XDR Detection

View information about the XDR detection risk factor, which is determined by Workbench alerts.

Operations Dashboard uses data from your organization's XDR Workbench Alerts and Targeted Attack Detection to determine the risk levels of your users and devices. The XDR Detection risk factor contributes to the Attack Index.

The following table outlines the widgets available in the XDR detection section.



Top 10 Unsolved At-Risk Alerts

The 10 Workbench alerts with the greatest impact on your Risk Index

  • Click the Workbench ID to view and manage the event in the Workbench app.


For customers that signed up for or expressly updated Trend Vision One after July 3, 2023, Top 10 Unsolved At-Risk Alerts only shows data for devices within the management scope of the current user.

The following table describes the indicators associated with the XDR detection risk factor.



Data Sources


Workbench alerts

Detection of events by XDR sensors that may be malicious or indicate risk

  • Endpoint Sensor

  • Email Sensor

  • Network Sensor

  • Trend Vision One Container Security

  • Trend Cloud One - Endpoint & Workload Security

  • Trend Micro Deep Security

  • Device

  • User

Observed Attack Technique detections

Detection of early attack indicators by scanning of your Smart Protection Network data

  • Endpoint Sensor

  • Trend Micro Apex One as a Service

  • Device

  • User