May 15, 2025—TrendAI Vision One™ now supports Microsoft Defender for Endpoint logs in custom detection filters.
This update includes the following changes:
-
Backup Deletion
-
Base64 Encoded PE File in Command Line
-
Clearing of System Logs
-
Detect Torrent Usage
-
Hiding a Java Class File
-
HTA Startup Persistence
-
Suspicious Bitlocker Encryption
-
Suspicious Image Load Related to IcedId
-
Turning Off System Restore
The related custom detection filters have been added to the tm-v1-detection-models GitHub repository. You can import these detection filters to your TrendAI Vision One™ environment to test the new integration.
For more information about custom detection filters, see Create a custom filter.