Views:

Enable Endpoint Sensor by deploying the Apex One Security Agent policy, and then run the demonstration script to trigger detections in Trend Vision One.

Procedure

  1. Enable Endpoint Sensor on a connected Security Agent.
    1. On the Apex Central as a Service console, open your Apex One Security Agent policy.
    2. Locate and expand the Endpoint Sensor policy section.
    3. Select Enable Endpoint Sensor.
    4. Click Deploy.
      Allow some time for the policy to deploy to the targeted Security Agents. After receiving the updated settings, Security Agents start to send activity data to Trend Micro.
  2. Run the desired simulations on the Windows endpoint.
    1. On the Trend Vision One console, click Resource Center (resourceCenter=73b1d431-813b-467c-8098-62f12bb6e2af.jpg) in the bottom left corner.
    2. Click Simulations.
    3. Click Endpoint Attack.
      The Endpoint Attack Simulations dialog appears.
    4. Click the right (simulationsRightArrow=20220525102311.png) and left (simulationsLeftArrow=20220525102211.png) arrows to browse available simulations.
    5. Click Download Demo Script to download an archive file to the Windows endpoint.
    6. Extract the archive file on the Windows endpoint.
      Note
      Note
      The archive file is password protected. The password is displayed on the Simulations dialog.
    7. Run the .bat demo script file on the Windows endpoint.
      The Windows Command Prompt opens.
    8. Follow the instructions in the Windows Command Prompt window to execute the demonstration commands.
    9. After executing the commands, go to the Trend Vision One console to view the expected results.
      Note
      Note
      Results might take a few minutes to appear.