Views:

Allocate Trend Vision One credits to enable the following apps and services.

Note
Note
To purchase Trend Vision One credits, contact your sales representative or go to an affiliated marketplace.
Learn more about how your license entitlements are calculated into credits.

Attack Surface Risk Management (add-on to XDR) (formerly Risk Insights Capabilities)

Enabling Attack Surface Risk Management (add-on to XDR) grants you access to Attack Surface Discovery, Operations Dashboard, and Cloud Posture.
Executive Dashboard is available without a license or credits.
Identity Posture is available to all customers with an Attack Surface Risk Management entitlement.
Note
Note
Attack Surface Risk Management (add-on to XDR) is the old pricing model for Attack Surface Risk Management, which is only available to customers who previously purchased a Attack Surface Risk Management (add-on to XDR) license entitlement (formerly Risk Insights Capabilities). Customers retain the old original pricing model until the license expires.
Because the credit requirement for this offering is equal to the total number of credits allocated to all enabled endpoint, email, and network sensors, you must deploy at least one type of XDR sensor to enable Attack Surface Risk Management (add-on to XDR).
For more information on the old pricing model and updating to the new pricing model, see Considerations for updating to the new Attack Surface Risk Management pricing model.
The following table describes the available offerings and required credits for Attack Surface Risk Management (add-on to XDR).
App
Description
Required credits
Attack Surface Risk Management (add-on to XDR)
Discover your assets and attack vectors, and automatically assess, prioritize, and mitigate the risks associated with your attack surface.
For more information, see the following topics:
The credits required for Attack Surface Risk Management (add-on to XDR) are equal to the total number of credits allocated to all enabled XDR sensors:
  • 20 credits per XDR Endpoint Sensor deployment
  • 3 credits per user account with XDR Email Sensor
  • 12,500 credits per 500 Mbps on Virtual Network Sensor
  • 25,000 credits per 1 Gbps on Network Sensor with Deep Discovery Inspector
  • 12,500 credits per 500 Mbps on Network Sensor for TippingPoint

Attack Surface Risk Management

Enabling Attack Surface Risk Management grants you access to Attack Surface Discovery, Operations Dashboard, and Cloud Posture.
Executive Dashboard is available without a license or credits.
Identity Posture is available to all customers with an Attack Surface Risk Management entitlement.
Note
Note
Attack Surface Risk Management is the new pricing model for Attack Surface Risk Management features, and is available to all customers.
Once enabled, Attack Surface Risk Management automatically discovers your desktops, servers, and connected cloud accounts from your configured data sources, assesses the assets, and then allocates the necessary number of credits. If needed, you can override the automatically calculated number of assessed assets with a different total.
For more information on updating to the new pricing model, see Considerations for updating to the new Attack Surface Risk Management pricing model.
The following table describes the available Attack Surface Risk Management offerings and required credits.
App
Description
Required credits
Attack Surface Risk Management
Discover your assets and attack vectors, and automatically assess, prioritize, and mitigate risks associated with on-premise endpoints, internet-facing assets, identities, and applications.
For more information, see the following topics:
20 credits per assessed desktop or server
  • Assessed desktops and servers include the total number of managed desktops and servers, plus any unmanaged desktops or servers in your environment that have experienced risk events in the last 30 days. Desktops and servers added to the exception list in Attack Surface Discovery are not included in the credit calculation.
Attack Surface Risk Management for Cloud
Discover and assess your cloud assets, including workloads, containers, storage, identities, applications, and APIs.
For more information, see the following topics:
8,000 credits per assessed cloud account

Container Security

The following table describes the available Trend Vision One Container Security offerings and required credits.
Offering
Description
Required credits
Container Security
Ensure the security of your containers from build to termination and shield them against evolving threats at every step.
Data retention period: 30 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Container Security.
  • 1,100 credits per protected Kubernetes node or Amazon ECS instance
  • 110 credits per protected serverless container pod or task
Required credits are based on usage over the past 7 days.

Data Transfer

The following table describes the available Trend Vision One Data Transfer offerings and required credits.
Offering
Description
Required credits
Data transfer to third-party platforms
Send XDR activity data from Trend Vision One to integrated third-party platforms to conduct data analysis or retain data for regulatory compliance and auditing purposes.
Applicable integrations: AWS S3 bucket connector, Splunk HEC connector, and Datalake Pipeline public APIs
To allocate and manage credits, go to Third-Party Integration and click gear_icon=fc9a51ad-35af-4fe3-92c6-5e41b2dfc5d9.png to view Credit Settings. Specify the total annual Data allowance (in TB) for data transfer through the applicable integrations and click Save. You can also view a graph of data transfer over the past year and a table of daily data transfer (in GB) under Usage Details.
Note
Note
Daily data transfer of less than 0.01 GB is calculated as 0.01 GB.
800 credits per 1 TB of data

Email Inventory

The following table describes the available Trend Vision One Email Inventory offerings and required credits.
Offering
Description
Required credits
Email Sensor
Detect malicious or anomalous email activities on monitored mailboxes.
For more information, see Email and Collaboration Sensor.
5 credits per user account

