October 2024

October 31, 2024—Version control policies for Trend Endpoint Security provides policy-based management of agent and component updates in a centralized location. Additionally, Trend Micro delivers enhanced stability of the Trend Endpoint Agent through selective testing and staged rollouts, reducing risks and ensuring compatibility with your security environment.

October 31, 2024—You can now access the new Cloud Posture public APIs for Events and Groups through the Trend Vision One Automation Center.

October 31, 2024 — Trend Vision One – Container Security now supports compliance scanning with CIS benchmarks in your Red Hat OpenShift clusters. Assess and guarantee adherence to industry-leading security standards effortlessly, enhancing your OpenShift security posture.

For more information, see Compliance.

October 28, 2024 — Cyber Risk Assessment is introducing Identity Posture Assessment, a new complimentary feature for all users. This feature allows you to scan your organization's identity-related assets to detect the assets that might be exposed to attack and identify risk events that most put your assets at risk.

For more information, see Identity Posture Assessment.

October 28, 2024 — Streamline your insurance application process with our new Cyber Insurance security dashboard template. This template summarizes critical cybersecurity data required by insurance carriers, aggregating essential security control metrics to help businesses effectively demonstrate their cybersecurity posture.

October 28, 2024—The Virtual Network Sensor now supports connecting to Trend Vision One using a Service Gateway as a proxy. Additionally, you can set custom proxy settings if you prefer to connect your Virtual Network Sensor using a third-party proxy. Update to the latest version of Virtual Network Sensor to use this capability.

October 25, 2024 — Cloud Email and Collaboration Protection supports four more predefined conditions for defining custom detection signals in Correlated Intelligence. The conditions check the Reply-To domain activity, the Reply-To address activity, the URL domain registration age in email, and the sender address for anomaly detection in the customer’s environment.

October 25, 2024 — Cloud Email and Collaboration Protection enhances the monitoring of Correlated Intelligence detections without disrupting your email flow. This update automatically enables the Correlated Intelligence filter for policies where this filter is currently disabled, allowing you to keep track of Correlated Intelligence detections seamlessly while maintaining smooth email operations. Specifically,

October 25, 2024 — Cloud Email and Collaboration Protection extends its capabilities to identify false positive emails detected by Advanced Spam Protection, Web Reputation, and Correlated Intelligence, and then automatically restore false positive emails marked for deletion in end users’ “Recoverable Items > Deletions” folder in Exchange Online and the “Trash” folder in Gmail.

October 25, 2024 — Cloud Email and Collaboration Protection provides an option for administrators to re-create access tokens for the Dropbox and Google Drive service accounts when the current tokens become invalid or you want to refresh the existing token.

October 23, 2024 — Automated Response Playbooks now offer expanded capabilities with new response actions. You can select the Revoke Access Permission action to revoke access permissions of IAM users with potentially compromised AWS accounts, applicable to accounts with Cloud Response for AWS enabled. Additionally, you can now choose the Isolate Container or Terminate Container actions to manage container security effectively.

For more information, see Creating Automated Response Playbooks.

October 28, 2024—On December 2nd, 2024, Cloud Posture will be fully relocated to the new Cloud Security app group, where you can get a unified view of your cloud resources and security. Until that date, you may access Cloud Posture from within the Attack Surface Risk Management app group or in the new Cloud Security app group.

October 21, 2024—Get central visibility of your cloud entitlements and related risks in Cloud Posture. With over 200 different types of cloud resources currently available, cloud operations and security teams are increasingly challenges by the complexity of cloud infrastructure entitlement management.

A dedicated entitlements tab in Cloud Overview now gives users centralized visibility into cloud identities and related risks. Take action and focus remediation efforts based on prioritized risks, including risky identity types, identity misconfigurations, and potential attack paths. To learn more, see Entitlements.

October 21, 2024—The Detected Vulnerabilities widget in Exposure Overview now displays CVEs by impact level, including detected low-impact CVEs. New widgets in Operations Dashboard allow you to filter CVEs by high, medium, and low impact. To learn more about how CVE impact scores are calculated, see CVE impact score.

October 16, 2024 — Network Inventory now supports the option to connect your TippingPoint Network Sensor to Trend Vision One through a proxy. This configuration option is available only when you enable TippingPoint Network Sensor.

For more information, see Enabling Network Sensor for TippingPoint.

Network Security → Network Inventory → TippingPoint

October 14, 2024—You can now specify accounts to exclude when connecting or updating AWS Organizations in the Cloud Accounts app. This feature can be used to exclude certain accounts from being monitored by Trend Vision One, or to allow connecting excluded accounts individually to set up feature and account configurations different from the organization.

October 9, 2024—You can now interact directly with the Kubernetes API to create and manage Container Security cluster-managed policies and rulesets within your Kubernetes clusters. This integration facilitates seamless deployment of Container Security policies and rulesets with your GitOps workflows.

For more information, see Cluster-managed policies.

October 9, 2024—Container Security now supports access to detailed results and statistics for scanned artifacts on the Container Image Scanning page from the Trend Vision One console. View the scan results of registry image artifacts for vulnerabilities, malware, and secrets within your continuous integration (CI) or continuous delivery (CD) pipeline.

For information, see Container Image Scanning.

October 8, 2024—Executive Dashboard now supports the ability to view and compare the Risk Index for specific subsets of assets. For example, you can monitor risk per business unit, region, information system, and more to determine which subset requires attention. To see the Risk Subindex, you must first build an asset grouping structure in Asset Group Management and allocate tag values to assets groups of either "Attack Surface Discovery" or "Tag Inventory App". For more information, see Risk Overview.

October 8, 2024—Endpoint Inventory now features two new features to enhance navigating the inventory list.

October 8, 2024 — The new Asset Group Management app is now available in public preview. In Asset Group Management, you can create groups of assets, designate tag values for the new Asset group tag, and assign a tag value to each asset group. By enabling you to analyze and manage specific subsets of assets, asset groups streamline your asset management and provide a foundation for powerful new features on the Trend Vision One platform.

For more information, see Asset Group Management.

October 1, 2024—The send to sandbox feature for Virtual Network Sensor is now officially released. Send to sandbox is a paid feature and requires 2000 credits for every 500 Mbps of traffic scanned.