- Endpoint Sensor
- Standard Endpoint Protection
- Server & Workload Protection
- Cloud Application Security
- Container Security
- Zero Trust Secure Access
- Mobile Security
- Security Assessment Service
- Attack Surface Risk Management
- Sandbox Analysis App
- Common Directory
- Network
- Service Gateway Management
- XDR for Cloud
- Data Posture
To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.
General Trend Vision One Service
Data Collected |
|
---|---|
Console Location | Data provided to Trend Micro during on-boarding process and during normal service delivery. |
Console Settings | Account Management - Name and email required if additional accounts are created. |
Configurable Additional Data Collection Using the Trend Vision One Console
Description fields | |
---|---|
Data Collected | Customer provided text |
Console Location | Various locations throughout the Trend Vision One product console
Optional: Free-Form Text field for customer user to provide additional information at their discretion. Please do not enter any personal or sensitive information. |
Share your Feedback | |
---|---|
Data Collected | Customer provided text
Optional- Customers may submit feature requests and ideas to the Trend Vision One Product team. Please do not input any personal or sensitive information into the feedback form. |
Console Location | [XDR Resource Center menu icon] > Share Your Feedback > Make a Suggestion |
Console Settings |
|
Search App | |
---|---|
Data Collected | Saved queries of search history, including:
Optional: User can save the search parameters for future queries. |
Console Location |
Response App | |
---|---|
Description | Response app collect Endpoint information when customer take response actions. It stores these data to record the task history. It collects file when customer take collect file action. It stores these data for customer downloading and threat investigate app like sandbox. It can take the following actions on account name:
The task histories contain the account name. |
Data Collected |
|
Console Location |
Security Playbooks | |
---|---|
Description | Security Playbooks collects data when customers configure security playbooks and when security playbooks execute. |
Data Collected |
|
Console Location |
Workflow And Automation > Security Playbooks > Templates |
Trend Vision One Terms of Service (Endpoint Basecamp) | |
---|---|
Data Collected |
After customers agree to the Terms of Service, Privacy Notice and Data Collection Notice, the data collection can’t be disabled |
Console Location |
To enable: Trend Micro XDR Terms of Service > I agree to the Terms of Service, Privacy Notice, and Data Collection Notice > Get Started To disable: Open Task Scheduler on each endpoint and disable the "Trend Micro Endpoint Basecamp" scheduled task. Run Windows Task Scheduler > Click Task Scheduler Library > right-click Trend Micro Endpoint Basecamp > Disable |
Email Inventory | |
---|---|
Data Collected |
The data collection can't be disabled when customers use Email Inventory. |
Console Location |
|
Endpoint Inventory - Enable Trend Vision One capabilities | |
---|---|
Data Collected |
|
Console Location |
|
The user ID and user account are used for user behavior tracking and auditing. The company ID identifies which company this customer belongs to.
Endpoint Security Policies | |
---|---|
Data Collected |
|
Console Location | Security Policies > Endpoint |
Console Settings |
|
Security Assessment Service
Security Assessment Service includes the following modules which may cause the corresponding personal data to be transmitted to Trend Micro. Detailed information and instruction are provided below for opt-out of the personal data collection by disabling specific modules. Modules that cannot be disabled are indicated below.
Trend Vision One Security Assessment Service | |
---|---|
Data Collected & Console Location |
Trend Vision One Security Assessment Service includes some modules which may cause the corresponding personal data to be transmitted to Trend Micro. Detailed information, instructions to opt-out of the personal data collection, as well as modules that cannot be disabled are provided in this article: Trend Vision One Security Assessment Service Data Collection Notice. |
Attack Surface Risk Management
Attack Surface Risk Management includes the following modules which may cause the corresponding personal data to be transmitted to Trend Micro. Detailed information and instruction are provided below for opt-out of the personal data collection by disabling specific modules. Modules that cannot be disabled are indicated below.
