Trend Micro Vision One
Version: Trend Micro Vision One
Trend Micro Vision One XDR (extended detection and response) collects and automatically correlates data across multiple security layers – email, endpoint, server, cloud workload, and network. This allows for faster detection of threats and improved investigation and response times through security analysis.
Netsurion Open XDR facilitates monitoring events retrieved from Trend Micro Vision One. Its dashboard, category, alerts, and reports benefit in detecting vulnerabilities, malware attacks, phishing email attacks, lateral movements, and others.
Firstly, it is necessary to set up Trend Micro Vision One to deliver events to the Netsurion Open XDR and then configure the dashboards and reports into the Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
|Security||Trend Micro Vision One – Critical activity detected||This critical activity alert is triggered when the severity of the log is 7,8,9, and 10.|
|Security||Trend Micro Vision One: Critical workbench activity detected||This critical workbench activity alert is triggered when the severity of the log is 7,8,9, and 10.|
|Security||Trend Micro Vision One – Workbench alert detail||This report provides a detailed summary of the workbench alert activities in Trend Micro Vision One. The report includes the category, severity, requested URL, affected devices, affected accounts, MITRE IDs, and more.|
|Security||Trend Micro Vision One – Observed attack technique details||This report provides a detailed summary of the individual activities in Trend Micro Vision One. The report includes the device hostname, device IP address, MITRE IDs, threat category, severity, and more.|
The configuration details are consistent with the Netsurion Open XDR 9.3 or later and Trend Micro Vision One.