TMVOXDR – Vision One XDR Training for Certified Professionals

XDR Concepts

• Collecting telemetry
• Data correlation
• MITRE ATT&CK

Trend Micro Vision One

• How Trend Micro Vision One fits into the

Trend Micro One platform

• Trend Micro Vision One core capabilities
• Trend Micro Vision One features for XDR
• Trend Micro Vision One apps

Connecting Trend Micro Products

• Collecting security events
• Connecting Trend Micro Apex One™ as a Service
• Connecting Deep Security™ Software
• Connecting Trend Micro Cloud One™ – Endpoint & Workload Security
• Connecting Cloud App Security
• Connecting the Service Gateway
• Connecting Web Security™
• Connecting Deep Discovery™ Inspector
• Connecting TippingPoint™ SMS

Enabling XDR Sensors

• Installing Endpoint Basecamp
• Creating Endpoint Groups and Security Policies
• Enabling endpoint sensors
• Enabling email sensors
• Enabling network sensors
• Enabling web sensors

Integrating with Third-Party Products

• Integration purposes

Using the XDR Apps

• XDR apps
• Viewing raw security event and activity data
• Filtering security event and activity data
• Workbenches
• Workbench actions
• Execution profiles
• Network analytics
• Automating responses
• Targeted attack detection
• Response management
• Managed XDR service

Sharing Threat Intelligence

• Curated and custom intelligence reports
• Suspicious object management
• Sandbox analysis

Searching the Data Lake

• Simple and complex search syntax
• Search tips
• Watchlists

Responding to Incidents Using Security Playbooks

• Playbook templates
• Playbook triggers
• Playbook conditions
• Playbook actions