TREND VISION ONE XDR SENSORS
Endpoint Sensor | |
---|---|
Description | By installing and enabling endpoint sensors throughout your network, Trend Micro can analyze endpoint data that includes user activities, cloud app access, and endpoint vulnerabilities to provide risk insights. Install more sensors to gain better insight into your users' cloud app usage throughout your network. You must install agents and enable XDR Sensors using Endpoint Inventory to begin receiving activity data. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > TREND VISION ONE XDR SENSORS > Endpoint Sensor > Endpoint Inventory |
Email Sensor | |
---|---|
Description | By enabling Trend Micro Vision One Email Sensor in Email Account Inventory, Trend Micro can analyze email activities and detect threats on monitored Exchange Online and Gmail mailboxes. You must monitor mailboxes using Email Account Inventory to begin receiving activity data. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > TREND VISION ONE XDR SENSORS > Email Inventory |
Network Sensor | |
---|---|
Description | By enabling Trend Vision One Network Sensor, Trend Micro can analyze network activity from your monitored network traffic to discover suspicious traffic and abnormal behavior. You must enable Network Analytics using Network Inventory to begin receiving and analyzing network activity data. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > TREND VISION ONE XDR SENSORS > Trend Vision One Network Sensor > Network Inventory |
TREND MICRO SECURITY SERVICES
Security Agents | |
---|---|
Description | By installing security agents throughout your network, Trend Micro can analyze endpoint data that includes user activities, web activities, cloud app access, security settings, and threat detections to provide risk insights. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Standard Endpoint Protection > Product Instance Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Server & Workload Protection > Product Instance Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Trend Micro Apex One as a Service > Product Instance Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Trend Micro Apex One On-premises > Product Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Instance Trend Cloud One - Endpoint & Workload Security > Product Instance Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Trend Micro Deep Security > Product Instance |
Cloud Email and Collaboration Protection | |
---|---|
Description | Connect Cloud Email and Collaboration Protection using the Product Instance app to analyze detected threats and security settings on monitored Google Gmail and Office 365 apps. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Cloud Email and Collaboration Protection > Product Instance |
Cloud Email Gateway Protection | |
---|---|
Description | Cloud Email Gateway Protection analyzes email activities, security settings, and detected threats on monitored email gateways. Connect this data source to Trend Vision One through the Product Connector app. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Cloud Email Gateway Protection > Product Instance |
Trend Cloud One - Conformity | |
---|---|
Description | By connecting Conformity, which has a growing public library of 900+ cloud infrastructure configuration best practices for your AWS, Microsoft Azure, and Google Cloud environments, Attack Surface Risk Management can automatically monitor your cloud infrastructure, and provide instant visibility into compliance and security best practice violations on your public cloud infrastructure. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Trend Cloud One - Conformity > Data upload permission > Off |
Trend Micro Deep Discovery Inspector | |
---|---|
Description | By deploying and connecting Deep Discovery Inspector, Trend Micro can extract network insights to discover targeted attacks, advanced threats, and unmanaged devices. Deploy and connect Deep Discovery Inspector using Network Inventory to monitor your network and begin receiving and analyzing detection data. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Trend Micro Deep Discovery Inspector > Network Inventory |
Trend Micro Web Security | |
---|---|
Description | By enabling and deploying the Web Sensor, Trend Micro can analyze web activities, detect threats, and determine the web applications and websites being accessed by managed users and devices in and outside your corporate network. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Trend Micro Web Security > Product Instance |
Trend Micro Mobile Security | |
---|---|
Description | By installing and enabling mobile agents throughout your network, Trend Micro can analyze mobile user activities, detect threats and risky mobile apps, and determine the cloud apps being accessed by managed devices. Install more agents to gain better insight into your users' mobile device related risks throughout your network. Mobile agent only supports Android 7.0 and above. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Trend Micro Mobile Security > Mobile Inventory |
Trend Vision One Container Security | |
---|---|
Description | By deploying and connecting Container Security, Trend Micro can gain better insights into your containers and images for vulnerabilities, detected threats, and system configuration risks. Deploy and connect Container Security through the Container Inventory app to monitor your container environment and begin receiving and analyzing detection and vulnerability data. |
Data Collected |
Kubernetes Service Information
Kubernetes Pod Information
ECS Service Information
ECS Task Information
Node Information
Container Information
|
Console Location | Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Trend Vision One Container Security > Container Inventory |
TippingPoint Security Management System | |
---|---|
Description | Allow TippingPoint Security Management System (SMS) to act as a data source to access network-related detections and filter rule status to gain more comprehensive risk insights into your network activity. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > TippingPoint Security Management System > Network Intrusion Prevention |
Zero Trust Secure Access - Private Access | |
---|---|
Description | After setting up the Zero Trust Secure Access - Private Access Service in your environment, Trend Micro can analyze user and device risk, detect threats, and limit access to internal applications to authorized personnel. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Zero Trust Secure Access - Private Access > Zero Trust Secure Access |
Zero Trust Secure Access - Internet Access | |
---|---|
