Views:
Trend Vision One™ – Cloud Risk Management Real-Time Posture Monitoring (RTPM) provides live monitoring with instant threat and remediation alerts for activities and events within your AWS , Azure, and Google Cloud accounts.
Cloud Risk Management RTPM ingests raw events to allow you to easily monitor your environment, and supports updating Checks for a subset of Rules in near real-time. You can view our documentation listing the Cloud Risk Management Rules supported by RTPM.
Real-Time Posture Monitoring offers two key features:

Procedure

  1. Activity Dashboard - identify unusual user activities
  2. Monitoring Dashboard - get an in-depth record of all events in an AWS account

Next steps

What's the number of rules RTPM covers once it's enabled?
  • 8 pure RTPM rules, running for any kind of events
  • 25+ additional rules looking for events of significance.For example, internet gateway config changes
  • 350+ rules running in real-time whenever resources are modified_
    Note
    Note
    The number of rules covered does not match the_ total number of rules that Cloud Risk Management supports. This is because RTPM is set up to cover the most used AWS services. New services or not-so-critical services are not integrated with RTPM
  • The services for which we have extensive but not necessarily complete coverage are:
    • S3
    • EC2
    • ELB
    • Auto Scaling
    • CloudFormation
    • IAM
    • DynamoDB
    • Lambda
    • CloudFront

Set up Real-Time Posture Monitoring Parent topic

Procedure

  1. Follow the instructions on setting up Real-Time Posture Monitoring

Access Real-Time Posture Monitoring Parent topic

Procedure

  1. Select an Account where Real-Time monitoring is enabled
  2. Open the Main Dashboard to view the Activity and Monitoring Dashboards