Custom tagging available for Trend Vision One resources deployed to AWS Cloud Accounts
November 18, 2024—You can now add custom tags to Trend Vision One resources deployed
to your AWS accounts using the Cloud Accounts app. Use custom tags help support cost
tracking, automation, and other downstream workflows that rely on AWS tags. The feature
supports tagging resources deployed using CloudFromation.
Cloud Accounts now supports excluding accounts when connecting AWS organizations
October 14, 2024—You can now specify accounts to exclude when connecting or updating
AWS Organizations in the Cloud Accounts app. This feature can be used to exclude certain
accounts from being monitored by Trend Vision One, or to allow connecting excluded
accounts individually to set up feature and account configurations different from
the organization.
Define the structure of your organization with Asset Group Management
October 8, 2024 — The new Asset Group Management app is now available in public preview.
In Asset Group Management, you can create groups of assets, designate tag values for
the new Asset group tag, and assign a tag value to each asset group. By enabling you
to analyze and manage specific subsets of assets, asset groups streamline your asset
management and provide a foundation for powerful new features on the Trend Vision
One platform.
For more information, see Asset Group Management.
XDR for Cloud usage graph now available
August 26, 2024 — Cloud Accounts now features a detailed graph displaying your current
and
historical data ingestion for XDR for Cloud, enabling you to track the volume of data
analyzed.
To view the usage graph, go to
and click Credit Usage.XDR detections for Gen-AI applications in Amazon Bedrock
August 21, 2024 — XDR for Cloud now provides monitoring capabilities for detecting
possible
attacks on Gen-AI applications in Amazon Bedrock. XDR for Cloud monitors for attempted
and
unauthorized deletion of guardrails and knowledge bases, and tampering with logging.
These
detections require the XDR for Cloud - AWS CloudTrail feature to be enabled on your
connected AWS
accounts. If you have already enabled the feature, the new detection capabilities
are enabled by
default.
To enable XDR for Cloud - AWS CloudTrail, go to
and update the deployment stack.To view the new detection models, go to
.XDR for Cloud - AWS VPC Flow Logs and Cloud Response for AWS now support AWS Organization connections
August 19, 2024 — The "XDR for Cloud - AWS VPC Flow Logs" and "Cloud Response for
AWS" features
can now be enabled and deployed to AWS Organization accounts in the Cloud Accounts
app.
Announcing TMAS v2.0+
July 17, 2024 – Announcing Trend Micro Artifact Scanner (TMAS) v2.0+ with enhanced
support for
custom scanner combinations including the newly released secrets scanner. Users can
run
scanners independently or together, ensuring comprehensive security coverage tailored
to their
specific needs. This version also provides a more intuitive and standardized result
output.
For all changes, read WHATS-NEW.md included with the binary.
Get visibility into malicious traffic with XDR for Cloud VPC Flow Log Monitoring
July 8, 2024–Threat detection for AWS VPC Flow Logs is now available as a feature
of XDR for Cloud. Once VPC flow log monitoring is enabled, Trend Vision One automatically analyzes the logs for any traffic activity related to suspicious or
malicious IP addresses, and also monitors for malicious activity such as brute force
attacks, access to sensitive database ports, data exfiltration, and more. Additionally,
you can also use VPC flow logs to seep for indicators of compromise (IOCs) via the
Threat Intelligence app, leveraging Trend Micro's threat intelligence feed or imported 3rd-party IOC sources.
-
To enable VPC flow log monitoring, go to
-
To view VPC flow logs, go to
-
To view threat detections from VPC flow logs, go to
Scanner Configuration for Agentless Vulnerability & Threat Detection
June 18, 2024 — The scanner configuration feature for Agentless Vulnerability & Threat
Detection settings in Cloud Accounts lets you select the resource types to include
in your scans.
Three resource types are available for AWS accounts: Elastic Block Store (EBS), Elastic
Container Registry (ECR), and AWS Lambda.
For more information, see AWS features and permissions.
Cloud Accounts now supports ingestion of AWS Virtual Private Cloud (VPC) flow logs
June 17, 2024—Enable this feature to gather VPC flow logs from your AWS account for
XDR
analysis in the Search app. Flow logs are enhanced with asset meta data and noise
is removed,
delivering broader visibility into asset connectivity with suspicious IP addresses
and
anomalous behaviors.
For more information, see AWS features and permissions.
Asset Visibility Management expanded to include more asset types
May 21, 2024 — Trend Vision One now extends its robust asset visibility capabilities
to include
more comprehensive data asset support. This update introduces more data asset types,
including
more network and cloud assets, as well as message data. Building on the existing management
scope
for endpoints, containers, mobile devices, accounts, unmanaged devices, Private Access
Connectors
and Internet Access Gateways, and web gateways, the latest update ensures that all
critical data
points are covered, providing a holistic view of the organization's asset landscape.
This
enhancement is particularly beneficial for large enterprises that require detailed,
segmented
visibility to manage multiple regions or teams effectively.
For more information, see Adding an asset visibility scope.
CloudTrail log monitoring now supports deployment in AWS Control Tower environments
May 6, 2024 - The "Cloud Detections for AWS CloudTrail” feature under Vision One -
XDR for
Cloud has released a new template which supports deployment in multi-account AWS Control
Tower
environments.
To enable CloudTrail log monitoring for Control Tower, see Adding an AWS account with CloudTrail and
Control Tower.
