Learn about how XDR for Cloud monitors and protects your cloud assets.
What is XDR for Cloud?
XDR for Cloud provides the integration needed to monitor and protect your cloud assets
through key strategies including integrating CloudTrail, VPC Flow Logs, Azure Activity
Logs, and VNet Flow Logs. Log data is ingested into Trend Vision One for XDR analysis, integrating with key apps including Workbench and Observed Attack
Techniques.
XDR for Cloud leverages hundreds of detection models combined with global threat intelligence
to correlate and prioritize threat signals and automate response actions across your
environment. XDR for Cloud delivers pre-emptive protection against attacks including
privilege escalation attempts, policy rollbacks, master password modifications, data
exfiltration attempts, multi-factor authentication (MFA) deactivations, and more.
Additionally, you can leverage the Playbooks app to help automate response actions. For more information on viewing, investigating,
and taking response actions for XDR for Cloud in Trend Vision One, see Monitor and respond to cloud threats with XDR for Cloud.
 |
ImportantXDR for Cloud supports AWS accounts and Azure subscriptions.
|
XDR for Cloud data sources
XDR for Cloud currently offers integration with the following data sources to provide
insights into user, service, and resource detailed activity:
-
AWS CloudTrail logs. For more information, see About Cloud Detections for AWS CloudTrail.
-
AWS VPC flow logs. For more information, see About Cloud Detections for AWS VPC Flow Logs.
-
Amazon Security Lake
-
Azure Activity Logs (preview)
-
Azure VNet flow logs (preview). For more information, see About Cloud Detections for Azure VNet Flow Logs.
 |
NoteCloud Detections for Azure Activity Logs and Cloud Detections for Azure VNet Flow
Logs are preview features. There is no charge during the preview period. For more
information, see the Pre-release Disclaimer.
|