License (pod)
Data is reported when the license pod makes an external API call, to check the validity of the user's license.
| Data transmitted to Trend Micro | API method, user agent, route, status of the API response, length of the API response, and duration of the API request. |
|---|---|
| Feature configuration location | This feature cannot be configured. |
K8s-metrics-reporter
When Smart Check k8s-metrics-reporter starts, Deep Security Smart Check records telemetry data to measure information about the user’s license.
| Data transmitted to Trend Micro | Endpoint, API key, telemetry key, product type (always ‘dssc’), Smart Check version, activation code as sha256, license state (trial or full), cluster ID, and telemetry interval (every 24 hours) |
|---|---|
| Feature configuration location | This feature cannot be configured. |
Deep Security Smart Check includes the following features, which may collect and transmit the following non-personal data to Trend Micro. You can disable any of these features at any time to prevent the corresponding data from being sent to Trend Micro.
Registryviews (pod)
Data is only reported for external API calls when a registry API method is called.
| Data transmitted to Trend Micro | API method, user agent, API routed path, status code of API response, length of API response, and API request duration. |
|---|---|
| Feature configuration location | The customer can add the following to their overrides.yaml file:
Then, the customer can run ‘helm install’ or ‘helm upgrade’ so that the change is reflected in their Deep Security Smart Check deployment. |
Registryviews (pod)
Whenever a registry is synced, registry data is reported.
| Data transmitted to Trend Micro | Registry ID (sha256) along with the number of repositories and number of images it contains |
|---|---|
| Feature configuration location | The customer can add the following to their overrides.yaml file:
Then, the customer can run ‘helm install’ or ‘helm upgrade’ so that the change is reflected in their Deep Security Smart Check deployment. |
Sca-scan (container)
Data is reported when sca-scan finds a vulnerability while scanning an image.
| Data transmitted to Trend Micro | Which scanner found the vulnerability (sca-scan), the ID of the requested scan, severity of the vulnerability, whether the vulnerability is fixable, and also the language of the sca-scan finding (only Java and Python at the moment) |
|---|---|
| Feature configuration location | The customer can add the following to their overrides.yaml file:
Then, the customer can run ‘helm install’ or ‘helm upgrade’ so that the change is reflected in their Deep Security Smart Check deployment. |
Scan (pod)
Data is reported when the scan pod makes an external API call.
| Data transmitted to Trend Micro | API method, user agent, route, status of the API response, length of the API response, and duration of the API request. |
|---|---|
| Feature configuration location | The customer can add the following to their overrides.yaml file:
Then, the customer can run ‘helm install’ or ‘helm upgrade’ so that the change is reflected in their Deep Security Smart Check deployment. |
Scan (pod), filescan, clair
Data is reported when the scan pod scans a layer inside an image.
| Data transmitted to Trend Micro | Scan ID, scanner type, sha256 layer ID, size of the image layer, number of scan attempts, duration of scan, and cache hit. |
|---|---|
| Feature configuration location | The customer can add the following to their overrides.yaml file:
Then, the customer can run ‘helm install’ or ‘helm upgrade’ so that the change is reflected in their Deep Security Smart Check deployment. |
Scan (pod), oscap
Data is reported when the oscap container scans a layer inside an image.
| Data transmitted to Trend Micro | Scan ID, scanner type, image layer size, duration of scan. |
|---|---|
| Feature configuration location | The customer can add the following to their overrides.yaml:
Then, the customer can run ‘helm install’ or ‘helm upgrade’ so that the change is reflected in their Deep Security Smart Check deployment. |
Scan (pod), vscan
Reports any errors that occur while the vulnerability scanner is scanning an image.
| Data transmitted to Trend Micro | Scanner type (malware), scan ID of the scan, also the error itself. |
|---|---|
| Feature configuration location | The customer can add the following to their overrides.yaml file:
Then, the customer can run ‘helm install’ or ‘helm upgrade’ so that the change is reflected in their Deep Security Smart Check deployment. |
Scan (pod)
Reports information regarding the scan after the scan is completed.
| Data transmitted to Trend Micro | ID of the scan, time when the scan was requested, time when the scan started, and the time when the scan completed, type of the scan, scan status, and also scan findings. |
|---|---|
| Feature configuration location | The customer can add the following to their overrides.yaml:
Then, the customer can run ‘helm install’ or ‘helm upgrade’ so that the change is reflected in their Deep Security Smart Check deployment. |
Scan (pod), webhooks
Whenever a webhook is used, Deep Security Smart Check records telemetry data to measure the performance of the webhook feature.
| Data transmitted to Trend Micro | Either the status of the API call if the webhook is internal.
If the webhook is external, the hook type, event, status, whether HMAC was used, whether insecureSkipVerify is true or false, and the duration of the API call to use the webhook. |
|---|---|
| Feature configuration location | The customer can add the following to their overrides.yaml file:
Then, the customer can run ‘helm install’ or ‘helm upgrade’ so that the change is reflected in their Deep Security Smart Check deployment. |
Auth (pod)
Reports API calls from the auth pod/service only if the API interface is external.
| Data transmitted to Trend Micro | API interface, API request method, user agent, API request route, API response status code, API response content length, API call duration |
|---|---|
| Feature configuration location | The customer can add the following to their overrides.yaml file:
Then, the customer can run ‘helm install’ or ‘helm upgrade’ so that the change is reflected in their Deep Security Smart Check deployment. |
Admission control, in scan (pod)
Deep Security Smart Check sends events and their status to Trend Micro Cloud One™ - Container Security. This only occurs if cloudOne.apiKey is set (default is unset).
| Data transmitted to Trend Micro | Endpoint of the Cloud One service, API event, API response status, and duration of the API call. |
|---|---|
| Feature configuration location |
No action needs to be taken since no data is sent unless cloudOne.apiKey is set. By default, cloudOne.apiKey is not set. |