After enabling the Lockdown option in Apex One Security Agent Policy and deploying it to a target endpoint, the Apex One Security Agent will trigger an inventory scan by running a process name TMiACHashGen.exe and creating an inventory database in %ProgramFiles\Trend Micro\iService\iAC\ac_data\ac_rule with an invt-{Epoch-time}.sha2.db format.

Once the Apex One Security Agent enters Lockdown mode, the Application Control on the local endpoint will have a padlock icon beside it.

For more information about Apex One as a Service or any of our Trend Micro products, please visit our Online Help Center.