December 2023

December 18, 2023 — Network Inventory now supports the following central management features for Deep Discovery Inspector version 6.7 and later.

December 18, 2023 — As a preview feature, Cloud Accounts now supports connecting Azure Subscriptions to Trend Vision One. Connecting your Azure Subscription allows Trend Vision One to discover your Azure cloud assets and rapidly identify risks such as compliance and security best practice violations on your cloud infrastructure. Once connected, cloud accounts and assets from your Azure subscriptions are visible in the Cloud Posture and Attack Surface Discovery apps under Attack Surface Risk Management. For more information, see Adding an Azure subscription.

December 18, 2023 — In addition to integration with third-party identity and access management providers, Zero Trust Secure access now supports the addition and maintenance of local user accounts. Administrators may import lists of local user emails to serve as the basis for local user accounts, or the accounts may be added manually.

December 18, 2023 — The Automated Response Playbook has been enhanced to support a wider range of response actions, including user account actions such as disabling the user account, forcing sign out, and forcing password reset, and the ability to run custom scripts on endpoints.

December 18, 2023 — Operations Dashboard now features Event Rule Management: a centralized location for you to manage risk event rules.

When you mark a risk event as Dismissed, an event rule is created to prevent Attack Surface Risk Management from reporting future instances of the risk event in Risk Reduction Measures and All Risk Events. The event rule also prevents the dismissed risk event from impacting your organization's Risk Index.

Event Rule Management allows you to review and manage all dismissed event rules. If you remove a dismissed event rule, all new instances of the risk event are reported and contribute to your organization's Risk Index.

December 18, 2023 — The relationships of your Azure cloud assets can now be graphically illustrated in the Asset Graph tab of cloud asset profiles in Attack Surface Discovery.

December 15, 2023 — Azure AD has been renamed to Microsoft Entra ID across all Trend Vision One apps and features to align with Microsoft’s naming change. No app or feature functionality has been affected by the renaming.

Dec 15, 2023 — Customers can now isolate or terminate potentially compromised Kubernetes pods when investigating threat incidents in Workbench, Observed Attack Techniques, and Search.

December 15 — Public APIs for Trend Vision One Container Security are now available on the Trend Vision One Automation Center. See the Automation Center for more information.

December 11, 2023 — During an investigation, users can run multiple rounds of osquery or YARA tasks to narrow down the affected endpoint scope. Task names can now be customized to easily distinguish between multiple rounds of task results.

December 11, 2023 — You can now right-click URLs, domains, IPs, or file SHA-1 and select “VirusTotal” to facilitate thorough investigation of possible threats in your environment.

December 11, 2023 — Workspaces in Forensics now offer a quick link to all tasks related to the workspace. Click the Related Tasks button to go to a pre-filtered list in the Task List tab where you can view the status and results of workspace-related tasks.

December 11, 2023 — Powered by Trend Micro Smart Protection Network services such as Web Reputation Services, the Forensics app can now enrich network-related data collected as evidence. You can now view the score and corresponding risk level of certain URLs, IP addresses, and domain names that you collect and add to Forensics workspaces.

December 11, 2023 — For customers that have updated to the Foundation Services release, Container Security now supports management scope.

Permissions to view and manage Kubernetes clusters and Amazon ECS clusters can be assigned based on management scope for user roles. You can configure the management scope for each custom role in User Roles.

December 8, 2023 — Agentless Vulnerability & Threat Detection resources now have tags.

December 4, 2023 — Trend Vision One now supports manually adding seed IP addresses for discovering internet-facing assets in your organization. In the Internet-Facing Assets section of Attack Surface Discovery, click the Public IPs tab and then click Add to manually add up to 1,000 seed IP addresses. To view a list of added seed IP addresses, click View Manually Added IP Addresses.

The ability to add seed IP addresses is only available for customers using a Trend Micro solution as the data source for internet-facing assets and that do not have an active trial for Attack Surface Risk Management.

December 4, 2023 — Vulnerability Assessment now expands coverage for vulnerabilities affecting Windows Server 2012 and Windows Server 2012 R2 endpoints to help you identify more highly exploitable CVEs in your environment.

December 1, 2023 — Targeted Attack Detection is out of preview, and now an officially released app. Targeted Attack Detection is free to use, so any Trend Vision One user can leverage the app to analyze Smart Feedback data to determine if your environment is under attack.