Running Simulations on Endpoints with Endpoint Sensor

Enable Endpoint Sensor by deploying the Apex One Security Agent policy, and then run the demonstration script to trigger detections in Trend Micro Vision One.

  1. Enable Endpoint Sensor on a connected Security Agent.
    1. On the Apex Central as a Service console, open your Apex One Security Agent policy.
    2. Locate and expand the Endpoint Sensor policy section.
    3. Select Enable Endpoint Sensor.
    4. Click Deploy.

      Allow some time for the policy to deploy to the targeted Security Agents. After receiving the updated settings, Security Agents start to send activity data to Trend Micro.

  2. Run the desired simulations on the Windows endpoint.
    1. On the Trend Micro Vision One console, go to Resource Center > Simulations.
    2. Select the app and scenario (if available) that you want to test.

      The selected app appears and displays information about the simulations feature and the selected app.

    3. Click Try Simulations.

      The Simulations dialog appears and displays information about the selected simulation.

      Click the right () and left () arrows to browse available simulations.

    4. Click Download Demo Script to download an archive file to the Windows endpoint.
    5. Extract the archive file on the Windows endpoint.

      The archive file is password protected. The password is displayed on the Simulations dialog.

    6. Run the .bat demo script file on the Windows endpoint.

      The Windows Command Prompt opens.

    7. Follow the instructions in the Windows Command Prompt window to execute the demonstration commands.
    8. After executing the commands, go to the Trend Micro Vision One console to view the expected results.

      Trend Micro Vision One may take a few minutes to provide results.