Trend Micro experts constantly evaluate, assess, and adjust cloud applications’ risk levels based on multiple criteria to ensure that customers always have the latest information.
An application's risk level indicates a level of maturity and security compliance for the application and does not indicate that an application is malicious or dangerous.
Trend Micro determines a cloud application’s risk level based on:
Standards compliance (for example, CSA STAR LEVEL, ISO, NIST)
Security features (for example, multi-factor authentication, DoS protection)
Security headers (for example, x-frame-options, content-security-policy)
Security breaches or other events that may indicate a compromised service
In addition, Trend Micro evaluates the risk level based on regulatory compliance with the following:
EU-US/Swiss-US Privacy Shield