Scribd
Upload
123 views

Trend Vision One - Forensics Presentation Slides

Trend Vision One - Forensics Presentation Slides

Uploaded by

amit.s03
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
123 views

Trend Vision One - Forensics Presentation Slides

Trend Vision One - Forensics Presentation Slides

Uploaded by

amit.s03
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 9

Trend Vision One™ -

Forensics
Challenges
Complexity Talent Shortages

More sophisticated threats, DFIR specialist/incident


more tools to manage responder shortages
Out of the box IR tool adds Manual evidence collection
complexity and lacks threat takes huge manpower
intelligence
Out of the box IR tool needs
additional manual efforts

2 | ©2023 Trend Micro Inc.


Vision One - Forensics
An app natively built within the Vision One platform for
1
incident investigation

Designed for Digital Forensics and Incident Response (DFIR)


2
specialist/incident responder/SOC analyst

3 Managed from the single Vision One console

4 Allows you to gather evidence, organize data, and triage


endpoints using integrated query/scan

Requires zero deployment & provides automatic threat


5
intelligence analytics, enabling quickest incident response

3 | ©2023 Trend Micro Inc.


Trend Vision One – Forensics as Part of the Platform

Endpoint Forensics and


Email Incident Response
Advanced
Identity Fewer, high- investigation of
Cloud fidelity alerts critical events

Network

OT

Data Access Playbooks


Generative-AI Assistant
3 -Party
rd

4 | ©2023 Trend Micro Inc.


Prerequisite
Vision One customers with
endpoint sensors (EDR/XDR:
endpoint, server and cloud
workloads) are eligible to buy.

Endpoint sensor would act as the


sensors for Vision One – Forensics
to query, scan and collect
evidence.

5 | ©2023 Trend Micro Inc.


Frictionless Capabilities
Native Threat Intelligence
Evidence and Artifact Collection • Run threat intelligence queries when
• Snapshot full artifacts/evidence on specific conditions are met
endpoints at any time • Leverage AI technology for faster
• Request batch evidence collection evidence tagging
through centralized console • Pull EDR telemetry and detections
• Collect artifacts based on automatic into view automatically
trigger conditions

Respond in Super Timeline


Incident Management War Live Investigation from Anywhere View
Room • Run YARA queries for typical memory • Generate a Super Timeline with
• Create workspaces during incidents and artifact exploration expert Trend Micro pre-
• Scope the affected endpoints • Review running processes and sub- generated and built-in threat
• Manage incidents through a processes live knowledge
centralized console • Run native commands such as whoami • Take advantage of holistic
and netsat with osquery for live forensic data and heuristic
investigation analyses

6 | ©2023 Trend Micro Inc.


Why Trend Vision One - Forensics
Part of an integrated, single platform - Minimized complexity. No
separate tools. Use existing console.

Quick to get started – this built-in capability needs no deployment and


quick time to interrogate, saving you precious time.
Easier and faster Digital Forensics and Incident
Response (DFIR) process
• Investigate downloaded artifacts directly in console or
other tools
• Automatic and native threat intelligence analytics & EDR
data pulling help you “find a needle in a haystack” faster
with less efforts.
7 | ©2023 Trend Micro Inc.
• Automatic IR report generation process and live forensics
Automatic Threat Intelligence, Faster Response Time

One piece of evidence was potentially at high


risk and was highlighted

Trend Vision One – Forensics “Evidence


Report” is integrated with Trend’s
advanced threat intelligence analytics,
showing risk level for evidence collected.

8 | ©2023 Trend Micro Inc.


©2023 Trend Micro Inc.

You might also like