Version control policies now available for preview
October 31, 2024—Version control policies for Trend Endpoint Security provides policy-based
management of agent and component updates in a centralized location. Additionally,
Trend Micro delivers enhanced stability of the Trend Endpoint Agent through selective
testing and staged rollouts, reducing risks and ensuring compatibility with your security
environment.
Cloud Posture Events and Groups Public APIs now available on Trend Vision One Automation Center
October 31, 2024—You can now access the new Cloud Posture public APIs for Events and
Groups through the Trend Vision One Automation Center.
CIS OpenShift benchmark scanning now available
October 31, 2024 — Trend Vision One – Container Security now supports compliance scanning
with CIS benchmarks in your Red Hat OpenShift clusters. Assess and guarantee adherence to industry-leading
security standards effortlessly, enhancing your OpenShift security posture.
For more information, see Compliance.
Identity Posture Assessment now available
October 28, 2024 — Cyber Risk Assessment is introducing Identity Posture Assessment,
a new complimentary feature for all users. This feature allows you to scan your organization's
identity-related assets to detect the assets that might be exposed to attack and identify
risk events that most put your assets at risk.
For more information, see Identity Posture Assessment.
New security dashboard template: Cyber Insurance
October 28, 2024 — Streamline your insurance application process with our new Cyber
Insurance security dashboard template. This template summarizes critical cybersecurity
data required by insurance carriers, aggregating essential security control metrics
to help businesses effectively demonstrate their cybersecurity posture.
Virtual Network Sensor now supports Service Gateway as a proxy
November 13, 2024—The Virtual Network Sensor now supports connecting to Trend Vision One using a Service Gateway as a proxy. Additionally, you can set custom proxy settings
if you prefer to connect your Virtual Network Sensor using a third-party proxy. Update
to the latest version of Virtual Network Sensor to use this capability.
Find recommended trusted domains and service sources in Network Analysis Configuration
October 28, 2024—Attack Surface Discovery, part of Attack Surface Risk Management,
is able to analyze your network and recommend domains and IP addresses to add as assets.
You many now use this process to discover recommended domains and service sources
to add to the Trusted Domains and Trusted Service Sources lists in Network Resources.
Click Add Recommendations in the corresponding tab to discover the assets and choose whether to add them to
a trusted list.
Four more predefined conditions available in Correlated Intelligence in Cloud Email and Collaboration Protection
October 25, 2024 — Cloud Email and Collaboration Protection supports four more predefined conditions for defining custom detection signals in
Correlated Intelligence. The conditions check the Reply-To domain activity, the Reply-To
address activity, the URL domain registration age in email, and the sender address
for anomaly detection in the customer’s environment.
Enhanced Correlated Intelligence monitoring for existing ATP policies in Cloud Email and Collaboration Protection
October 25, 2024 — Cloud Email and Collaboration Protection enhances the monitoring of Correlated Intelligence detections without disrupting
your email flow. This update automatically enables the Correlated Intelligence filter
for policies where this filter is currently disabled, allowing you to keep track of
Correlated Intelligence detections seamlessly while maintaining smooth email operations.
Specifically,
-
For existing policies without Correlated Intelligence enabled, the action for Security Risks is set to Pass, and “All pre-defined rules” is selected for anomalies with the action set to Pass.
-
For existing policies with Correlated Intelligence enabled, no changes are made to the action for Security Risks. However, if “Specified pre-defined rules” was selected for anomalies with no rules specified, it is changed to “All pre-defined rules” with the action set to Pass.
Automatic recovery of false positive emails marked for deletion in Exchange Online and Gmail in Cloud Email and Collaboration Protection
October 25, 2024 — Cloud Email and Collaboration Protection extends its capabilities to identify false positive emails detected by Advanced Spam
Protection, Web Reputation, and Correlated Intelligence, and then automatically restore
false positive emails marked for deletion in end users’ “Recoverable Items > Deletions”
folder in Exchange Online and the “Trash” folder in Gmail.
Access token re-creation for Dropbox and Google Drive service accounts in Cloud Email and Collaboration Protection
October 25, 2024 — Cloud Email and Collaboration Protection provides an option for administrators to re-create access tokens for the Dropbox
and Google Drive service accounts when the current tokens become invalid or you want
to refresh the existing token.
Enhanced Automated Response Playbooks: Response Actions for AWS Accounts and Containers
October 23, 2024 — Automated Response Playbooks now offer expanded capabilities with
new response actions. You can select the Revoke Access Permission action to revoke access permissions of IAM users with potentially compromised AWS
accounts, applicable to accounts with Cloud Response for AWS enabled. Additionally, you can now choose the Isolate Container or Terminate Container actions to manage container security effectively.
