Views:

Registration
Description	The service uses the information to: Identify users Assign an ID to the company (The ID is embedded in the Endpoint Assessment Tool package.) Send status updates Generate email and endpoint reports
Data collected	First name Last name Email address Phone number Company Number of employees Job title Country
Console location	Registration page
Console settings	Click Sign Up.

Email Assessment (Office 365)
Description	The service needs permission to access mailboxes for scanning. Trend Micro does not access and store users’ Office 365 credentials. Email Assessment combines machine learning, document exploit detection, and behavior analysis to protect Exchange Online users from BEC, ransomware, advanced phishing, and other high-profile attacks.
Data collected	Azure Active Directory: Domain, user, and group information Exchange Online: Mailbox information Global administrator email address used to grant permissions to the Assessment Service Email senders Email recipients Email locations Email subjects Email attachments File modifiers File locations File names URLs in email body URLs in email attachments URLs in files Suspicious executable files and scripts in cloud storage services Suspicious executable files and scripts in email attachments Metadata of suspicious executable files and scripts in cloud storage services Metadata of suspicious executable files and scripts in email attachments IP addresses of upstream MTAs for IP rating query Domain, user, device and group information in Azure Active Directory
Console location	At-Risk Cloud Mailbox Assessment
Console settings	Click Start Assessment. Select Office 365.

Email Assessment (Google Workspace)
Description	The service needs permission to access mailboxes for scanning. Trend Micro does not access and store users’ Google Workspace credentials. Email Assessment combines machine learning, document exploit detection, and behavior analysis to protect Exchange Online users from BEC, ransomware, advanced phishing, and other high-profile attacks.
Data collected	Domain, user, and group information Global administrator email address for Gmail Email senders Email recipients Email locations Email subjects Email attachments File modifiers File locations File names URLs in email body URLs in email attachments URLs in files Suspicious executable files and scripts in cloud storage services Suspicious executable files and scripts in email attachments Metadata of suspicious executable files and scripts in cloud storage services Metadata of suspicious executable files and scripts in email attachments IP addresses of upstream MTAs for IP rating query Domain, user, device and group information in Azure Active Directory
Console location	t-Risk Cloud Mailbox Assessment
Console settings	Click Start Assessment. Select Google Workspace.

Endpoint Assessment (Windows)
Description	The assessment tool scans Windows endpoints for malicious files, critical vulnerabilities, and threat indicators collected from global intelligence sources. After collecting system information, the tool automatically uploads the data to the service for in-depth analysis and reporting.
Data collected	Host name Endpoint name IP address MAC address File name File path Unpatched critical vulnerabilities
Console location	At-Risk Endpoint Assessment
Console settings	lick Start Assessment. Select Windows.

Endpoint Assessment (macOS)
Description	The assessment tool scans macOS endpoints for file-based threat, network detection and operation system possible security risks. After collecting system information, the tool automatically uploads the data to the service for in-depth analysis and reporting.
Data collected	Installed Apps primary executable attributes: file path, file hash, create time, owner use name, file mode, code sign status Active process's image file attributes: file path, file hash, create time, owner use name, file mode, code sign status All persistent items files attributes: file path, file hash, create time, owner use name, file mode, code sign status Installed applications, active processes, and persistent processes: File path File hash value Time created User name of owner File permission Code signing status All suspicious network connections basic information: Source IP address/port Destination IP address/port Relating process information Suspicious connections: Source IP address and port Destination IP address and port Related process information Operating system: Version macOS user account Status of key security features
Console location	At-Risk Endpoint Assessment
Console settings	Click Start Assessment. Select macOS.

Trend Vision One Risk Assessment
Description	Risk Insights allows you to quickly assess the cloud access activities and vulnerabilities related to users and devices, and to determine how to mitigate the risks found in your network.
Data collected	See Risk Insights section of the Trend Vision One Data Collection Notice.
Console location	Trend Vision One Risk Assessment
Console settings	Click Start Trial.

Phishing Simulation Assessment

Trend Vision One Phishing Simulation Assessment includes the following modules which may cause the corresponding personal data to be transmitted to Trend Micro. Detailed information and instruction are provided below for opt-out of the personal data collection by disabling specific modules. Modules that cannot be disabled are indicated below.

Creating a campaign - Uploading Recipients
Description	Customers can upload the list of recipients in the following ways. CSV file 3rd party data source Manual data entry
Data Transmitted to Trend Micro	Name Email Address Department (optional) Location (optional)
Feature Configuration Location	Log on to Trend Vision One -> Click Assessments -> Phishing Simulation -> Step 2

Campaign Interactions
Description	When the employee receives the phishing simulation email they may: Click on the link and enter data on our simulated phishing webpages We will store the username, and the password is not stored
Data Transmitted to Trend Micro	Username
Feature Configuration Location	Username is collected from our simulated phishing landing pages.

Keywords: DCN,gdpr,security assessment DCN,security assessment gdpr,info collection

Trend Vision One Security Assessment Service Data Collection Notice

Product / Version includes:

Trend Vision OneAll

Last updated: 2023/11/15

Solution ID: KA-0014853

Category: Configure

Summary

The following sections outline the features that collect data, the data transmitted, and the locations on the related product consoles where you can disable the features.

