Cisco Security and Trend Micro

Trend Micro provides Layered protection for all stages of an attack. The multiple layers of security provide you with prevention and protection capabilities across every stage of the attack chain. Industry-leading intrusion prevention empowers you to mitigate known but unpatched threats.

Product Integrations

XDR Automate:

Trend Vision One - Add IOC to Suspicious Object List: This workflow appears in the pivot menu and allows a user to add an IOC to the suspicious object list in Trend Vision One.

Trend Vision One - Remove IOC from Suspicious Object List: This workflow appears in the pivot menu and allows a user to remove an IOC from the suspicious object list in Trend Vision One.

Trend Vision One - Isolate Endpoint: This workflow appears in the pivot menu and allows a user to isolate an endpoint in Trend Vision One.

Trend Vision One - Remove Endpoint from Isolation: This workflow appears in the pivot menu and allows a user to remove an endpoint from isolation in Trend Vision One.

Cisco XDR: In Cisco XDR, we enable Trend Micro users to leverage it for threat hunting and investigation features, as well as rapid response actions to understand and defend against threats on the endpoint.

Use the Trend Micro integration to search for security detections involving specific hostnames, host GUIDs, domains, IPs, file hashes, email senders and subjects, usernames, process names, and process arguments. Trend Micro can also be used through Cisco XDR to isolate hosts from the network and block many kinds of observables, including file hashes, email senders, and network resources such as IP addresses, domains, and URLs.

Note: This integration requires Cisco XDR Advantage or XDR Premier licensing tier.