Views:

Respond to security incidents, conduct compromise assessments, threat hunting, and monitoring directly within Trend Vision One.

Forensics lets you to conduct security investigations without the need for separate Digital Forensics and Incident Response (DFIR) tools. Forensics has no deployment steps and adds no operational complexity.
From the Trend Vision One console, you can gather digital evidence from endpoints, organize the collected evidence data within workspaces, and triage endpoints using osquery and YARA.
The following table outlines the sections available in Forensics (XDR Threat InvestigationForensics).
Section
Description
Create, modify, or delete workspaces to organize the collected evidence and conduct incident investigations.
Collect and manage digital evidence from the endpoints in your environment.
Monitor the status of tasks generated within the Forensics app, such as evidence collection.