Run simulations on connected on Deep Security Agents with Activity Monitoring enabled, and view the results in Trend Vision One.
![]() |
ImportantSimulations only supports running scripts on Windows endpoints.
The following steps detail how to connect Trend Cloud One - Endpoint & Workload Security instances, and run simulations on the Deep Security Agent. To run simulations on endpoints with a Trend Vision One Endpoint Security agent deployed to an endpoint manged by Trend Cloud One - Endpoint & Workload Security, see Running simulations on endpoints manged by connected endpoint protection products.
To run simulations on endpoints with a deployed Trend Vision One Endpoint Security agent with Standard Endpoint Protection or Server & Workload Protection, see Running simulations with Trend Vision One Endpoint Security agents.
To evaluate Trend Vision One without connecting your endpoint protection products, you can move your endpoints
to Server & Workload Protection. For more information, see Evaluating Trend Vision One Endpoint
Security.
|
You can use the attack simulation scripts in the Resource Center to test detections and communication on endpoints managed by Trend Cloud One - Endpoint & Workload Security with the Deep Security Agent. Running a simulation requires enabling Activity Monitoring.
Procedure
- Connect your Trend Cloud One - Endpoint & Workload Security instance in Product Instance.For more information, see Connecting existing products to Product Instance .
- Enable Activity Monitoring on Deep Security Agents.
- In the Trend Cloud One - Endpoint & Workload Security console, go to .
- Double-click the policy you want to use to enable Activity Monitoring.
- Go to .
- Set the Activity Monitoring State to On.
- Click Save.
- Download and run the simulation scripts.
- On the Trend Vision One console, click the Resource Center icon (
).
- Click Simulations.
- Click Endpoint Attack.The Endpoint Attack Simulations window appears.
- Click the right (
) and left (
) arrows to browse available simulations.
- Click Download Demo Script to download an archive file.
- Extract the archive file on the target endpoint.
Note
The archive file is password protected. Copy the password provided in the Simulations window. - Run the
.bat
demo script file on the target endpoint.The Windows Command Prompt opens. - Follow the instructions in the Command Prompt to execute the demonstration commands.
- After executing the commands, go to the Trend Vision One console to view the expected results.
Note
Results might take a few minutes to appear.
- On the Trend Vision One console, click the Resource Center icon (