Views:

View affected endpoints in your environment and information about monitored attack campaigns.

Section
Information
Endpoints
An overview of endpoints affected by ongoing attack campaigns
Click the number to view details about each affected endpoint.
  • Endpoint: Globally unique identifier (GUID) of agent installed on the affected endpoint or internet protocol (IP) address of the affected endpoint
  • Severity: Highest severity security event the app observed on the endpoint
  • Reasons: The type of malicious behavior the app observed on the endpoint
  • Recommended actions: Recommended steps to mitigate risk
  • Management server: Host name and IP address of the server that manages the affected endpoint
  • First observed: Timestamp of when the Trend Vision One first observed an attack indicator or event on the endpoint
Filter the list by endpoint and attack phase.
Sort the list by changing View to Management server, Severity, or Recommended actions.
Campaigns
Trend Micro threat researchers monitor and analyze attack campaigns affecting organizations around the world. Their research provides context to detected attack indicators and allows Trend Vision One to predict possible next steps by attackers.
Use the information to identify other potentially compromised assets and mitigate the risk posed by each campaign.
Tags indicate regions, platforms, and industries the campaign affects the most.
A red icon next to the campaign name indicates the app found attack indicators for that campaign in your environment.