April 2025

April 11, 2025—Trend Vision One Endpoint Security agents now support "Log" and "Block" actions for File SHA-256 objects within the Suspicious Object List. This enhances threat response capabilities by allowing direct action on SHA-256 hashes identified as suspicious across Windows, Mac, and Linux platforms.

For more information, see Suspicious Object Management .

April 9, 2025—Trend Vision One now supports adding custom tags to your clusters in Container Security using Tag Management. You can assign tags to specific assets to gain visibility across all Trend Vision One applications and keep your assets organized.

For more information, see Tag Management.

April 9, 2025—Trend Vision One Endpoint Sensor introduces a new command in the remote shell, drivelist. This command lists detailed drive information across Windows, Linux, and macOS platforms.

April 8, 2025—You can now view your resources and risk events grouped by Project defined automatically in your Cloud Projects and adjusted manually through cloud platform accounts, cloud platform tags, and Trend Vision One tags. You can also define new Projects based on conditions based on Asset name, Asset type, Provider, Region, Location, Account Name, and Cloud Provider Asset Tags. For more information, see Project Centric Overview.

April 7, 2025—Trend Vision One now integrates with Google Security Operations (Google SecOps) SIEM. This integration facilitates efficient data sharing, enabling Trend Vision One to send alerts, event data, container vulnerabilities, activity data, and audit logs to Google SecOps. Configure data feeds in Google SecOps to ingest this data and enhance your security telemetry analysis.

For more information, see Google Security Operations SIEM integration.

April 7, 2025—The Splunk HEC connector introduces granular data selection based on asset tags. You can now specify which data gets transferred by choosing relevant tags, providing greater control and flexibility over the data shared with Splunk Cloud.

For more information, see Splunk HEC connector configuration.

April 7, 2025—Asset tagging for endpoints and container clusters is now supported. Trend Vision One can now enrich your custom tags with asset activity and detection data, allowing you to leverage Search and Detection Model Management.

April 1, 2025—Security Playbooks is introducing a new playbook template: Security Awareness Training Campaign. This type of playbook is designed to enhance your organization's security posture by creating targeted security awareness training campaigns for user accounts identified in account compromise and XDR detection risk events.

For more information, see Creating Security Awareness Training Campaign playbooks.

April 1, 2025—Compliance Management is now officially released and includes the following exciting features: