You can specify actions for connected products to take after detecting specific suspicious objects.
Trend Vision One connects to different
products and sends the Suspicious Objects List to the connected products for detection.
The
connected products then apply the specified action based on their capability.
NoteAdding IP addresses to the Suspicious Object List does not disrupt the existing
connection to the specified endpoints. Only new attempts to connect to the specified
endpoints are blocked.
|
The following table outlines the object types and actions supported by different products
and applications.
Product/Service
|
Object Type |
Action
|
||
Endpoint Sensor agent
(Windows, Mac)
|
File SHA-1
|
Log, Block
|
||
File SHA-256
|
||||
IP address
|
||||
|
||||
Endpoint Sensor agent
(Linux)
|
File SHA-1
|
Log, Block
|
||
File SHA-256
|
||||
|
||||
Standard Endpoint Protection agent
(Windows)
|
IP address
|
Log, Block
|
||
URL
|
||||
Domain
|
||||
File SHA-1
|
||||
|
||||
Service Gateway
|
IP address
|
Log, Block
|
||
URL
|
||||
Domain
|
||||
File SHA-1
|
||||
File SHA-256
|
||||
|
||||
Zero Trust Secure Access Internet Access
|
IP address
|
Log, Block
|
||
URL
|
||||
Domain
|
||||
File SHA-1
|
||||
Trend Cloud One - Endpoint & Workload Security (Windows)
|
IP address
|
Log | ||
Domain
|
Log | |||
File SHA-1
|
Log, Block
|
|||
File SHA-256
|
Log, Block
|
|||
|
||||
Trend Cloud One - Endpoint & Workload Security (Linux)
|
IP address
|
Log | ||
Domain
|
Log | |||
File SHA-1
|
Log, Block
|
|||
File SHA-256
|
Log, Block
|
|||
|
||||
Trend Cloud One - Endpoint & Workload Security (macOS)
|
IP address
|
Log, Block | ||
Domain
|
||||
File SHA-1
|
||||
File SHA-256
|
||||
URL
|
||||
|
||||
Trend Micro Apex One as a Service
|
IP address
|
Log, Block
|
||
URL
|
||||
Domain
|
||||
File SHA-1
|
||||
|
||||
Trend Micro Apex One (on-premises)
|
IP address
|
Log, Block
|
||
URL
|
||||
Domain
|
||||
File SHA-1
|
||||
|
||||
Trend Micro Cloud App Security
|
URL
|
Log, Quarantine
|
||
File SHA-1
|
||||
File SHA-256
|
||||
Sender address
|
||||
|
||||
Trend Micro Deep Discovery Inspector version 6.7 SP1 or later
|
IP address
|
Log
|
||
URL
|
||||
Domain
|
||||
File SHA-1
|
||||
Trend Micro Deep Security
|
File SHA-1 from Sandbox
|
Log, Block
|
||
Trend Micro Email Security
|
URL
|
Log, Quarantine
|
||
File SHA-1
|
||||
File SHA-256
|
||||
Sender address
|
Block | |||
TippingPoint Security Management System
|
IP address
|
Log, Block
|
||
URL
|
||||
Domain
|
||||
File SHA-1
|
||||
File SHA-256
|
||||
|