Views:

Threat Connect

Threat Connect allows the administrator to view related threat information from the global intelligence database.

Data is only sent when the administrator manually clicks the “View in Threat Connect” button in the “Detection Details” view.

Data collected	IP address URL host name
Console location	The user manually triggers Threat Connect connection in the “Detection Details” view of a network detection. Detection Details > Connection Details
Console settings	View in Threat Connect ^{Click the image to enlarge.}

Data collected	IP address URL host name
Console location	The user manually triggers Threat Connect connection in the “Detection Details” view of an email detection. Detection Details > Connection Details
Console settings	View in Threat Connect ^{Click the image to enlarge.}

Domain Exceptions

The administrator can add domains that they consider safe to an exception list.

Data is only collected when the administrator manually adds domain names on the management console.

Data collected	Domain name
Console location	Administration > Network Analytics > Domain Exceptions
Console settings	Domain Exceptions ^{Click the image to enlarge.}

Priority Watchlist

The administrator can add servers that they consider high-priority for tracking and reporting.

Data is only collected when the administrator manually adds IP addresses on the management console.

Data collected	IP address
Console location	Administration > Network Analytics > Priority Watch List
Console settings	Priority Watch List ^{Click the image to enlarge.}

Registered Services

The administrator can add servers for specific services that their organization uses.

Data is only collected when the administrator manually adds domains name on the management console.

Data collected	IP address
Console location	Administration > Network Analytics > Registered Services
Console settings	Registered Services ^{Click the image to enlarge.}

Trusted Internal Network

The administrator can specify IP addresses or ranges to treat as part of their trusted internal network.

Data is only collected when the administrator manually adds IP addresses or ranges on the management console.

Data collected	IP address
Console location	Administration > Network Analytics > Trusted Internal Network
Console settings	^{Click the image to enlarge.}

Analysis Report

The administrator can view the correlation data of a correlated event.

Data is only sent when the administrator manually clicks the “Correlation Data” icon on the “Correlated Events” screen.

Data collected	IP address
Console location	Detections > Correlated Events
Console settings	^{Click the image to enlarge.}

The administrator can view the correlation data of a synchronized suspicious object.

Data is only sent when the administrator manually clicks the “Correlation Data” icon on the “Synchronized Suspicious Objects” screen.

Data collected	IP address URL domain name file SHA-1s
Console location	Threat Intelligence > Product Intelligence > Synchronized Suspicious Objects
Console settings	^{Click the image to enlarge.}

RCA Report

Endpoint analysis reports can be collected from Endpoint Sensor to help with correlation.

Data is automatically collected periodically when the administrator enables retrieval of endpoint analysis reports from Apex Central on the management console.

Data collected	IP address URL domain name file SHA-1
Console location	Administration > Integrated Products/Services > Apex Central
Console settings	^{Click the image to enlarge.}

Threat Connect in Correlative Events

Threat Connect allows the administrator to view related threat information from the global intelligence database.

Data is only sent when the administrator manually clicks the “Threat Connect” button in the “Correlation Data” view.

Data collected	IP address domain name
Console location	The user manually triggers Threat Connect connection in the “Correlation Data” view of a correlated event.
Console settings	Threat Connect ^{Click the image to enlarge.}

Email Encryption

In the Domain List screen, the administrator can specify email domains for email encryption and an email address for receiving key files to complete the domain registration process.

In the Identification screen, the administrator can specify the email address that is used to sign messages with domains that are not part of the Domain List.

Data collected	Email domains administrators’ email addresses
Console location	Appliances > Email Encryption
Console settings	^{Click the image to enlarge.} ^{Click the image to enlarge.} ^{Click the image to enlarge.}

XDR

In the status tab, users click the register button to register XDR service to connect DDI, DDD-NAaaS, and DDD to XDR.

Data collected	IP address Host Name
Console location	Administration > Trend Micro XDR > Status
Console settings	Register ^{Click the image to enlarge.}

Keywords: gdpr deep discovery director 5.1,gdpr DD Director 5.1,trend micro gdpr,turn off data gathering,ddd turn off data collection,disable data gathering ddd 5.1,ddd gdpr

Deep Discovery Director 5.1 Data Collection Notice

Product / Version includes:

Deep Discovery Director5.1

Last updated: 2024/06/14

Solution ID: KA-0010390

Category: Configure

Summary

The following sections outline the features that collect data, the data transmitted, and the locations on the product console where you can disable the features.

Threat Connect
Domain Exceptions
Priority Watchlist
Registered Services
Trusted Internal Network
Analysis Report
RCA Report
Threat Connect in Correlative Events
Email Encryption
XDR

To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.

