Online Help Center Home
Privacy and Personal Data Collection Disclosure
- Pre-release Disclaimer
- Pre-release Sub-feature Disclaimer
Trend Vision One Data Privacy, Security, and Compliance
What's New
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- Release Notes
Introduction
- Trend Vision One
- Checking the Trend Vision One Service Status
  - SERVICE LEVEL OBJECTIVES FOR TREND VISION ONE (herein this “SLO”)
Getting Started
- Getting Started with Trend Vision One
- Getting Started with Vulnerability Assessment
Risk Insights
- Executive Dashboard
- Attack Surface Discovery
- Operations Dashboard
Dashboards and Reports
- Security Dashboard
  - Customizing the Security Dashboard
  - Protocol Groups in the Scanned Traffic Summary Widget
- Reports
XDR Threat Investigation
- Detection Model Management
- Workbench
  - Alert View
  - Incident View
    - Incident Details
      - Alerts (Incident View)
      - Incident-based Execution Profile
    - Assigning Incidents
- Search App
- Observed Attack Techniques
- Targeted Attack Detection
- Forensics
- Managed Services
- Companion
Threat Intelligence
- Campaign Intelligence
  - Threat Information Screen
- Intelligence Reports
- Suspicious Object Management
  - Suspicious Object List
  - Exception List
    - Adding Exceptions
- Sandbox Analysis
- Third-Party Intelligence
  - TAXII Feeds
    - Configuring a TAXII Feed
  - MISP Feeds
Workflow and Automation
- Security Playbooks
- Response Management
- Third-Party Integration
- API Automation Center
- Service Gateway Management
Zero Trust Secure Access
- Getting Started with Zero Trust Secure Access
- Secure Access Overview
- Secure Access Rules
- Secure Access Resources
- Secure Access History
- Secure Access Configuration
- Troubleshooting Zero Trust Secure Access
Assessment
- Cyber Risk Assessment
Endpoint Security Operations
- Endpoint Inventory 2.0
- Endpoint Inventory
  - Getting Started with XDR for Endpoints
  - Managing the Endpoint List in Endpoint Inventory 1.0
    - Endpoint List Settings in Endpoint Inventory 1.0
- Endpoint Policies
- Trend Cloud One - Endpoint & Workload Security
Endpoint Security Operations (for Standard Endpoint and Server & Workload Protection)
- Getting Started with Trend Vision One Endpoint Security
- Endpoint Inventory
- Standard Endpoint Protection
- Server & Workload Protection
Cloud Security Operations
- Trend Vision One Container Security
- XDR for Containers
  - Getting Started with XDR for Containers
Network Security Operations
- Network Inventory
- Network Intrusion Prevention
Email Security Operations
- Email Account Inventory
  - Email Sensor Management
Mobile Security Operations
- Getting Started with Mobile Security
- Using Mobile Security in Conjunction with MDM Solutions or Azure AD
- Using Mobile Device Director
Service Management
- Product Connector
  - Connecting a Product
  - Required Settings on Supported Products
- Product Instance
- Cloud Accounts
Administration
- User Accounts, Roles, and Single Sign-On (Legacy)
- User Accounts, Identity Providers, and User Roles (July 2023 update)
- Notifications
- Audit Logs
  - User Logs
    - User Log Data
  - System Logs
    - System Log Data
- Console Settings
- License Information
- Credit Usage
- Support Settings
  - Enabling Hypersensitive Mode
Getting Help and Troubleshooting
- Help and Support
  - Creating a Support Case
- Self-Diagnosis

Password Expiration Disabled

Password expiration limits the risk of a threat actor guessing or cracking a password before it is changed.

Accounts without the password expiration requirement can be used indefinitely (unless the account is deleted). As time passes, unchanged passwords become increasingly easier for threat actors to crack. Active Directory and Azure AD administrators (global administrator or user administrator) can remove or temporarily disable the requirement for users to periodically change their passwords. However, this should only be applied to emergency access accounts.

You can remediate the issue through the following methods:

System	Steps
Active Directory	Define the password expiration period in the group policy objects for all accounts. Do not enable "password never expire" for all accounts in the Domain Controller.
Azure AD	Configure the password expiration policy using PowerShell. Open a PowerShell prompt and connect to your Azure AD tenant using a global administrator or user administrator account: Connect-AzureAD -Confirm Require password expiration by running one of the following commands: Single user (You must specify the user ID of the account owner.) Set-AzureADUser -ObjectId <user ID> -PasswordPolicies None All users in the organization Get-AzureADUser -All $true \| Set-AzureADUser -PasswordPolicies None For more information, see https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy.

System

Steps

Active Directory

Define the password expiration period in the group policy objects for all accounts.
Do not enable "password never expire" for all accounts in the Domain Controller.

Azure AD

Configure the password expiration policy using PowerShell.

Open a PowerShell prompt and connect to your Azure AD tenant using a global administrator or user administrator account:
Connect-AzureAD -Confirm
Require password expiration by running one of the following commands:
- Single user (You must specify the user ID of the account owner.)
  Set-AzureADUser -ObjectId <user ID> -PasswordPolicies None
- All users in the organization
  Get-AzureADUser -All $true | Set-AzureADUser -PasswordPolicies None

For more information, see https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy.

Depending on your organization's unique setup, you may be unable to enforce password expiration for all accounts. You can add the issue to the exception list to exclude related risk event data from the calculation of your company's risk index.

The following table outlines the situations in which you can leverage the exception list and apply alternate solutions.

Situation	Action
Usage of both Azure AD and Active Directory (hybrid environment)	Add the "Password expiration disabled" issue to the exception list.
Usage of third-party identity and access management (IAM) systems	Enable the password expiration policy in your IAM system. Add the "Password expiration disabled" issue to the exception list.
Usage of group policy objects	Enable the password expiration policy through GPOs. Add the "Password expiration disabled" issue to the exception list.

Important:

Adding issues to the exception list permanently excludes related risk event data from Risk Insights apps.
If necessary, you can eventually remove issues from the list but excluded risk event data cannot be restored.
Changes to the exception list are applied only to new risk events.