Online Help Center Home
Privacy and Personal Data Collection Disclosure
- Pre-release Disclaimer
- Pre-release Sub-feature Disclaimer
Trend Vision One Data Privacy, Security, and Compliance
What's New
- June 2023
- May 2023
- April 2023
- March 2023
Introduction
- Trend Vision One
- Checking the Trend Vision One Service Status
  - SERVICE LEVEL OBJECTIVES FOR TREND VISION ONE (herein this “SLO”)
Getting Started
- Getting Started with Trend Vision One
- Getting Started with Vulnerability Prioritization and Assessment
Risk Insights
- Executive Dashboard
- Attack Surface Discovery
- Operations Dashboard
- Security Dashboard
  - Customizing the Security Dashboard
- Report Management
XDR Threat Investigation
- Detection Model Management
- Workbench
  - Alert View
  - Incident View
- Search App
- Observed Attack Techniques
- Targeted Attack Detection
- Forensics and Analysis
  - War Room Tab
    - Workspaces
      - Adding Elements to an Investigation Timeline
  - Packages Tab
    - Evidence Collection
      - Manual Evidence Collection
      - Supported Evidence Types
- Managed Services
Threat Intelligence
- Campaign Intelligence
  - Threat Information Screen
- Intelligence Reports
- Suspicious Object Management
  - Suspicious Object List
  - Exception List
    - Adding Exceptions
- Sandbox Analysis
- Third-Party Intelligence
  - TAXII Feeds
    - Configuring a TAXII Feed
  - MISP Feeds
Workflow and Automation
- Security Playbooks
- Response Management
  - Response Actions
  - Response Data
- Third-Party Integration
- API Automation Center
- Service Gateway Management
Zero Trust Secure Access
- Getting Started with Zero Trust Secure Access
- Secure Access Overview
- Secure Access Rules
- Secure Access Resources
- Secure Access History
- Secure Access Configuration
- Troubleshooting Zero Trust Secure Access
Assessment
- Security Assessment Service
Endpoint Security Operations
- Endpoint Inventory 2.0
- Endpoint Inventory
  - Getting Started with XDR for Endpoints
  - Managing the Endpoint List in Endpoint Inventory 1.0
    - Endpoint List Settings in Endpoint Inventory 1.0
- Endpoint Policies
- Trend Cloud One - Endpoint & Workload Security
Network Security Operations
- Network Inventory
- Network Intrusion Prevention
Email Security Operations
- Email Account Inventory
  - Email Sensor Management
Mobile Security Operations
- Getting Started with Mobile Security
- Mobile Inventory
- Mobile Detection Logs
- Mobile Policy
  - Mobile Policy Data
  - Configuring Mobile Policies
- Risky Mobile Apps
  - Risky Mobile App Data
  - Approved List Data
Point Product Connections
- Product Connector
  - Connecting a Product
  - Required Settings on Supported Products
Account
- Single Sign-On
  - Configuring SAML Single Sign-On
- User Accounts
- User Roles
  - Configuring Custom User Roles
  - Predefined Roles
- Notifications
- Audit Logs
  - User Logs
    - User Log Data
  - System Logs
    - System Log Data
- Console Settings
- License Information
- Credit Usage
- Support Settings
Getting Help and Troubleshooting
- Help and Support
  - Creating a Support Case
- Self-Diagnosis

Asset Criticality

Asset criticality indicates the importance of an asset to your organization's operations.

An asset is considered critical if its compromise causes severe consequences such as business interruption.

Risk Insights uses criticality information to calculate asset risk scores. Two assets with the same risk events and different criticality levels are not assigned the same risk scores and should therefore be managed differently.

When assigning criticality levels, Risk Insights considers significant profile tags that are derived from data collected by connected sources. Asset criticality levels are evaluated daily.

Important:

Connect to as many data sources as possible so that Risk Insights can obtain the profile tags required to determine asset criticality. For more information, see Configuring Data Sources.

The following table outlines the main asset criticality concepts.

Information	Description
Criticality level	Determined by significant profile tags and used to calculate asset risk scores High criticality assets are essential to your organization's operations and are likely to be targeted by threat actors. Compromise of such assets can cause business interruption and other severe consequences so prioritize these assets when implementing risk control measures. Medium criticality assets are fairly important to your organization's operations and may attract the attention of threat actors. Compromise of such assets can cause some business impact, but not to the same degree of severity as compromise of high criticality assets. Low criticality assets have minimal operational value and do not require close monitoring. Compromise of such assets usually cause very minor effects on infrastructure and business operations.
Profile tag	Extracted from data collected by connected data sources Profile tags that are considered significant are used to evaluate criticality levels. For more information, see Asset Profile Tags.

Information

Description

Criticality level

Determined by significant profile tags and used to calculate asset risk scores

High criticality assets are essential to your organization's operations and are likely to be targeted by threat actors. Compromise of such assets can cause business interruption and other severe consequences so prioritize these assets when implementing risk control measures.
Medium criticality assets are fairly important to your organization's operations and may attract the attention of threat actors. Compromise of such assets can cause some business impact, but not to the same degree of severity as compromise of high criticality assets.
Low criticality assets have minimal operational value and do not require close monitoring. Compromise of such assets usually cause very minor effects on infrastructure and business operations.

Profile tag

Extracted from data collected by connected data sources

Profile tags that are considered significant are used to evaluate criticality levels.

For more information, see Asset Profile Tags.

You can access asset criticality information in the following locations:

Location	Description
Asset lists	Example: Attack Surface Discovery > Accounts > Domain accounts > Domain Account List Accounts marked with star icon are highly critical to your organization. Clicking the icon opens a window that contains asset criticality information.
Asset details screen	Clicking the name of any asset opens a details screen that includes the Asset Profile tab, which displays the following information: Criticality level Significant profile tags Full list of profile tags Tip: Click a profile tag to view information available for that tag.

Location

Description

Asset lists

Example: Attack Surface Discovery > Accounts > Domain accounts > Domain Account List

Accounts marked with star icon are highly critical to your organization. Clicking the icon opens a window that contains asset criticality information.

Asset details screen

Clicking the name of any asset opens a details screen that includes the Asset Profile tab, which displays the following information:

Criticality level
Significant profile tags
Full list of profile tags

Tip:
Click a profile tag to view information available for that tag.