Description | After setting up the Zero Trust Secure Access - Internet Access Service in your environment, Trend Micro can analyze user access to web applications outside your corporate network and detect threats. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > TREND MICRO SECURITY SERVICES > Zero Trust Secure Access - Internet Access > Zero Trust Secure Access |
THIRD-PARTY DATA SOURCES
Microsoft Entra ID | |
---|---|
Description | Grant Trend Micro permission to access your Azure AD data in order to gain deeper insight regarding the apps and devices your users' access, and the behaviors that contribute to users' risk analyses. Through Azure AD integration, you gain access to the following insightful reports:
|
Data Collected |
User information
Applications being used
Sign-in logs
|
Console Location | Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > Azure AD > Manage permissions and integration settings in Third-Party Integration |
Active Directory (on-premises) | |
---|---|
Description | Grant Trend Micro permission to access your on-premises Active Directory data in order to gain deeper insight regarding your internal user accounts and devices that contribute to risk analyses. |
Data Collected |
User information
Group information
Computer information
Event log
|
Console Location | Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > Active Directory (on-premises) > Configure Active Directory in Third Party Integration |
Nessus Pro Tenable Security Center | |
---|---|
Description | Grant Trend Micro permission to access your Nessus Pro or Tenable Security Center (formerly Tenable.sc) data in order to gather device information and CVE detections, contributing to risk analyses. Through Nessus Pro integration, you gain access to the following insightful reports:
|
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > Nessus Pro > Configure Nessus Pro in Third Party Integration
Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > Tenable Security Center > Configure integration settings in Third-Party Integration |
Office 365 usage | |
---|---|
Description | Grant Trend Micro permission to access Office 365 usage reports resources and useful data about people and documents they interact with in order to gain deeper insight regarding the Microsoft 365 resources your users' access, and the behaviors that contribute to users' risk analyses. Through Azure AD integration, you gain access to the following insightful reports:
|
Data Collected |
OneDrive activity report
OneDrive usage report
SharePoint activity report
SharePoint site usage report
Outlook email app usage report
Mailbox usage report
Email activity report
Microsoft Teams user activity report
|
Console Location | Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > Office 365 > Activity data upload permission > Off |
OKTA | |
---|---|
Description | Grant Trend Micro permission to access your Okta data in order to gain deeper insight regarding the apps your users access and the behaviors that contribute to users' risk analyses.
Through Okta integration, you gain access to the following insightful reports:
|
Data Collected |
User information
Sign-in logs
|
Console Location | Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > Okta > Configure Okta integration settings in Third-Party Integration |
Open LDAP | |
---|---|
Description | Grant Trend Micro permission to access Directory Service data from your OpenLDAP server in order to gain deeper insight regarding your internal user accounts that contribute to risk analyses. |
Data Collected |
User information
Group information
|
Console Location | Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > OpenLDAP > Configure OpenLDAP integration settings in Third-Party Integration |
Qualys | |
---|---|
Description | Grant Trend Micro permission to access your Qualys data in order to gather device information and CVE detections, contributing to risk analyses. Through Qualys integration, you gain access to the following insightful reports:
|
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > Qualys > Data upload permission > Off |
Rapid 7 - InsightVM / Nexpose | |
---|---|
Description | Grant Trend Micro permission to access your Rapid7 InsightVM or Nexpose data, including device information and CVE detections, via the Rapid7 Security Console. Through Rapid7 - InsightVM / Nexpose integration, you gain access to the following insightful reports:
|
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > Rapid7 - InsightVM > Data upload permission > Off
Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > Rapid7 - Nexpose > Configure integration settings in Third-Party Integration |
Splunk - Network Firewall / Web Gateway Logs | |
---|---|
Description | The Attack Surface Risk Management for Splunk app connects your Splunk data with Trend Micro datalakes revealing web access footprints based on Firewall and Web Gateway activity. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > Splunk - Network Firewall / Web Gateway Logs > Configure Splunk - Network Firewall / Web Gateway Logs integration settings in Third-Party Integration |
Tenable Vulnerability Management | |
---|---|
Description | Grant Trend Micro permission to access your Tenable Vulnerability Management (formerly Tenalbe.io) data in order to gather device information and CVE detections, contributing to risk analyses. Through Tenable Vulnerability Management integration, you gain access to the following insightful reports:
|
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > Tenable Vulnerability Management > Data upload permission > Off |
Tanium Comply | |
---|---|
Description | Grant Trend Micro permission to access your Tanium Comply data in order to gather device information and CVE detections, contributing to risk analyses. Through Tanium Comply integration, you gain access to the following insightful reports:
|
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > Tanium Comply > Data upload permission > Off |
Internet Facing Assets | |
---|---|
Description | Displays all IP and domain assets that are visible from external internet locations and view detailed IP profile risk assessments. |
Data Collected |
|
Console Location | Attack Surface Discovery App > Internet Facing Assets > Domain / Public IP > Remove |
Medigate | |
---|---|
Description | Grant Trend Micro permission to access your Medigate data in order to gather device information and CVE detections to contribute to risk analyses. Through Medigate integration, you gain access to detailed asset profile information. |
Data Collected |
|
Console Location | Executive Dashboard App > Data source configuration > THIRD-PARTY DATA SOURCES > Medigate > Data upload permission > Off |
Sandbox Analysis App
Users can disable data collection by disabling submissions.