Registration
Email Assessment (Office 365)
Email Assessment (Google Workspace)
Endpoint Assessment (Windows)
Endpoint Assessment (macOS)
Trend Vision One Risk Assessment
Trend Vision One Phishing Simulation Assessment

Registration
Description	The service uses the information to: Identify users Assign an ID to the company (The ID is embedded in the Endpoint Assessment Tool package.) Send status updates Generate email and endpoint reports
Data collected	First name Last name Email address Phone number Company Number of employees Job title Country
Console location	Registration page
Console settings	Click Sign Up.

Email Assessment (Office 365)
Description	The service needs permission to access mailboxes for scanning. Trend Micro does not access and store users’ Office 365 credentials. Email Assessment combines machine learning, document exploit detection, and behavior analysis to protect Exchange Online users from BEC, ransomware, advanced phishing, and other high-profile attacks.
Data collected	Azure Active Directory: Domain, user, and group information Exchange Online: Mailbox information Global administrator email address used to grant permissions to the Assessment Service Email senders Email recipients Email locations Email subjects Email attachments File modifiers File locations File names URLs in email body URLs in email attachments URLs in files Suspicious executable files and scripts in cloud storage services Suspicious executable files and scripts in email attachments Metadata of suspicious executable files and scripts in cloud storage services Metadata of suspicious executable files and scripts in email attachments IP addresses of upstream MTAs for IP rating query Domain, user, device and group information in Azure Active Directory
Console location	At-Risk Cloud Mailbox Assessment
Console settings	Click Start Assessment. Select Office 365.

Email Assessment (Google Workspace)
Description	The service needs permission to access mailboxes for scanning. Trend Micro does not access and store users’ Google Workspace credentials. Email Assessment combines machine learning, document exploit detection, and behavior analysis to protect Exchange Online users from BEC, ransomware, advanced phishing, and other high-profile attacks.
Data collected	Domain, user, and group information Global administrator email address for Gmail Email senders Email recipients Email locations Email subjects Email attachments File modifiers File locations File names URLs in email body URLs in email attachments URLs in files Suspicious executable files and scripts in cloud storage services Suspicious executable files and scripts in email attachments Metadata of suspicious executable files and scripts in cloud storage services Metadata of suspicious executable files and scripts in email attachments IP addresses of upstream MTAs for IP rating query Domain, user, device and group information in Azure Active Directory
Console location	t-Risk Cloud Mailbox Assessment
Console settings	Click Start Assessment. Select Google Workspace.

Endpoint Assessment (Windows)
Description	The assessment tool scans Windows endpoints for malicious files, critical vulnerabilities, and threat indicators collected from global intelligence sources. After collecting system information, the tool automatically uploads the data to the service for in-depth analysis and reporting.
Data collected	Host name Endpoint name IP address MAC address File name File path Unpatched critical vulnerabilities
Console location	At-Risk Endpoint Assessment
Console settings	lick Start Assessment. Select Windows.

Endpoint Assessment (macOS)
Description	The assessment tool scans macOS endpoints for file-based threat, network detection and operation system possible security risks. After collecting system information, the tool automatically uploads the data to the service for in-depth analysis and reporting.
Data collected	Installed Apps primary executable attributes: file path, file hash, create time, owner use name, file mode, code sign status Active process's image file attributes: file path, file hash, create time, owner use name, file mode, code sign status All persistent items files attributes: file path, file hash, create time, owner use name, file mode, code sign status Installed applications, active processes, and persistent processes: File path File hash value Time created User name of owner File permission Code signing status All suspicious network connections basic information: Source IP address/port Destination IP address/port Relating process information Suspicious connections: Source IP address and port Destination IP address and port Related process information Operating system: Version macOS user account Status of key security features
Console location	At-Risk Endpoint Assessment
Console settings	Click Start Assessment. Select macOS.

Trend Vision One Risk Assessment
Description	Risk Insights allows you to quickly assess the cloud access activities and vulnerabilities related to users and devices, and to determine how to mitigate the risks found in your network.
Data collected	See Risk Insights section of the Trend Vision One Data Collection Notice.
Console location	Trend Vision One Risk Assessment
Console settings	Click Start Trial.

Phishing Simulation Assessment

Creating a campaign - Uploading Recipients
Description	Customers can upload the list of recipients in the following ways. CSV file 3rd party data source Manual data entry
Data Transmitted to Trend Micro	Name Email Address Department (optional) Location (optional)
Feature Configuration Location	Log on to Trend Vision One -> Click Assessments -> Phishing Simulation -> Step 2

Campaign Interactions
Description	When the employee receives the phishing simulation email they may: Click on the link and enter data on our simulated phishing webpages We will store the username, and the password is not stored
Data Transmitted to Trend Micro	Username
Feature Configuration Location	Username is collected from our simulated phishing landing pages.

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Trend Vision One Security Assessment Service Data Collection Notice

Phishing Simulation Assessment

Trend Vision One Security Assessment Service Data Collection Notice

Product / Version includes:

Summary

Phishing Simulation Assessment