Views:

Custom tagging available for Trend Vision One resources deployed to AWS Cloud Accounts

November 18, 2024—You can now add custom tags to Trend Vision One resources deployed to your AWS accounts using the Cloud Accounts app. Use custom tags help support cost tracking, automation, and other downstream workflows that rely on AWS tags. The feature supports tagging resources deployed using CloudFromation.
Cloud SecurityCloud Accounts

Cloud Accounts now supports excluding accounts when connecting AWS organizations

October 14, 2024—You can now specify accounts to exclude when connecting or updating AWS Organizations in the Cloud Accounts app. This feature can be used to exclude certain accounts from being monitored by Trend Vision One, or to allow connecting excluded accounts individually to set up feature and account configurations different from the organization.
Cloud SecurityCloud Accounts

Define the structure of your organization with Asset Group Management

October 8, 2024 — The new Asset Group Management app is now available in public preview. In Asset Group Management, you can create groups of assets, designate tag values for the new Asset group tag, and assign a tag value to each asset group. By enabling you to analyze and manage specific subsets of assets, asset groups streamline your asset management and provide a foundation for powerful new features on the Trend Vision One platform.
For more information, see Asset Group Management.
Service ManagementAsset Group Management

XDR for Cloud usage graph now available

August 26, 2024 — Cloud Accounts now features a detailed graph displaying your current and historical data ingestion for XDR for Cloud, enabling you to track the volume of data analyzed. To view the usage graph, go to Cloud SecurityCloud Accounts and click Credit Usage.
Cloud SecurityCloud Accounts

XDR detections for Gen-AI applications in Amazon Bedrock

August 21, 2024 — XDR for Cloud now provides monitoring capabilities for detecting possible attacks on Gen-AI applications in Amazon Bedrock. XDR for Cloud monitors for attempted and unauthorized deletion of guardrails and knowledge bases, and tampering with logging. These detections require the XDR for Cloud - AWS CloudTrail feature to be enabled on your connected AWS accounts. If you have already enabled the feature, the new detection capabilities are enabled by default.
To enable XDR for Cloud - AWS CloudTrail, go to Cloud SecurityCloud AccountsAWS and update the deployment stack.
To view the new detection models, go to XDR Threat InvestigationDetection Model Management.

XDR for Cloud - AWS VPC Flow Logs and Cloud Response for AWS now support AWS Organization connections

August 19, 2024 — The "XDR for Cloud - AWS VPC Flow Logs" and "Cloud Response for AWS" features can now be enabled and deployed to AWS Organization accounts in the Cloud Accounts app.
Cloud SecurityCloud Accounts

Announcing TMAS v2.0+

July 17, 2024 – Announcing Trend Micro Artifact Scanner (TMAS) v2.0+ with enhanced support for custom scanner combinations including the newly released secrets scanner. Users can run scanners independently or together, ensuring comprehensive security coverage tailored to their specific needs. This version also provides a more intuitive and standardized result output. For all changes, read WHATS-NEW.md included with the binary.
Cloud SecurityContainer SecurityContainer Protection Artifact Scanner

Get visibility into malicious traffic with XDR for Cloud VPC Flow Log Monitoring

July 8, 2024–Threat detection for AWS VPC Flow Logs is now available as a feature of XDR for Cloud. Once VPC flow log monitoring is enabled, Trend Vision One automatically analyzes the logs for any traffic activity related to suspicious or malicious IP addresses, and also monitors for malicious activity such as brute force attacks, access to sensitive database ports, data exfiltration, and more. Additionally, you can also use VPC flow logs to seep for indicators of compromise (IOCs) via the Threat Intelligence app, leveraging Trend Micro's threat intelligence feed or imported 3rd-party IOC sources.
  • To enable VPC flow log monitoring, go to Cloud SecurityCloud AccountsAWS
  • To view VPC flow logs, go to XDR Threat InvestigationSearch
  • To view threat detections from VPC flow logs, go to XDR Threat InvestigationWorkbench

Scanner Configuration for Agentless Vulnerability & Threat Detection

June 18, 2024 — The scanner configuration feature for Agentless Vulnerability & Threat Detection settings in Cloud Accounts lets you select the resource types to include in your scans. Three resource types are available for AWS accounts: Elastic Block Store (EBS), Elastic Container Registry (ECR), and AWS Lambda.
For more information, see AWS features and permissions.

