At-Risk Endpoint Assessment

Scan high-profile endpoints for file-based threat indicators and malicious file activity.

1. In the At-Risk Endpoint Assessment area, click Start Assessment.
2. On the At-Risk Endpoints screen, deploy the assessment tool on the target endpoints and select the endpoints to assess.
   1. Click Download Assessment Tool.
   2. Deploy the assessment tool using your preferred system utility or share the download link with users.

      For more information, see Deploying the Assessment Tool to Windows Endpoints and Deploying the Assessment Tool to macOS Endpoints.

      Note:

      Attack surface discovery continuously identifies known and unknown assets in your environment to inform your attack exposure and security configuration. Scanning as many endpoints as possible helps expand your view of the attack surface and find threats that may have evaded your existing security solutions.

   3. Select the endpoints to assess by clicking Select Endpoints From Inventory, and then click Run Assessment tool.

      You can select a maximum of 1,000 endpoints at a time.

      Important:

      In order for the tool to automatically scan and upload data back to the Security Assessment app, make sure that the endpoints are online and allowed to connect to Trend Vision One.

3. Wait until all your endpoints finish the assessment.
4. Check the results on the assessment report and take risk remediation actions immediately if necessary.

   The following table lists the actions available on the report (if applicable).

   Action	Description
   Try the XDR Endpoint Sensor in the Endpoint Inventory app	Click Enable under the Recommended actions section, and then enable the XDR Endpoint Sensor to continuously monitor vulnerable endpoints.
   View details in the Executive Dashboard app	Click View details in the Recommended actions section to find more information about your company's overall risk, exposure, and attack indexes, and security configuration.
   Reassess endpoints	Expand your view of the attack surface by assessing additional endpoints.
   Download PDF	Download the assessment report as a PDF file.
   Start new assessment	Start a new cloud mailbox, endpoint, global threat assessment, or overall risk assessment. Important: Starting a new assessment permanently deletes collected data.