January 12, 2026—Trend Vision One now supports leveraging automated tagging rules to add assets to the Cyber Risk Exposure Management exception list, eliminating the need to manually add each asset. This enhancement
streamlines exception management by allowing you to simultaneously add multiple assets
to the exception list based on predefined conditions, improving your operational efficiency.
This enhancement focuses on device-type assets. You can add conditions to tagging
rules using asset attributes such as operating system version, organizational unit,
work location, and user principal name. Once a tagging rule assigns the CREM exception list tag value to assets that meet the conditions, Cyber Risk Exposure Management excludes those assets from cyber risk assessments and risk event analysis, and the
assets do not count towards your Cyber Risk Exposure Management credit usage.
For more information, see Automated tagging or Attack Surface Discovery.