For more information, see Creating Automated Response
Playbooks.
Cloud Posture moving to Cloud Security app group
October 28, 2024—On December 2nd, 2024, Cloud Posture will be fully relocated to the
new Cloud Security app group, where you can get a unified view of your cloud resources
and security. Until that date, you may access Cloud Posture from within the Attack
Surface Risk Management app group or in the new Cloud Security app group.
Cloud Posture includes Cloud Infrastructure Entitlement Management (CIEM)
October 21, 2024—Get central visibility of your cloud entitlements and related risks
in Cloud Posture. With over 200 different types of cloud resources currently available,
cloud operations and security teams are increasingly challenges by the complexity
of cloud infrastructure entitlement management.
A dedicated entitlements tab in Cloud Overview now gives users centralized visibility
into cloud identities and related risks. Take action and focus remediation efforts
based on prioritized risks, including risky identity types, identity misconfigurations,
and potential attack paths. To learn more, see Entitlements.
Assess for and view all CVEs in Attack Surface Risk Management
October 21, 2024—The Detected Vulnerabilities widget in Exposure Overview now displays
CVEs by impact level, including detected low-impact CVEs. New widgets in Operations
Dashboard allow you to filter CVEs by high, medium, and low impact. To learn more
about how CVE impact scores are calculated, see CVE impact score.
View All CVEs for Containers, Cloud VMs, and Serverless Functions
October 21, 2024—Attack Surface Risk Management prioritizes the most critical vulnerabilities
across your entire attack surface, allowing you to focus your remediation efforts.
However, visibility into lower impact CVEs is now available for containers, cloud
VMs, and serverless functions, providing you the vulnerability information you needs
for compliance or internal audits. View lower impact CVEs in the Vulnerabilities section
of Operations Dashboard or Exposure Overview in Executive Dashboard.
Proxy support for TippingPoint Network Sensor
October 16, 2024 — Network Inventory now supports the option to connect your TippingPoint
Network Sensor to Trend Vision One through a proxy. This configuration option is available
only when you enable TippingPoint Network Sensor.
For more information, see Enabling Network Sensor for TippingPoint.
Cloud Accounts now supports excluding accounts when connecting AWS organizations
October 14, 2024—You can now specify accounts to exclude when connecting or updating
AWS Organizations in the Cloud Accounts app. This feature can be used to exclude certain
accounts from being monitored by Trend Vision One, or to allow connecting excluded
accounts individually to set up feature and account configurations different from
the organization.
Create cluster-managed policies in Container Security
October 9, 2024—You can now interact directly with the Kubernetes API to create and
manage Container Security cluster-managed policies and rulesets within your Kubernetes
clusters. This integration facilitates seamless deployment of Container Security policies
and rulesets with your GitOps workflows.
For more information, see Cluster-managed policies.
Container Image Scanning now viewable from the Trend Vision One console
October 9, 2024—Container Security now supports access to detailed results and statistics
for scanned artifacts on the Container Image Scanning page from the Trend Vision One
console. View the scan results of registry image artifacts for vulnerabilities, malware,
and secrets within your continuous integration (CI) or continuous delivery (CD) pipeline.
For information, see Container Image Scanning.
View Risk Subindex per asset group in Attack Surface Risk Management
October 8, 2024—Executive Dashboard now supports the ability to view and compare the
Risk Index for specific subsets of assets. For example, you can monitor risk per business
unit, region, information system, and more to determine which subset requires attention.
To see the Risk Subindex, you must first build an asset grouping structure in Asset Group Management and allocate tag values to assets groups of either "Attack Surface Discovery" or
"Tag Inventory App". For more information, see Risk Overview.
Endpoint Inventory page view enhancements
October 8, 2024—Endpoint Inventory now features two new features to enhance navigating
the inventory list.
-
You can now navigate between pages by typing the exact page you want to view with the page navigation input box.
-
If your organization has more than 200 endpoints in your inventory, you can increase the per page view to 500 and 1000 endpoints per page.
Define the structure of your organization with Asset Group Management
October 8, 2024 — The new Asset Group Management app is now available in public preview.
In Asset Group Management, you can create groups of assets, designate tag values for
the new Asset group tag, and assign a tag value to each asset group. By enabling you
to analyze and manage specific subsets of assets, asset groups streamline your asset
management and provide a foundation for powerful new features on the Trend Vision
One platform.
For more information, see Asset Group Management.
Send to sandbox for Virtual Network Sensor officially released
October 1, 2024—The send to sandbox feature for Virtual Network Sensor is now officially
released. Send to sandbox is a paid feature and requires 2000 credits for every 500
Mbps of traffic scanned.