Service Management

October 14, 2024—You can now specify accounts to exclude when connecting or updating AWS Organizations in the Cloud Accounts app. This feature can be used to exclude certain accounts from being monitored by Trend Vision One, or to allow connecting excluded accounts individually to set up feature and account configurations different from the organization.

October 8, 2024 — The new Asset Group Management app is now available in public preview. In Asset Group Management, you can create groups of assets, designate tag values for the new Asset group tag, and assign a tag value to each asset group. By enabling you to analyze and manage specific subsets of assets, asset groups streamline your asset management and provide a foundation for powerful new features on the Trend Vision One platform.

For more information, see Asset Group Management.

August 26, 2024 — Cloud Accounts now features a detailed graph displaying your current and historical data ingestion for XDR for Cloud, enabling you to track the volume of data analyzed. To view the usage graph, go to Service Management → Cloud Accounts and click Credit Usage.

August 21, 2024 — XDR for Cloud now provides monitoring capabilities for detecting possible attacks on Gen-AI applications in Amazon Bedrock. XDR for Cloud monitors for attempted and unauthorized deletion of guardrails and knowledge bases, and tampering with logging. These detections require the XDR for Cloud - AWS CloudTrail feature to be enabled on your connected AWS accounts. If you have already enabled the feature, the new detection capabilities are enabled by default.

To enable XDR for Cloud - AWS CloudTrail, go to Service Management → Cloud Accounts → AWS and update the deployment stack.

To view the new detection models, go to XDR Threat Investigation → Detection Model Management.

August 19, 2024 — The "XDR for Cloud - AWS VPC Flow Logs" and "Cloud Response for AWS" features can now be enabled and deployed to AWS Organization accounts in the Cloud Accounts app.

July 17, 2024 – Announcing Trend Micro Artifact Scanner (TMAS) v2.0+ with enhanced support for custom scanner combinations including the newly released secrets scanner. Users can run scanners independently or together, ensuring comprehensive security coverage tailored to their specific needs. This version also provides a more intuitive and standardized result output. For all changes, read WHATS-NEW.md included with the binary.

July 8, 2024 – Threat detection for AWS VPC Flow Logs is now available as a feature of XDR for Cloud. Once VPC flow log monitoring is enabled, Trend Vision One automatically analyzes the logs for any traffic activity related to suspicious or malicious IP addresses, and also monitors for malicious activity such as brute force attacks, access to sensitive database ports, data exfiltration, and more. Additionally, you can also use VPC flow logs to seep for indicators of compromise (IOCs) via the Threat Intelligence app, leveraging Trend Micro's threat intelligence feed or imported 3rd-party IOC sources.

June 18, 2024 — The scanner configuration feature for Agentless Vulnerability & Threat Detection settings in Cloud Accounts lets you select the resource types to include in your scans. Three resource types are available for AWS accounts: Elastic Block Store (EBS), Elastic Container Registry (ECR), and AWS Lambda.

For more information, see AWS features and permissions.

June 17, 2024—Enable this feature to gather VPC flow logs from your AWS account for XDR analysis in the Search app. Flow logs are enhanced with asset meta data and noise is removed, delivering broader visibility into asset connectivity with suspicious IP addresses and anomalous behaviors.

For more information, see AWS features and permissions.

May 21, 2024 — Trend Vision One now extends its robust asset visibility capabilities to include more comprehensive data asset support. This update introduces more data asset types, including more network and cloud assets, as well as message data. Building on the existing management scope for endpoints, containers, mobile devices, accounts, unmanaged devices, Private Access Connectors and Internet Access Gateways, and web gateways, the latest update ensures that all critical data points are covered, providing a holistic view of the organization's asset landscape. This enhancement is particularly beneficial for large enterprises that require detailed, segmented visibility to manage multiple regions or teams effectively.

For more information, see Adding an asset visibility scope.

May 6, 2024 - The "Cloud Detections for AWS CloudTrail” feature under Vision One - XDR for Cloud has released a new template which supports deployment in multi-account AWS Control Tower environments.

To enable CloudTrail log monitoring for Control Tower, see Adding an AWS account with CloudTrail and Control Tower.

