February 2025

February 24, 2025—Detection Model Management now supports logical operators (AND, OR) when creating custom detection models with multiple filters.

The new logical operators let you specify whether alerts trigger when all filters meet their thresholds (AND) or when any filter meets its threshold (OR).

For more information, see Configure a custom model.

February 24, 2025—The enhanced recommendation scan improves upon the classic recommendation scan by optimizing efficiency, reliability, and accuracy when identifying security rules for Intrusion Prevention, Integrity Monitoring, and Log Inspection. Based on your system's required security rules, the scan delivers recommendations with optimized performance and fewer limitations. Whether run manually or scheduled for automated scanning, enhanced recommendation scan can apply recommended rules for regular protection with minimal disruption and reduced strain on system resources.

For more information, see Enhanced recommendation scan.

February 21, 2025—Data Posture is a comprehensive system designed to help you understand your organization’s overall data risk and identify cloud assets with the riskiest sensitive data. Data Posture employs continuous monitoring and risk assessment protocols to identify potential vulnerabilities and unauthorized access attempts. By integrating both native and third-party scanning technologies, Data Posture provides a comprehensive security solution for cloud-based data.

For more information, see Data Security Posture.

February 21, 2025—Cloud Email and Collaboration Protection adds the "Add disclaimer" action for BEC detections to the Advanced Spam Protection security filter of ATP policies for Exchange Online and Exchange Online (Inline Mode).

February 21, 2025—Beside Gmail, Cloud Email and Collaboration Protection extends the Log Retrieval API to allow administrators to get security event logs of the Gmail (Inline Mode) service.

February 21, 2025—Cloud Email and Collaboration Protection displays scam detection data in the Threat Detection dashboard to help you understand scam email detections in your environment. Scams often involve deceptive emails designed to trick recipients into providing sensitive information or transferring money. The dashboard includes detailed insights such as scam detections by email service, the top 5 scam email senders, and the top 5 scam email recipients. This information helps you identify and mitigate potential threats more effectively.

February 21, 2025—Cloud Email and Collaboration Protection adds two more conditions for defining custom detection signals for anomalies in Correlated Intelligence. These conditions define the number of days within a 30-day period that communication from a sender or sender's domain is considered abnormal on a company-wide basis.

These conditions are not available in all regions.

February 21, 2025—Cloud Email and Collaboration Protection allows adding or removing users after being granted access to Exchange Online with the "Synchronize selected users" option. Previously, this option did not support user synchronization, making user updates impossible after access was granted. The enhanced user management feature lets administrators review synchronized users and make necessary adjustments, providing greater control and flexibility. This ensures that new users receive Cloud Email and Collaboration Protection protection and allows easier removal of unavailable users.

February 18, 2025—Cloud Email Gateway Protection now allows administrators to configure report settings and view generated reports only for the domains they have permission to manage. This enhancement ensures that email traffic and threat detection data in reports are accessible only to authorized administrators, providing better control and security.

February 18, 2025—You can now upload your company logo to replace the default Trend Micro logo when configuring the blocking and warning redirect pages for time-of-click protection. End users will see the customized logo when they encounter a blocked or warning page after clicking a potentially malicious URL. This enhancement strengthens your brand presence and provides a seamless and familiar experience for your users in security alerts.

February 18, 2025—Cloud Email Gateway Protection now includes two new tokens - %CI_RULE_NAME% and %CI_RULE_DESC%, that administrators can use in email notifications for policy matches and in stamps inserted into the message body. These tokens help identify which security risks or anomalies have been detected by Correlated Intelligence, providing clearer and more detailed information in your email security alerts.

February 14, 2025—You can now view the credit allocation status of your endpoints in Endpoint Inventory. You can use the filter function to quickly find which endpoints have enable advanced features requiring credit allocation. Clicking Manage Allocation in Credits and Billing opens Endpoint Inventory with the filter applied.

February 12, 2025—Compliance Management is now in public preview as part of the Trend Vision One™ platform. With Compliance Management, you can monitor and track your organization's pass rate for selected frameworks and standards, as well as view the recommended remediation actions to reduce security risks from misconfigurations.

The app offers the following effective features:

• Enhanced user experience: The left navigation panel allows you to quickly switch between compliance frameworks and standards
• Compliance Summary and Analysis widget: A detailed analysis of your organization's compliance posture, along with a quick and effective overview of your pass and fail rates to facilitate audits and remediation
• Compliance monitoring by asset group: Filters allow you to drill down on each asset group and view pass rates across different security layers and over time
• Compliance Management Overview Report: A quick summary of all monitored frameworks and standards with AI-generated recommendations for remediation actions

February 10, 2025—You can now create Network Resource Profiles to manage and assign different sets of Network Resource Lists to your connected network security devices. The feature enables designating lists for devices across different regions, groups, or segments in your organization.

February 10, 2025—Microsoft Power BI can now be integrated with Trend Vision One to access and analyze data directly from the Trend Vision One platform via APIs.

For more information, see Microsoft Power BI integration.

February 10, 2025—Email and Collaboration Security now offers a test drive function for Email Sensor. This feature allows customers to target specific mailboxes and simulate attacks on them. It helps customers understand the value of Trend Vision One related functions, including XDR and Cyber Risk Exposure Management capabilities.

February 10, 2025—To better prioritize risk reduction in Threat and Exposure Management, the Cloud Activity tab will be removed on March 31, 2025. After the tab is removed, you can still access Cloud Activity widget information in Security Dashboard and Attack Surface Discovery. For more information, see Cloud activity.

February 7, 2025— Trend Vision One™ is expanding capabilities to deliver more value. Attack Surface Risk Management is now Cyber Risk Exposure Management (CREM), emphasizing proactive risk identification, assessment, and mitigation. With current cutting-edge capabilities, CREM allows you to continuously monitor entry points, prioritize mitigation actions based on impact, and predict future threats to neutralize risks before they materialize.

February 1, 2025—The Cloud Detections for AWS VPC Flow Logs feature, part of Trend Vision One - XDR for Cloud, is officially released as a paid feature to all users. Additionally, the daily log ingestion limit is removed. XDR for Cloud - AWS VPC Flow Logs requires allocating credits to use.

February 1, 2025—The credit usage requirement for Trend Vision One - XDR for Cloud has been reduced from 62 credits to 3 credits per GB of data ingested. For existing customers who have already allocated credits to the solution, the additional credits are automatically returned to your credit balance.