Views:

Learn about the information available in Security Configuration Overview within Cyber Risk Overview.

Security Configuration Overview displays your risk level and risk score within the security configuration risk category. The risk level is a comprehensive rating of your organization's protection product status and is based on the deployment and status of protection products within your endpoint, email, and network security layers plus adoption rates for key product features or risk events based on product configurations. An overall high security configuration risk level or a high risk level within a specific security layer indicates that you may need to review the status of deployed products and optimize product security features and configurations.
Important
Important
The security configuration risk level is determined using all data received from your business without applying asset visibility scope limits.
The following tables detail the widgets available for each security layer within Security Configuration Overview.
Note
Note
The Security Configuration Overview widgets only show data for devices within the asset visibility scope of the current user.
For the endpoint security layer, you can switch data sources using the dropdown menu. Trend Vision One Endpoint Security is the default data source. If you have the Microsoft Defender for Endpoint integration enabled, you can change the data source view for your endpoint security configuration to show your Microsoft Defender for Endpoint security configuration status. To access Microsoft Defender for Endpoint data, you must enable the product integration via a connected Azure subscription in Cloud Accounts. To learn how to enable the Microsoft Defender for Endpoint integration, see Enable Microsoft Defender for Endpoint Log Collection.

Endpoint Security Widgets - Trend Vision One Endpoint Security

Widget
Description
Product data sources
Endpoint Protection
The number of endpoint protection agents deployed on different operating systems throughout your network
  • Trend Micro Apex One as a Service
  • Trend Micro Apex One On-premises
  • Trend Cloud One - Endpoint & Workload Security
  • Deep Security
For customers that have updated to the Foundation Services release, the following products are also supported:
  • Standard Endpoint Protection
  • Server & Workload Protection
Endpoint Sensor
The number of supported endpoint sensor products deployed throughout your network
  • Trend Vision One Endpoint Sensor
  • Trend Micro Apex One Endpoint Sensor
  • Trend Cloud One Endpoint Sensor
Endpoint Protection Agent Version Status
The number of endpoint protection agents running unsupported, older supported, and up-to-date versions of the agent software
  • Unsupported version:
    • Devices running operating systems no longer supported by the agent version
    • Devices running operating systems that are supported but incompatible with the agent version
    • Devices with at least one end-of-life agent version
  • Older supported version: Devices with agents that are still supported but should be updated for the best protection
  • Up-to-date version:
    • Devices with the latest agent version
    • Devices with the latest agent version as specified in the endpoint update policy
  • Trend Micro Apex One as a Service
  • Trend Micro Apex One On-premises
  • Trend Cloud One - Endpoint & Workload Security
  • Deep Security
For customers that have updated to the Foundation Services release, the following products are also supported:
  • Standard Endpoint Protection
  • Server & Workload Protection
Endpoint Sensor Version Status
The number of unsupported, older supported, up-to-date, and legacy endpoint sensor product versions deployed throughout your network
  • Unsupported version:
    • Devices running operating systems no longer supported by the endpoint sensor version
    • Devices running operating systems that are supported but incompatible with the endpoint sensor version
    • Devices with at least one end-of-life endpoint sensor version
  • Older supported version: Devices with endpoint sensor versions that are still supported but should be updated for the best protection
  • Up-to-date version:
    • Devices with the latest endpoint sensor version
    • Devices with the latest endpoint sensor version as specified in the endpoint update policy
  • Supported legacy version: Devices with legacy-version endpoint sensors that are still available and supported. Specific version information is unavailable for legacy endpoint sensors.
  • Trend Vision One Endpoint Sensor
  • Trend Micro Apex One Endpoint Sensor
  • Trend Cloud One Endpoint Sensor
Endpoint Protection Component Version Status
The number of endpoints running up-to-date or outdated endpoint protection component versions
  • Outdated version: Devices with at least one outdated endpoint protection component version
  • Up-to-date version:
    • Devices with the latest endpoint protection component versions
    • Devices with the latest version of all endpoint protection components as specified in the endpoint update policy
  • Trend Micro Apex One as a Service
  • Trend Micro Apex One On-premises
  • Trend Cloud One - Endpoint & Workload Security
  • Deep Security
  • Standard Endpoint Protection
  • Server & Workload Protection
Endpoint Sensor Component Version Status
The number of endpoints running up-to-date, outdated, or legacy endpoint sensor component versions
  • Outdated version: Devices with at least one outdated endpoint sensor component version
  • Up-to-date version:
    • Devices with the latest endpoint sensor component versions
    • Devices with the latest version of all endpoint sensor components as specified in the endpoint update policy
  • Supported legacy version: Devices with legacy-version endpoint sensor components that are still available and supported. Specific component version information is unavailable for legacy endpoint sensors.
  • Trend Vision One Endpoint Sensor
  • Trend Micro Apex One Endpoint Sensor
  • Trend Cloud One Endpoint Sensor
Key Feature Adoption Rates
A list of the major protection features offered by agent and sensor products and the total number of endpoints to which each feature is applied
Expand each listed key feature to see detailed adoption rate and compliance information.
  • Trend Micro Apex One as a Service
  • Trend Micro Apex One On-premises
  • Trend Cloud One - Endpoint & Workload Security
  • Deep Security
Key Feature Adoption and Pattern Update Status
A list of the major protection features offered by agents, the number of endpoints with the features enabled, and the number of endpoints with outdated patterns or non-optimized configurations for each key feature
Expand each listed key feature to see detailed adoption rate and status information.
  • Trend Micro Apex One as a Service
  • Trend Micro Apex One On-premises
  • Trend Cloud One - Endpoint & Workload Security
  • Deep Security
  • Standard Endpoint Protection
  • Server & Workload Protection
Important
Important
  1. To enable visibility over endpoints running Trend Micro Apex One On-premises agents, register the agents in Trend Micro Apex Central Patch 7 or later and update to the following versions or later:
    • Trend Micro Apex One On-premises Service Pack 1 Patch 1
    • Trend Micro Apex One (Mac) Patch 10
  2. To enable visibility over endpoints running Deep Security agents, update to Deep Security Manager 20.0.789 (20 LTS Update 2023-06-28) or later.
Important
Important
This is a "Pre-release" feature and is not considered an official release. Please review the Pre-release disclaimer before using the feature.