Cloud Accounts now supports ingestion of AWS Virtual Private Cloud (VPC) flow logs

June 17, 2024—Enable this feature to gather VPC flow logs from your AWS account for XDR analysis in the Search app. Flow logs are enhanced with asset meta data and noise is removed, delivering broader visibility into asset connectivity with suspicious IP addresses and anomalous behaviors.
For more information, see AWS features and permissions.
Cloud SecurityCloud Accounts
XDR Threat InvestigationSearch

Asset Visibility Management expanded to include more asset types

May 21, 2024 — Trend Vision One now extends its robust asset visibility capabilities to include more comprehensive data asset support. This update introduces more data asset types, including more network and cloud assets, as well as message data. Building on the existing management scope for endpoints, containers, mobile devices, accounts, unmanaged devices, Private Access Connectors and Internet Access Gateways, and web gateways, the latest update ensures that all critical data points are covered, providing a holistic view of the organization's asset landscape. This enhancement is particularly beneficial for large enterprises that require detailed, segmented visibility to manage multiple regions or teams effectively.
For more information, see Adding an asset visibility scope.
Service ManagementAsset Visibility Management

CloudTrail log monitoring now supports deployment in AWS Control Tower environments

May 6, 2024 - The "Cloud Detections for AWS CloudTrail” feature under Vision One - XDR for Cloud has released a new template which supports deployment in multi-account AWS Control Tower environments.
To enable CloudTrail log monitoring for Control Tower, see Adding an AWS account with CloudTrail and Control Tower.
Cloud SecurityCloud Accounts

Cloud Accounts support for Google Cloud projects now available in pre-release preview

March 25, 2024 — As a pre-release preview feature, Cloud Accounts now supports connecting Google Cloud (GCP) projects to Trend Vision One. Connecting your Google Cloud project allows Trend Vision One to discover your cloud assets and rapidly identify risks such as compliance and security best practice violations on your cloud infrastructure. Once connected, cloud accounts and assets from your Google Cloud projects are visible in the Cloud Posture and Attack Surface Discovery apps under Attack Surface Risk Management. For more information, see Google Cloud projects.
Cloud SecurityCloud Accounts

Enhanced multi-layered asset management and new Asset Visibility Management app available

February 19, 2024 — Besides the management scope for endpoints and containers that were introduced in 2023, Trend Vision One enhances the asset management capability to support more data assets, including mobile devices, accounts, cloud assets, network assets, and secure access assets. Large-sized customers that run multiple businesses or have the need to segregate asset data visibility for different teams can leverage this enhanced capability to achieve multi-tenancy management purposes within a single Trend Vision One console.
For customers to better organize assets of multiple layers in a centralized location, Trend Vision One launches a new app Asset Visibility Management for administrators to group data and Trend Vision One app assets into asset visibility scopes based on the corporate structure. The asset visibility scopes can then be assigned to user roles to determine which assets are visible or manageable to these roles in all applicable Trend Vision One apps that display the data of the selected assets.
Only customers that have updated to the Foundation Services release have access to the app. If customers have configured scopes for endpoints and containers in User Roles, to achieve seamless migration, asset visibility scopes that include newly supported assets are automatically created and associated to the corresponding roles. Trend Vision One continues enhancing the asset visibility management capability with more asset coverage or granularity.
Service ManagementAsset Visibility Management

Region deployment selection available for Cloud Accounts

January 8, 2024 — Customers can now select which AWS regions to deploy the Agentless Vulnerability & Threat Detection and Container Protection for Amazon ECS features under Cloud Accounts. By default, these features will deploy to all available regions. This feature requires updating to the latest version of the Cloud Accounts stack.
For more information, see Cloud Accounts.
Cloud SecurityCloud Accounts

