Related information
- Workbench insight asset visibility scope refinement
- Data retention periods now customizable with credit allocation for Network Sensor and Deep Discovery Inspector
- Filter relevant XDR insights and events in Workbench and Observed Attack Techniques
- Improved visualization of lateral movement in Execution Profiles
- New “Group by” option available for custom models
- AI-recommended related XDR Data Explorer events now supported in Workbench insight alerts
- Privilege-based insight visibility
- AI-generated Workbench insight summaries and highlights now available
- Introducing Trend Vision One - Agentic SIEM
- New names for the Search app and XDR Threat Investigation
- Import/export of custom detection models and filters now available
- Retro scan available for custom detection models
- Third-party log correlation in Workbench alerts
- Host investigation now available
- Workbench insight enrichment with associated Threat Intelligence Sweeping alerts
- Mail tracking logs for accepted traffic integrated with Trend Vision One
- AI-recommended events for enhanced Workbench insight correlation
- New custom detection filters for Microsoft logs
- Data Detection and Response now available in Workbench
- Data Detection and Response now available in Observed Attack Techniques
- New custom detection filters for Citrix logs
- Filter insights by event time
- Azure activity log custom filters
- Network analytics report in Workbench insights
- Microsoft Defender for Endpoint logs now supported in custom filters
- Asset tagging for endpoints and container clusters now supported
- Create custom filters based on Search queries
- Create custom filters using pre-built templates
- Logical operators available for custom detection models
- Related Observed Attack Techniques event suggestions for Workbench Insights
- MITRE TTP notifications in Workbench
- Workbench Companion suggests noteworthy insights
- Context menu for highlighted objects
- Close related Workbench alerts
- Custom filters now support Email and Collaboration Activity logs
- Enhanced Owner Assignment in Workbench and Case Management
- New exceptions available for XDR for Cloud - AWS CloudTrail detections
- Trend Companion explains Observed Attack Techniques events in the Search app
- Add objects to Network Resources from the Workbench, Search, and Observed Attack Techniques apps
- Custom filters now support AWS Virtual Private Cloud flow logs
- Trend Vision One - Companion now explains Observed Attack Techniques events
- Trend Vision One - Companion now supported in Observed Attack Techniques
- Custom models now support Identity and Access Activity Data
- Custom filter query strings can now include regex for higher detection precision
- Forensics now supports multi-factor authentication
- Forensics highlights now available
- Forensics workspace enhancements
- Forensics supports YARA, osquery, and Collect Evidence tasks on Linux endpoints
- Filter query results of YARA and osquery tasks by status
- Support for terminating Amazon ECS containers
- Enhance investigations with VirusTotal threat intelligence in Evidence Report view
- Customize YARA and osquery task names
- Forensics workspaces provide quick link to related tasks
- Forensics app now enriches evidence with Trend Micro Smart Protection Network data
- Targeted Attack Detection officially released
- The Search app supports threat hunting queries from Cyborg Security
- Observed Attack Techniques supports filtering by data source
- Case Management integration with Forensics
- Custom filter import and export
- Forensics has been officially launched
- Support for multiple custom filters in a custom model
- The Observed Attack Techniques API adds support for container data
- Observed Attack Techniques offers visibility into container attack information
- Notifications implemented for disabled custom filters
- Custom detection model public preview
- Forensics risk score for endpoints