Creating a Risk Control Rule in Playbook View

Automate risk management in your environment.

Rules can automatically execute predetermined actions to respond to risk events based on conditions you specify.


At any stage of the rule creation process, you can:

  • Add additional components by clicking .

  • Delete any component by clicking .

  1. On the Risk Control screen in the Zero Trust Secure Access app, click Create Rule.
  2. Select New rule from the dropdown menu, specify a name and description, and then click Next.

    You can also create a rule from a template or from a Trend Micro recommended rules. Choosing a template may prefill or limit additional components.

  3. Select a condition from the list, and then specify the details of how the condition will be triggered. Conditions can check either devices or users.
  4. Select the weekly period that the rule is applied and (optional) the start and end dates of the schedule, and then click Next.

    The time uses the defined time zone of the console.

  5. Select users or devices targeted by the action, and then click Next. You can add additional conditions to check before taking actions by clicking to the right of your target.
  6. Click to the right of Do THIS, and then select an action type. The Edit Action dialog box appears.
  7. Select an action from the list and click Next. You can add revocation components by clicking to the right of your action.
  8. Select Enable or Disable to toggle the rule, and then click Save.