Threat Connect

Threat Connect allows the administrator to view related threat information from the global intelligence database.

Data is only sent when the administrator manually clicks the “View in Threat Connect” button in the “Detection Details” view.

Data collected	IP address URL host name
Console location	The user manually triggers Threat Connect connection in the “Detection Details” view of a network detection. Detection Details > Connection Details
Console settings	View in Threat Connect ^{Click the image to enlarge.}

Data collected	IP address URL host name
Console location	The user manually triggers Threat Connect connection in the “Detection Details” view of an email detection. Detection Details > Connection Details
Console settings	View in Threat Connect ^{Click the image to enlarge.}

Domain Exceptions

The administrator can add domains that they consider safe to an exception list.

Data is only collected when the administrator manually adds domain names on the management console.

Data collected	Domain name
Console location	Administration > Network Analytics > Domain Exceptions
Console settings	Domain Exceptions ^{Click the image to enlarge.}

Priority Watchlist

The administrator can add servers that they consider high-priority for tracking and reporting.

Data is only collected when the administrator manually adds IP addresses on the management console.

Data collected	IP address
Console location	Administration > Network Analytics > Priority Watch List
Console settings	Priority Watch List ^{Click the image to enlarge.}

Registered Services

The administrator can add servers for specific services that their organization uses.

Data is only collected when the administrator manually adds domains name on the management console.

Data collected	IP address
Console location	Administration > Network Analytics > Registered Services
Console settings	Registered Services ^{Click the image to enlarge.}

Trusted Internal Network

The administrator can specify IP addresses or ranges to treat as part of their trusted internal network.

Data is only collected when the administrator manually adds IP addresses or ranges on the management console.

Data collected	IP address
Console location	Administration > Network Analytics > Trusted Internal Network
Console settings	^{Click the image to enlarge.}

Analysis Report

The administrator can view the correlation data of a correlated event.

Data is only sent when the administrator manually clicks the “Correlation Data” icon on the “Correlated Events” screen.

Data collected	IP address
Console location	Detections > Correlated Events
Console settings	^{Click the image to enlarge.}

The administrator can view the correlation data of a synchronized suspicious object.

Data is only sent when the administrator manually clicks the “Correlation Data” icon on the “Synchronized Suspicious Objects” screen.

Data collected	IP address URL domain name file SHA-1s
Console location	Threat Intelligence > Product Intelligence > Synchronized Suspicious Objects
Console settings	^{Click the image to enlarge.}

RCA Report

Endpoint analysis reports can be collected from Endpoint Sensor to help with correlation.

Data is automatically collected periodically when the administrator enables retrieval of endpoint analysis reports from Apex Central on the management console.

Data collected	IP address URL domain name file SHA-1
Console location	Administration > Integrated Products/Services > Apex Central
Console settings	^{Click the image to enlarge.}

Threat Connect in Correlative Events

Threat Connect allows the administrator to view related threat information from the global intelligence database.

Data is only sent when the administrator manually clicks the “Threat Connect” button in the “Correlation Data” view.

Data collected	IP address domain name
Console location	The user manually triggers Threat Connect connection in the “Correlation Data” view of a correlated event.
Console settings	Threat Connect ^{Click the image to enlarge.}

Email Encryption

In the Domain List screen, the administrator can specify email domains for email encryption and an email address for receiving key files to complete the domain registration process.

In the Identification screen, the administrator can specify the email address that is used to sign messages with domains that are not part of the Domain List.

Data collected	Email domains administrators’ email addresses
Console location	Appliances > Email Encryption
Console settings	^{Click the image to enlarge.} ^{Click the image to enlarge.} ^{Click the image to enlarge.}

XDR

In the status tab, users click the register button to register XDR service to connect DDI, DDD-NAaaS, and DDD to XDR.

Data collected	IP address Host Name
Console location	Administration > Trend Micro XDR > Status
Console settings	Register ^{Click the image to enlarge.}

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Deep Discovery Director 5.1 Data Collection Notice

Threat Connect

Domain Exceptions

Priority Watchlist

Registered Services

Trusted Internal Network

Analysis Report

RCA Report

Threat Connect in Correlative Events

Email Encryption

XDR

Deep Discovery Director 5.1 Data Collection Notice

Product / Version includes:

Summary

Threat Connect

Domain Exceptions

Priority Watchlist

Registered Services

Trusted Internal Network

Analysis Report

RCA Report

Threat Connect in Correlative Events

Email Encryption

XDR