Email and Collaboration Security

Important
Important
Only customers that have updated to the Foundation Services release have access to the feature.
The following table describes the available Trend Vision One Email and Collaboration Security offerings and required credits.
For more information, see Credit requirements for Email and Collaboration Security.
Offering
Description
Required credits
Email Sensor
Enable email sensor detection on user accounts to send activity data for state-of-the-art threat detection and alerting.
Data retention period: 180 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Email and Collaboration Sensor.
5 credits per user account
Cloud Email and Collaboration Protection
Enable core protection for your email and collaboration services, including services in Microsoft 365 and Google Workspace, Box, and Dropbox.
Data retention period: 180 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Cloud Email and Collaboration Protection.
25 credits per user account
Enable advanced protection features including Inline Protection and Virtual Analyzer for URLs (URL sandboxing).
Data retention period: 180 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Cloud Email and Collaboration Protection.
25 credits per user account
Cloud Email Gateway Protection
Enable core protection to safeguard your email gateways against phishing, ransomware, BEC, other advanced email threats, and spam.
Data retention period: 180 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Cloud Email Gateway Protection.
25 credits per user account
Enable advanced protection features including Virtual Analyzer for URLs (URL sandboxing), Email Encryption, Email Continuity, Extra Large Message Size, and DMARC Report Analysis.
Data retention period: 180 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Cloud Email Gateway Protection.
25 credits per user account

Endpoint Inventory

The following table describes the available Trend Vision One Endpoint Inventory offerings and required credits.
Offering
Description
Required credits
XDR Endpoint Sensor
Detect malicious or anomalous activities on monitored endpoints and servers.
For more information, see Endpoint Inventory.
20 credits per deployment

Endpoint Security

Important
Important
Only customers that have updated to the Foundation Services release have access to the feature.
The following table describes the available Trend Vision One Endpoint Security offerings and required credits.
Offering
Description
Required credits
Endpoint Sensor detection and response
Enable Endpoint Sensors to send activity data for state-of-the-art threat detection and alerting.
Data retention period: 30 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Endpoint Inventory.
20 credits per deployment
Advanced Endpoint Security
Enable layered protection and detection capabilities, like advanced anti-malware, ransomware protection, host-based intrusion prevention, device and application control, and more.
Data retention period: 30 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Standard Endpoint Protection and Server & Workload Protection.
45 credits per deployment
Advanced Server & Workload Protection
Enable advanced threat prevention, detection, and response capabilities optimized for servers, workloads, and other critical assets.
Data retention period: 30 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Server & Workload Protection.
For details on credit allocation, see How does credit allocation work for Server & Workload Protection?.
235 credits per deployment

File Security

The following table describes the available Trend Vision One File Security offerings and required credits.
Offering
Description
Required credits
File Security SDK
Enable File Security to scan your files and buckets for malicious software to help protect your applications, cloud storage, and more.
Data retention period: 180 days (or in accordance with the Trend Vision One data retention policy)
For more information, see File Security.
5,000 credits per 500,000 reserved scans
File Security Storage
Scan your storage for malicious software to help protect your applications, cloud storage, and more.
Data retention period: 180 days (or in accordance with the Trend Vision One data retention policy)
For more information, see File Security.
5,000 credits per 500,000 reserved scans

Forensics

The following table describes the available Trend Vision One Forensics offerings and required credits.
Offering
Description
Required credits
Data Allowance
Collect digital evidence from your environment to support threat investigation and incident response.
For more information, see Evidence collection.
400 credits per 1 GB of data usage

Mobile Inventory

The following table describes the available Trend Vision One Mobile Inventory offerings and required credits.
Offering
Description
Required credits
Mobile Sensor
Enroll mobile devices to detect malicious mobile apps and identify other risks.
Data retention period: 90 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Mobile Inventory.
5 credits per device

Network Inventory

The following table describes the available Trend Vision One Network Inventory offerings and required credits.
Offering
Description
Required credits
XDR Network Sensor
Conduct advanced threat analysis on network activity.
For more information, see Network Inventory.
25,000 credits per 1 Gbps of traffic

Sandbox Analysis

The following table describes the available Trend Vision One Sandbox Analysis offerings and required credits.
Offering
Description
Required credits
Reserved Submissions
Submit objects for analysis in a secure virtual environment to determine the risk they pose to your organization.
Data retention period: 180 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Sandbox Analysis.
50 credits per daily reserved submission

Threat Intelligence

The following table describes the available Trend Vision One Threat Intelligence offerings and required credits.
Offering
Description
Required credits
Threat Insights
Receive the latest threat intelligence curated by Trend Micro threat experts, and view how current threats are affecting your own environment.
For more information, see Threat Insights.
50,000 credits per user account
Trend Threat Intelligence Feed
Integrate Trend Threat Intelligence Feed into your proprietary security environment via API to receive the latest, continuously updated threat intelligence.
For more information, see Setting up the API for Trend Threat Intelligence Feed.
  • Trend Threat Intelligence Feed: 150,000 credits per year
  • Trend Threat Intelligence Feed for Service Providers: 500,000 credits per year

