Learn how to use XDR for Cloud features across Trend Vision One to monitor, investigate, and respond to cloud threats.
After deploying XDR for Cloud, you can leverage multiple apps and features within
Trend Vision One to monitor your cloud environment, investigate threats, and automate response actions.
View and manage XDR detection models
Detection models analyze cloud activity data to identify potential threats. You can
view, enable, disable, and customize detection models to match your security requirements.
For more information, see Detection Model Management.
View and investigate threat detections
When XDR for Cloud detects suspicious activity, alerts appear in the Workbench app.
Use Workbench to investigate alerts, view related events, and understand the scope
of potential threats.
For more information, see Workbench.
Query cloud activity data
Use the Search app to query CloudTrail logs, VPC flow logs, and VNet flow logs. Search
helps you investigate specific events, track user activity, and identify patterns
across your cloud environment.
For more information, see Search.
Take response actions
When you identify a threat, you can take immediate response actions to contain and
remediate the issue. Response actions help you quickly isolate affected resources
and prevent further damage.
For more information, see Response Management.
Automate response with security playbooks
Create security playbooks to automate response actions based on specific conditions.
Playbooks help you respond consistently to threats and reduce manual intervention.
For more information, see Security Playbooks.
Extend data retention
By default, Trend Vision One retains cloud activity data for a specific period. If you need extended storage for
compliance or investigation purposes, you can configure extended data retention.
For more information, see Data retention.