Endpoint Security Widgets - Microsoft Defender for Endpoint

Widget
Description
Endpoint operating system distribution
The distribution of operating systems on your Microsoft Defender for Endpoint-managed endpoints. Supported operating systems include:
  • Windows
  • macOS
  • Linux
Click the discovered endpoint total to view your discovered Microsoft Defender for Endpoint endpoints on the device list in Attack Surface Discovery. Click the total for each operating system to view discovered endpoints filtered by operating system.
Risk events by category
Total security configuration risk events detected by security category. Click a total to view corresponding risk events in Risk Reduction Measures within Threat and Exposure Management. Available categories and corresponding risk events include:
  • Account misconfigurations: Microsoft Defender for Endpoint - Non-Compliant or Insecure Account Configuration
  • Application misconfigurations: Microsoft Defender for Endpoint - Non-Compliant or Insecure Application Configuration
  • Network misconfigurations: Microsoft Defender for Endpoint - Non-Compliant or Insecure Network Configuration
  • Network exposures: Microsoft Defender for Endpoint - Exposed or Misconfigured Network Resource or Service
  • Operating system misconfigurations: Microsoft Defender for Endpoint - Non-Compliant Operating System Configuration
  • Security controls: Microsoft Defender for Endpoint - Missing or Disabled Security Controls
Note
Note
  • Microsoft Defender for Endpoint risk events correspond with security recommendations in the Microsoft Defender for Endpoint Console.
  • You must have credits allocated to Cyber Risk Exposure Management in order to view Microsoft Defender for Endpoint risk events in Threat and Exposure Management. For more information, see Credit requirements for Trend Vision One solutions, capabilities, and features.
Endpoint protection version status
Total endpoints running outdated, up-to-date, and unknown Microsoft Defender for Endpoint update components, including engine, platform, and security intelligence components. You should apply the latest Microsoft security intelligence update for any endpoints with outdated versions to strengthen your security posture. For information on the latest Microsoft security intelligence updates, see the Microsoft documentation.