March 25, 2024 — As a pre-release preview feature, Cloud Accounts now supports connecting Google Cloud (GCP) projects to Trend Vision One. Connecting your Google Cloud project allows Trend Vision One to discover your cloud assets and rapidly identify risks such as compliance and security best practice violations on your cloud infrastructure. Once connected, cloud accounts and assets from your Google Cloud projects are visible in the Cloud Posture and Attack Surface Discovery apps under Attack Surface Risk Management. For more information, see Google Cloud projects.

February 19, 2024 — Besides the management scope for endpoints and containers that were introduced in 2023, Trend Vision One enhances the asset management capability to support more data assets, including mobile devices, accounts, cloud assets, network assets, and secure access assets. Large-sized customers that run multiple businesses or have the need to segregate asset data visibility for different teams can leverage this enhanced capability to achieve multi-tenancy management purposes within a single Trend Vision One console.

For customers to better organize assets of multiple layers in a centralized location, Trend Vision One launches a new app Asset Visibility Management for administrators to group data and Trend Vision One app assets into asset visibility scopes based on the corporate structure. The asset visibility scopes can then be assigned to user roles to determine which assets are visible or manageable to these roles in all applicable Trend Vision One apps that display the data of the selected assets.

Only customers that have updated to the Foundation Services release have access to the app. If customers have configured scopes for endpoints and containers in User Roles, to achieve seamless migration, asset visibility scopes that include newly supported assets are automatically created and associated to the corresponding roles. Trend Vision One continues enhancing the asset visibility management capability with more asset coverage or granularity.

January 8, 2024 — Customers can now select which AWS regions to deploy the Agentless Vulnerability & Threat Detection and Container Protection for Amazon ECS features under Cloud Accounts. By default, these features will deploy to all available regions. This feature requires updating to the latest version of the Cloud Accounts stack.

For more information, see Cloud Accounts.

December 18, 2023 — As a preview feature, Cloud Accounts now supports connecting Azure Subscriptions to Trend Vision One. Connecting your Azure Subscription allows Trend Vision One to discover your Azure cloud assets and rapidly identify risks such as compliance and security best practice violations on your cloud infrastructure. Once connected, cloud accounts and assets from your Azure subscriptions are visible in the Cloud Posture and Attack Surface Discovery apps under Attack Surface Risk Management. For more information, see Adding an Azure subscription.

November 20, 2023 — When adding a new AWS cloud account, the account automatically connects and registers to Trend Vision One after stack deployment in AWS completes. Connecting a new AWS account no longer requires copying the role ARN to complete the process. The new process requires using the latest version of the stack template.

November 20, 2023 — Add your AWS Organization to easily connect all the AWS accounts in your organization or organizational unit (OU) to Cloud Accounts. For more information, see Connecting and updating AWS accounts.

September 28, 2023 — Cloud Accounts now supports Japanese language settings.

September 28, 2023 — Public API for Cloud Accounts now available on the Trend Vision One Automation Center. An API to download the Cloud Accounts AWS CloudFormation Template is planned for a future release.

September 28, 2023 — Cloud Detections for AWS CloudTrail is now available as a pre-release subfeature which can be enabled in the Cloud Accounts app. This feature set deploys Cloud Audit Log Monitoring in your AWS account to get actionable insight into user, service, and resource activity with detection models identifying activity such as privilege escalation, password modification, attempted data exfiltration, and potentially unsanctioned MFA changes.

For more information, see AWS features and permissions.

September 28, 2023 — The Cloud Accounts app is no longer a pre-release feature and is now generally available. Cloud Accounts does not require any credit allocation and is always included as part of Trend Vision One. However, some features managed by the Cloud Accounts app may require credits for use.

Included with this release is integration with Server & Workload Protection for AWS accounts.

For more information, see Cloud Accounts.

August 15, 2023 — Cloud Accounts consolidates the management and deployment of cloud security features in your environment across Trend Vision One apps. Cloud Accounts currently provides the following features for AWS accounts:

Additional features and expanded support for additional public cloud providers are planned for Cloud Accounts in the future. For more information, see Cloud Accounts.