Cloud Accounts now previewing Azure subscription support

December 18, 2023 — As a preview feature, Cloud Accounts now supports connecting Azure Subscriptions to Trend Vision One. Connecting your Azure Subscription allows Trend Vision One to discover your Azure cloud assets and rapidly identify risks such as compliance and security best practice violations on your cloud infrastructure. Once connected, cloud accounts and assets from your Azure subscriptions are visible in the Cloud Posture and Attack Surface Discovery apps under Attack Surface Risk Management. For more information, see Adding an Azure subscription.
Cloud SecurityCloud Accounts

Cloud Accounts - AWS accounts automatically connect after stack deployment

November 20, 2023 — When adding a new AWS cloud account, the account automatically connects and registers to Trend Vision One after stack deployment in AWS completes. Connecting a new AWS account no longer requires copying the role ARN to complete the process. The new process requires using the latest version of the stack template.

Cloud Accounts supports deployment to AWS Organizations

November 20, 2023 — Add your AWS Organization to easily connect all the AWS accounts in your organization or organizational unit (OU) to Cloud Accounts. For more information, see Connecting and updating AWS accounts.

Cloud Accounts provides Japanese language support

September 28, 2023 — Cloud Accounts now supports Japanese language settings.
Cloud SecurityCloud Accounts

Cloud Accounts public API now available

September 28, 2023—Public API for Cloud Accounts now available on the Trend Vision One Automation Center. An API to download the Cloud Accounts AWS CloudFormation Template is planned for a future release.
Cloud SecurityCloud Accounts

Cloud Detections for AWS CloudTrail now available

September 28, 2023—Cloud Detections for AWS CloudTrail is now available as a pre-release subfeature which can be enabled in the Cloud Accounts app. This feature set deploys Cloud Audit Log Monitoring in your AWS account to get actionable insight into user, service, and resource activity with detection models identifying activity such as privilege escalation, password modification, attempted data exfiltration, and potentially unsanctioned MFA changes.
For more information, see AWS features and permissions.
Cloud SecurityCloud AccountsAWS

Cloud Accounts official release

September 28, 2023 — The Cloud Accounts app is no longer a pre-release feature and is now generally available. Cloud Accounts does not require any credit allocation and is always included as part of Trend Vision One. However, some features managed by the Cloud Accounts app may require credits for use.
Included with this release is integration with Server & Workload Protection for AWS accounts.
  • Adding new AWS accounts in the Trend Vision One console are now exclusively handled by the Cloud Accounts app.
  • Existing AWS accounts connected to Cloud Accounts are automatically associated with a Server & Workload Protection instance.
  • Existing AWS accounts within Server & Workload Protection are automatically added to and can be managed from Cloud Accounts. Update existing AWS accounts from Server & Workload Protection to get enhanced visibility and protection features within their cloud environments.
For more information, see Cloud Accounts.
Cloud SecurityCloud Accounts

Cloud Accounts app now available for pre-release preview

August 15, 2023 — Cloud Accounts consolidates the management and deployment of cloud security features in your environment across Trend Vision One apps. Cloud Accounts currently provides the following features for AWS accounts:
  • Core Features: Allows Trend Vision One to discover your cloud assets and rapidly identify risks such as compliance and security best practice violations on your cloud infrastructure. Once connected, assets in the account are visible in the Attack Surface Discovery app.
  • Container Protection for Amazon ECS: Deploys Trend Vision One - Container Security in your AWS account to protect your containers and container images in Elastic Container Service (ECS) environments. Container Security uncovers threats and vulnerabilities, protects your runtime environment, and enforces deployment policies. Once connected, managed clusters are visible in the Container Inventory page.
Additional features and expanded support for additional public cloud providers are planned for Cloud Accounts in the future. For more information, see Cloud Accounts.
Cloud SecurityCloud Accounts