Data Collected | Data transmitted relates to user submitted object.
|
---|---|
Console Location | THREAT INTELLIGENCE > Sandbox Analysis > Submission Settings
Click the image to enlarge. |
Network
Network includes the following modules which may cause the corresponding personal data to be transmitted to Trend Micro. Detailed information and instruction are provided below for opt-out of the personal data collection by disabling specific modules. Modules that cannot be disabled are indicated below.
Trend Vision One Virtual Network Sensor | |
---|---|
Data Collected & Console Location |
Trend Vision One Virtual Network Sensor includes some modules which may cause the corresponding personal data to be transmitted to Trend Micro. Detailed information, instructions to opt-out of the personal data collection, as well as modules that cannot be disabled are provided in this article: Trend Vision One Virtual Network Sensor Data Collection Notice. |
Service Gateway
Service Gateway Management | |
---|---|
Description | When the Service Gateway appliance is registered to Trend Vision One/Service Gateway Management, it will provide the appliance related information back to Trend Vision One. Customers can disconnect/delete this appliance to disable it via Trend Vision One Service Gateway Management. |
Data Collected |
|
Console Location | Workflow and Automation > Service Gateway Management |
Console Settings |
Service Configuration
Service Configuration In Service Gateway | |
---|---|
Description | Service Gateway Management opens the service configuration API to service owner, and the detailed configurations are different from service to service. |
Data Collected |
|
Console Location | Workflow and Automation > Service Gateway Management > Appliance > Manage Services |
Console Settings |
Local Active Update Service
Service Gateway Management | |
---|---|
Description | When the Service Gateway appliance is registered to Trend Vision One/Service Gateway Management, and enables Active Update service, SG will provide connected product status. |
Data Collected |
|
Console Location | Workflow and Automation > Service Gateway Management > Appliance, in the Installed Services table, choose ActiveUpdate Service, and then click the "Settings" button |
Forward Proxy Service
Service Gateway Management | |
---|---|
Description | When the Service Gateway appliance is registered to Trend Vision One/Service Gateway Management, and enables forward proxy service, SG will provide connected product status |
Data Collected |
|
Console Location | Workflow and Automation > Service Gateway Management > Connected Products/Servers |
Smart Protection Service
Service Gateway Management | |
---|---|
Description | When the Service Gateway appliance is registered to Trend Vision One/Service Gateway Management, and enables Smart Protection Service, SG will provide connected product status. |
Data Collected |
|
Console Location | Workflow and Automation > Service Gateway Management > Connected Products/Servers |
XDR for Cloud
XDR for Cloud – Cloud Detections for AWS CloudTrail automatically collects and transmits the following data, some of which may be considered personal data in certain jurisdictions, after installing/enabling the product. It is necessary to collect this data to provide the security functions on this product. Therefore, you cannot disable these features. If you do not want Trend Micro to access this data, you should uninstall and stop using the product.
Cloud Detections for AWS CloudTrail | |
---|---|
Description | This information is used to analyze threats to customers' AWS account activity. |
Data Collected |
|
Console Location | This feature cannot be disabled. |
Data Posture
Data Posture allows customer to bind their cloud accounts to Trend Vision One, which may cause the corresponding personal data to be transmitted to Trend Micro. Detailed information and instruction are provided below for opt-out of the personal data collection by unbinding cloud accounts.
Description | Choose the cloud accounts that need to opt-out from data collection and click “Remove” button to disconnect from Trend Micro and stop data being transmitted to Trend Micro. |
---|---|
Data Collected |
|
Console Location | Login Vision One Portal > Service Management > Cloud Accounts
Click the image to enlarge. |
Trend Vision One Data Center Locations
Region/Country of Purchase | Data Center Location for Microsoft Entra ID *Future Site for new Customers | Data Center Location for AWS *Future Site for new Customers |
---|---|---|
USA | East US – N. Virginia | East US – N. Virginia |
EU | West Europe-Netherlands | Frankfurt, Germany |
Japan | Tokyo, Japan | Tokyo, Japan |
SG | Singapore | Singapore |
ANZ | Australia Central *Canberra, Australia | Sydney, Australia |
India | Mumbai | Mumbai |
Middle East and Africa | UAE | UAE |