Views:

Zero Trust Secure Access Internet Access supports bandwidth control for On-premises Gateways

July 31, 2023 — The Zero Trust Secure Access - Internet Access On-premises Gateway now supports bandwidth control for specified URLs on both downstream and upstream traffic.
For more information, see Configuring bandwidth control
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Vulnerability Assessment for Linux users

July 24, 2023 — Vulnerability Assessment is now available for the following Linux operating systems: Amazon Linux, CentOS, Red Hat Enterprise Linux, and Ubuntu.
Attack Surface Risk ManagementAttack Surface Discovery

Zero Trust Secure Access Internet Access supports ICAP integration for On-premises Gateways

July 17, 2023 — The Zero Trust Secure Access - Internet Access On-Premises Gateway now supports enabling ICAP integration in addition to the default proxy mode. ICAP integration can be configured from the Internet Access ConfigurationGateway page.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Scanned Traffic Summary widget for Security Dashboard

July 10, 2023 — The Scanned Traffic Summary widget provides an overview of scanned traffic, protocols, and discovered devices in your network environment. The widget supports both Network Inspector and Deep Discovery Inspector version 6.6 or later.
Dashboards and ReportsSecurity Dashboard

Custom detection model public preview

July 4, 2023 — The Detection Model Management app now offers the ability to create custom filters using search query syntax. Create custom detection models that use the new custom filters to trigger the generation of custom Observed Attack Techniques events and Workbench alerts.
The custom Observed Attack Techniques events and Workbench alerts are accessible by several downstream features and services, including the Observed Attack Techniques app, the Workbench public API, widgets, and third-party SIEM integrations. In addition, the new custom detection models can be leveraged by the Security Playbooks app to create automated response actions.
XDR Threat InvestigationDetection Model Management

Risk Insights capabilities require a license or credits

July 4, 2023 — Risk Insights capabilities are now a paid feature. You must purchase a license or allocate sufficient credits for Risk Insights to access Operations Dashboard and Attack Surface Discovery.
If you have not purchased a license or allocated credits to Risk Insights, you can start a 30-day free trial when you attempt to access Operations Dashboard or Attack Surface Discovery. To ensure uninterrupted access to Operations Dashboard and Attack Surface Discovery after your trial ends, contact your sales representative in advance to prepare a license or credits for Risk Insights. You can configure Trend Vision One to automatically allocate credits to Risk Insights capabilities at the end of your free trial period.
Attack Surface Risk ManagementOperations Dashboard
Attack Surface Risk ManagementAttack Surface Discovery

Risk Insights-related security playbooks require entitlement

July 4, 2023 — Customers must now enable the Risk Insights license entitlement to create, edit, or execute the following playbooks.
  • Account Configuration Risk
  • CVEs with High or Medium Global Exploit Activity - Internet-Facing Assets
  • CVEs with High or Medium Global Exploit Activity
For more information, see Security playbooks requirements
Workflow and AutomationSecurity Playbooks

Automated Response Playbooks gain support for custom detection models

July 4, 2023 — You can now specify custom detection models when configuring Target nodes for Automated Response Playbooks. Subsequent nodes in the playbook are only triggered for Workbench alerts related to the specified detection models.
Enhancements to the Security Playbooks user interface facilitate selecting and enabling detection models.
For more information, see Creating Automated Response Playbooks.
Workflow and AutomationSecurity Playbooks

Permissions for Risk Insights updated

July 3, 2023 — To streamline the management of Risk Insights access in the User Roles app, the Configure settings and Export data permissions are no longer listed under Executive Dashboard, Attack Surface Discovery, and Operations Dashboard. Configure settings and Export data are now found in the new General category, which affects the three Risk Insights apps.
The new Manage assets permission now affects Attack Surface Discovery. Operations Dashboard now uses two new permissions, Manage risk events and Manage vulnerabilities.
AdministrationUser Roles

Advanced filtering and ability to assign secure access rules added to Cloud Apps

July 3, 2023 — The Cloud Apps tab of the Attack Surface Discovery app now features a new Artificial Intelligence category for cloud apps based on artificial intelligence technology. The Cloud Apps tab now also features advanced filtering by category, risk level, sanctioned state, breach warnings, and last detected. In addition, you can now assign Internet Access rules by selecting cloud apps and clicking Assign Secure Access Rule.
Attack Surface Risk ManagementAttack Surface Discovery

Security Playbooks supports management scope

July 3, 2023 — For customers that signed up for or expressly updated Trend Vision One on or after July 3, 2023, Security Playbooks now supports management scope.
Permissions to view or manage playbooks can be assigned based on management scope for custom roles. Users can only approve the execution of playbooks and view execution results for endpoints in their management scope. Newly created playbooks are executed based on the playbook creator's management scope.
All roles retain full permissions for playbooks created before the implementation of management scope.
Workflow and AutomationSecurity Playbooks

System log enhancements and unusual status alerts for Zero Trust Secure Access Internet Access

July 3, 2023 — Zero Trust Secure Access Internet Access now maintains system logs to provide summaries about Internet Access On-Premises Gateway events that occurred, including gateway connection status change, service version update, and SSO authentication proxy status change.
You can also configure alerts to send notifications when the status of an on-premises gateway changes to "Unhealthy", or when the on-premises gateway that serves as the authentication proxy for SSO is disconnected from your on-premises Active Directory server. For more information, see Internet Access gateways and corporate network locations.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Zero Trust Secure Access Internet Access supports Artificial Intelligence category for cloud app filtering

July 3, 2023 — Zero Trust Secure Access Internet Access now supports a new cloud app category "Artificial Intelligence" evaluated by Cloud Reputation Services. This allows you to easily filter out generative AI-based cloud apps when adding custom cloud app categories and create Risk rules and Internet Access rules to control users' access to these cloud apps.
Zero Trust Secure AccessSecure Access ConfigurationInternet Access Configuration

Secure Access Module can be deployed on the endpoints managed by Trend Vision One Endpoint Security

July 3, 2023 — Customers that have updated to Trend Vision One Endpoint Security can now install the Secure Access Module on the following endpoints with supported operating systems: Standard Endpoint Protection endpoints, Server & Workload Protection endpoints, and Sensor only endpoints.
Other features available for the Secure Access Module can also be applied to the endpoints, such as removing the module or replacing the PAC file.
Zero Trust Secure AccessSecure Access ConfigurationSecure Access Module

Report Management and Security Dashboard merged under new Dashboards and Reports app group

July 3, 2023 — Security Dashboard and Reports (formerly Report Management) have moved from Risk Insights to the new Dashboards and Reports app group. Access detailed reports and custom dashboard views from a single location to more easily make informed security decisions.
Dashboards and ReportsSecurity Dashboard
Dashboards and ReportsReports

Native Trend Vision One Endpoint Security

July 3, 2023 — Trend Vision One provides a centralized and comprehensive solution for your endpoint security, offering a streamlined, single-console experience. The new interface allows for the deployment of protection and policies, risk management, and the handling of detection and response for your endpoints, servers, and workloads.