Curated Intelligence

Trend Micro gathers and integrates curated threat intelligence from internal and external sources.

The following table outlines the actions available on the Curated screen.

Action

Description

Filter intelligence reports

Use the search text box and the following drop-down lists to filter curated intelligence reports:

  • Last updated: The last date and time Trend Micro Vision One received the reports

  • View: The option to show only specific reports or all reports

  • Source: The source where the reports came from

Turn on Auto Sweeping

Click Auto Sweeping and turn on Auto Sweeping for certain sources.

After you turn on Auto Sweeping for a source type, Trend Micro Vision One generates a scheduled sweep and runs the sweep once every day for 7 consecutive days to search your environment for threat indicators based on incoming new reports from the selected source.

View campaign details

Click the Campaign links to learn about the threat campaign associated with each report.

View source details

Click the Source links to check details about the source of each report.

On the Source Details panel, turn on Auto Sweeping for the current source.

Take additional actions

Click the options button () at the end of the row and choose to take additional actions on the intelligence report:

  • Trend Micro Research: Click to access related blogs or articles from Trend Micro.

  • External Reference: Click to access related blogs or articles from third parties.

  • Download STIX Intelligence Report: Click to download the report locally into a STIX file.

  • Start Sweeping: Click to trigger a Manual Sweeping task to search your environment for threat indicators.

  • Start Sweeping (STIX-Shifter): Click to trigger a Manual Sweeping task to search other data sources you have configured in Third-Party Integration for threat indicators using STIX-Shifter.

    For more information about STIX-Shifter connection settings, see Third-Party Integration.

Check matched sweeps

Under Matched sweeps, check the number of tasks that have indicator matches and the total number of sweeping tasks that have been created.

View sweeping task details

Click the right arrow () at the beginning of the row to expand sweeping tasks and check the basic information about each task.

To further explore the tasks that have indicator matches, do the following:

  • Click the links under Related links to open Workbench alerts or download sweeping results.

  • Click the Details icon () to check matched indicators and associated entities of the tasks.