Email Security Widgets

Widget
Description
Supported products
Email Protection
A list of your configured Trend Micro email protection solutions and the number of assets protected
  • Trend Micro Cloud App Security
  • Trend Micro Email Security
  • Cloud Email and Collaboration Protection
  • Cloud Email Gateway Protection
Email Sensor
A list of your email account assets that have Email Sensor detection enabled
  • Email Sensor
Trend Micro Cloud App Security or Cloud Email and Collaboration Protection
Displays the number of email accounts with and without a policy assigned
Tip
Tip
Clicking the number of email accounts that do not have a policy assigned takes you to Email Asset Inventory, where you can assign a policy.
  • Trend Micro Cloud App Security
  • Cloud Email and Collaboration Protection
Trend Micro Email Security or Cloud Email Gateway Protection
Displays the number of email domains that are and are not properly configured
Tip
Tip
Clicking the number of email domains that are not properly configured or that do not require configuration takes you to Email Asset Inventory, where you can configure the domains.
  • Trend Micro Email Security
  • Cloud Email Gateway Protection
Key Feature Adoption Rates
A list of the major security features offered by Trend Micro email protection solutions that includes the number of email accounts and email domains for which each feature is enabled.
For more information, see Enabling Key Features for Email Accounts with Cloud App Security and Inbound and Outbound Protection.
Expand each listed key feature to see detailed adoption rate and compliance information.
Tip
Tip
Clicking the number of non-optimized email accounts or email domains for an individual feature takes you to Email Asset Inventory, where you can see a list of the individual assets.
  • Trend Micro Cloud App Security
  • Trend Micro Email Security
  • Cloud Email and Collaboration Protection
  • Cloud Email Gateway Protection

Network Security Widgets

Widget
Description
Supported products
Network Security Appliances
The number of Deep Discovery Inspector appliances deployed in your environment
  • Deep Discovery Inspector
Network Sensor
The number of network sensors enabled in your environment
  • Virtual Network Sensor
  • Deep Discovery Inspector
Appliance Health
Displays the number of Virtual Network Sensor and Deep Discovery Inspector appliances that are properly connected and the number of appliances that are not receiving traffic
  • Virtual Network Sensor
  • Deep Discovery Inspector
    Important
    Important
    Appliance connection status is only available for Deep Discovery Inspector 6.7 or later.
Software Version
Displays the software version status of your connected Virtual Network Sensor and Deep Discovery Inspector appliances
  • Virtual Network Sensor
  • Deep Discovery Inspector
Component Version Status
Displays the number of appliances using the latest version or outdated versions of components.
  • Virtual Network Sensor
  • Deep Discovery Inspector
  • Important
    Important
    Component version status is only available for Deep Discovery Inspector 6.7 or later.
Key Feature Adoption and Configuration
A list of the major protection features offered by Virtual Network Sensor and Deep Discovery Inspector, and the number of appliances that have each feature enabled or configured
Expand each listed key feature to see detailed adoption rate and status information.
  • Virtual Network Sensor
  • Deep Discovery Inspector
    Important
    Important
    Key feature adoption and configuration status is only available for Deep Discovery Inspector 6.7 or later.
Important
Important
To enable visibility over your Deep Discovery Inspector appliances, update to Deep Discovery Inspector 6.7 or later.
Related information