About Trend Micro Vision One (XDR)

Trend Micro Vision One XDR is a defense platform that is purpose-built to detect and protect user endpoints, cloud workloads, emails, networks, and servers. By collecting data from these vectors it provides fewer and targeted alerts, simplified investigation, and the ability to get file reports and take immediate actions.

Together, SIRP and Trend Micro Vision One XDR automate threat detection and mitigation - with a consolidated view. SOC analysts can accelerate security analytics and alert correlation from a single console. SIRP’s integration with Trend Micro Vision One XDR improves SOC efficiency and capabilities.

SIRP’s integration with Trend Micro Vision One allows security teams to execute response actions right from SIRP.

Supported Actions

SIRP’s Trend Micro Vision One integration app allows you to execute the following actions:

S.no

Action

Description

1

Get Alerts

Get New Alerts from Trend Micro Vision One

2

Push IPs

Push IPs from SIRP to Trend Micro Vision One

3

Push Domains

Push Domains from SIRP to Trend Micro Vision One

4

Push URLs

Push URLs from SIRP to Trend Micro Vision One

5

Push Hashes

Push Hashes from SIRP to Trend Micro Vision One

6

Push Emails

Push Emails from SIRP to Trend Micro Vision One

7

Get File Reports

Get File Reports from Trend Micro Vision One

Enable and Configure Trend Micro Vision One

Create a new user on Trend Micro Vision One

  • Open your Trend Micro Vision One instance.

  • In the Administration tab from the dashboard, go to User Accounts.

  • Add an Account and assign a Name and Surname to it.

  • Account type will be set to Root Account.

  • A Master Administrator role is assigned to this new user.

  • The access level will be set to Trend Micro Vision One console and APIs.

  • Save this new information to create a new user.

Generate Authentication Token on Trend Micro Vision One

From the previous steps, a new user is added to the Trend Micro Vision One User Accounts. A Generate New Authentication Token option is placed below the above-mentioned configurations. Clicking on this option generates a new Authentication Token.

  • Copy this token to use when enabling the application in SIRP.

Enable the Trend Micro Vision One in SIRP

  • First, log in to SIRP, then go to Apps from the left navigation bar.

  • Locate the app named Vision One.

  • Enable the app by clicking on the toggle button under the Status Column.

  • Once you enable the App, click the configure option to integrate SIRP with Trend Micro Vision One.

  • Add the following details and click Save:

    1. Domain: <URL from user’s Local Trend Micro Vision One Instance>

    2. Token: <Copied from the above steps>

    3. Configuration Name: <Set by the user>

Did this answer your question?