets. For example, you can monitor risk per business unit, region, information system, and more to determine which subset requires attention. To see the Risk Subindex, you must first build an asset grouping structure in Asset Group Management and allocate tag values to assets groups of either "Attack Surface Discovery" or "Tag Inventory App". For more information, see Risk Overview.
Attack Surface Risk ManagementExecutive Dashboard

Endpoint Inventory page view enhancements

October 8, 2024—Endpoint Inventory now features two new features to enhance navigating the inventory list.
  • You can now navigate between pages by typing the exact page you want to view with the page navigation input box.
  • If your organization has more than 200 endpoints in your inventory, you can increase the per page view to 500 and 1000 endpoints per page.
Endpoint SecurityEndpoint Inventory

Define the structure of your organization with Asset Group Management

October 8, 2024 — The new Asset Group Management app is now available in public preview. In Asset Group Management, you can create groups of assets, designate tag values for the new Asset group tag, and assign a tag value to each asset group. By enabling you to analyze and manage specific subsets of assets, asset groups streamline your asset management and provide a foundation for powerful new features on the Trend Vision One platform.
For more information, see Asset Group Management.
Service ManagementAsset Group Management

Send to sandbox for Virtual Network Sensor officially released

October 1, 2024—The send to sandbox feature for Virtual Network Sensor is now officially released. Send to sandbox is a paid feature and requires 2000 credits for every 500 Mbps of traffic scanned.
Network SecurityNetwork Inventory