Cloud Accounts support for Google Cloud projects now available in pre-release preview
March 25, 2024 — As a pre-release preview feature, Cloud Accounts now supports connecting
Google Cloud (GCP) projects to Trend Vision One. Connecting your Google Cloud project
allows
Trend Vision One to discover your cloud assets and rapidly identify risks such as
compliance and
security best practice violations on your cloud infrastructure. Once connected, cloud
accounts
and assets from your Google Cloud projects are visible in the Cloud Posture and Attack
Surface
Discovery apps under Attack Surface Risk Management. For more information, see Google Cloud projects.
Enhanced multi-layered asset management and new Asset Visibility Management app available
February 19, 2024 — Besides the management scope for endpoints and containers that
were
introduced in 2023, Trend Vision One enhances
the asset management capability to support more data assets, including mobile devices,
accounts,
cloud assets, network assets, and secure access assets. Large-sized customers that
run multiple
businesses or have the need to segregate asset data visibility for different teams
can leverage
this enhanced capability to achieve multi-tenancy management purposes within a single
Trend Vision One console.
For customers to better organize assets of multiple layers in a centralized location,
Trend Vision One launches a new app Asset Visibility Management for administrators to group data and Trend Vision One app assets into asset visibility
scopes based on the corporate structure. The asset visibility scopes can then be assigned
to user
roles to determine which assets are visible or manageable to these roles in all applicable
Trend Vision One apps that display the data of
the selected assets.
Only customers that have updated to the Foundation Services release have access to
the app. If
customers have configured scopes for endpoints and containers in User
Roles, to achieve seamless migration, asset visibility scopes that include newly
supported assets are automatically created and associated to the corresponding roles.
Trend Vision One continues enhancing the asset
visibility management capability with more asset coverage or granularity.
Region deployment selection available for Cloud Accounts
January 8, 2024 — Customers can now select which AWS regions to deploy the Agentless
Vulnerability & Threat Detection and Container Protection for Amazon ECS features
under
Cloud Accounts. By default, these features will deploy to all available regions. This
feature
requires updating to the latest version of the Cloud Accounts stack.
For more information, see Cloud Accounts.
Cloud Accounts now previewing Azure subscription support
December 18, 2023 — As a preview feature, Cloud Accounts now supports connecting
Azure
Subscriptions to Trend Vision One. Connecting your Azure Subscription allows Trend
Vision One to
discover your Azure cloud assets and rapidly identify risks such as compliance and
security best
practice violations on your cloud infrastructure. Once connected, cloud accounts and
assets from
your Azure subscriptions are visible in the Cloud Posture and Attack Surface Discovery
apps under
Attack Surface Risk Management. For more information, see Adding an Azure subscription.
Cloud Accounts - AWS accounts automatically connect after stack deployment
November 20, 2023 — When adding a new AWS cloud account, the account automatically
connects and
registers to Trend Vision One after stack deployment in AWS
completes. Connecting a new AWS account no longer requires copying the role ARN to
complete the
process. The new process requires using the latest version of the stack template.
Cloud Accounts supports deployment to AWS Organizations
November 20, 2023 — Add your AWS Organization to easily connect all the AWS accounts
in your
organization or organizational unit (OU) to Cloud Accounts. For more information,
see Connecting and updating AWS accounts.
Cloud Accounts provides Japanese language support
September 28, 2023 — Cloud Accounts now supports Japanese language settings.
Cloud Accounts public API now available
September 28, 2023—Public API for Cloud Accounts now available on the Trend Vision
One Automation Center. An API to download the Cloud Accounts AWS CloudFormation Template
is planned for a future release.
Cloud Detections for AWS CloudTrail now available
September 28, 2023—Cloud Detections for AWS CloudTrail is now available as a pre-release
subfeature which can be enabled in the Cloud Accounts app. This feature set deploys
Cloud Audit Log Monitoring in your AWS account to get actionable insight into user,
service, and resource activity with detection models identifying activity such as
privilege escalation, password modification, attempted data exfiltration, and potentially
unsanctioned MFA changes.
For more information, see AWS features and permissions.
Cloud Accounts official release
September 28, 2023 — The Cloud Accounts app is no longer a pre-release feature and
is now
generally available. Cloud Accounts does not require any credit allocation and is
always included
as part of Trend Vision One. However, some features managed by the Cloud Accounts
app may require
credits for use.
Included with this release is integration with Server & Workload Protection for AWS
accounts.
-
Adding new AWS accounts in the Trend Vision One console are now exclusively handled by the Cloud Accounts app.
-
Existing AWS accounts connected to Cloud Accounts are automatically associated with a Server & Workload Protection instance.
-
Existing AWS accounts within Server & Workload Protection are automatically added to and can be managed from Cloud Accounts. Update existing AWS accounts from Server & Workload Protection to get enhanced visibility and protection features within their cloud environments.
For more information, see Cloud Accounts.
Cloud Accounts app now available for pre-release preview
August 15, 2023 — Cloud Accounts consolidates the management and deployment of cloud
security
features in your environment across Trend Vision One apps. Cloud Accounts currently
provides the
following features for AWS accounts:
-
Core Features: Allows Trend Vision One to discover your cloud assets and rapidly identify risks such as compliance and security best practice violations on your cloud infrastructure. Once connected, assets in the account are visible in the Attack Surface Discovery app.
-
Container Protection for Amazon ECS: Deploys Trend Vision One - Container Security in your AWS account to protect your containers and container images in Elastic Container Service (ECS) environments. Container Security uncovers threats and vulnerabilities, protects your runtime environment, and enforces deployment policies. Once connected, managed clusters are visible in the Container Inventory page.
Additional features and expanded support for additional public cloud providers are
planned for
Cloud Accounts in the future. For more information, see Cloud Accounts.