XDR for Cloud

The following table describes the available Trend Vision One XDR for Cloud offerings and required credits.
Offering
Description
Required credits
XDR for Cloud - AWS CloudTrail
Extend detection and response capabilities to your cloud environments to monitor for suspicious behavior and take response actions.
Data retention period: 30 days (or in accordance with the Trend Vision One data retention policy)
For more information, see AWS features and permissions.
62 credits per 1 GB of data usage

XDR for Networks

Important
Important
Only customers that have updated to the Foundation Services release have access to the feature.
The following table describes the available Trend Vision One XDR for Networks offerings and required credits.
Offering
Description
Required credits
Virtual Network Sensor
Deploy and connect the Virtual Network Sensor to monitor network activity.
Data retention period: 30 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Virtual Network Sensor.
12,500 credits per 500 Mbps of traffic
Calculated based on total average scanned throughput up to the last 30 days. Credits are allocated dynamically.
For more information, see Credit allocation for Network Security.
Deep Discovery Inspector network sensor
Connect the Deep Discovery Inspector appliance and enable the network sensor feature to monitor network traffic.
Data retention period: 180 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Network Inventory.
25,000 credits per 1 Gbps of traffic
Calculated based on the configured maximum bandwidth of connected appliances with the network sensor feature enabled. Credits are allocated when Network Sensor is enabled.
For more information, see Credit allocation for Network Security.
TippingPoint network sensor
Connect your TippingPoint SMS and enable the network sensor feature on managed appliances to monitor network traffic.
12,500 credits per 500 Mbps of traffic. Calculated based on the monitored traffic of all Network Sensors for TippingPoint over the past 30 days. Credits are allocated dynamically.
Send to sandbox for Virtual Network Sensor
Send suspicious files and other objects to a virtual sandbox for analysis. Results are displayed in the Sandbox Analysis app.
2,000 credits per 500 Mbps of traffic

XDR for OT

The following table describes the available Trend Vision One XDR for OT offerings and required credits.
Note
Note
After you connect your TXOne StellarOne or TXOne EdgeOne to Trend Vision One, credits are automatically allocated when data is transmitted from your managed OT agents or Edge network devices.
Offering
Description
Required credits
XDR for OT - Device
Collect detection logs from your managed OT agents to conduct advanced threat analysis on endpoint activity.
Data retention period: 30 days (or in accordance with the Trend Vision One data retention policy)
20 credits per agent
XDR for OT - Network
Collect detection logs from your EdgeIPS devices to conduct advanced threat analysis on network activity.
Data retention period: 30 days (or in accordance with the Trend Vision One data retention policy)
200 credits per node
The following table describes the mapping between the device model and converted number of nodes for each OT network device.
Note
Note
You can manage the network device models in the TXOne EdgeOne console.
Product
Model type
Model information
Node unit
EdgeIPS
EdgeIPS-102
IPS 102-BP-R
1
EdgeIPS
EdgeIPS-103
IPS 103-BP-R
1
EdgeIPS Pro
EdgeIPS Pro-1048
IPS Pro-1048-BP
12
EdgeIPS Pro
EdgeIPS Pro-2096
IPS Pro-2096-BP
36
EdgeIPS Pro
EdgeIPS Pro 216-R
IPS Pro-216-BP-R
8
EdgeIPS Pro
EdgeIPS Pro 216-C
IPS Pro-216-BP
8
EdgeIPS Lite
EdgeIPS LE-102
IPS LE-102-BP
1
EdgeFire
EdgeFire 1012
IEF-1012-R
1

Zero Trust Secure Access

The following table describes the available Trend Vision One Zero Trust Secure Access offerings and required credits.
Offering
Description
Required credits
Private Access
Gain control over your users' access to internal applications by enabling Private Access.
Data retention period: 180 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Private Access.
Private Access: 50 credits per user
Internet Access and AI Service Access
Gain control over your users' access to the internet by enabling Internet Access, and secure user access to generative AI services by enabling AI service access.
Data retention period: 180 days (or in accordance with the Trend Vision One data retention policy)
For more information, see Internet Access and AI Service Access.
  • Internet Access: 60 credits per user
  • AI Service Access: 50 credits per user
  • Internet Access and AI Service Access (bundled): 85 credits per user
Note
Note
Enabling or disabling certain functions on on-premises gateways causes Zero Trust Secure Access to begin calculating credits for Internet Access based on the total vCPUs allocated to the corresponding Service Gateway. Actions that result in credit calculation by vCPU usage include:
  • Not requiring user authentication for endpoints connecting without the Secure Access Module installed
  • Disabling the uploading of activity data from on-premises gateways to Trend Vision One
  • Enabling ICAP mode
  • Enabling reverse proxy mode
Total required credits are calculated by the number of authenticated users over the last 180 days plus the daily number of allocated vCPUs. One vCPU is equivalent to 75 users.
Private IP addresses permitted to bypass user authentication are included in the Internet Access user count when connecting through configured gateways. Each IP address is counted as one user.
If you enabled Internet Access or AI Service Access in the past 180 days, the user count includes any Internet Access or AI Service Access users from the past 180 days, even if the service is now disabled.
Related information