Trend Micro Vision One

What is Trend Micro Vision One? #

Trend Micro Vision One is an XDR (extended detection and response) platform that enhances and consolidates detection, investigation, and response capabilities across email, endpoints, servers, cloud workloads, and networks.

Why Should You Use the Trend Micro Vision One Connector? #

The Trend Micro Vision One connector provides visibility into the assets in your environment. You can use this visibility to:

ensure assets are managed per your security policies
derive relationships between assets, users, applications, and data

How Does This Connector Work? #

Lucidum executes read-only requests to the Trend Micro Vision One REST API and ingests only meta-data about Trend Micro Vision One devices. Lucidum does not retrieve any data stored on your assets.

Configuring the Connector in Lucidum #

Field	Description	Example
Host	The hostname of the API for Trend Micro Vision One. For details on regional domains for Trend Micro Vision One, see: https://docs.trendmicro.com/en-us/documentation/article/trend-micro-vision-one-automation-center-regional-domains	http://api.xdr.trendmicro.com
API Token	Bearer token for an account in Trend Micro Vision One that has the following app permissions: Search > View, filter, and search Endpoint Inventory > View	************

Field

Description

Example

Host

The hostname of the API for Trend Micro Vision One.

For details on regional domains for Trend Micro Vision One, see: https://docs.trendmicro.com/en-us/documentation/article/trend-micro-vision-one-automation-center-regional-domains

http://api.xdr.trendmicro.com

API Token

Bearer token for an account in Trend Micro Vision One that has the following app permissions:

Search > View, filter, and search
Endpoint Inventory > View

************

Source Documentation #

Creating Credentials #

Create a custom role with the app permissions required by the Lucidum connector:

https://docs.trendmicro.com/en-us/documentation/article/trend-vision-one-configuring-custom-r

The custom role must include:

App	Permission
Search	View, filter, and search
Endpoint Inventory	View

Create a local account for the Lucidum connector:

https://docs.trendmicro.com/en-us/documentation/article/trend-vision-one-configuring-user-acc#GUID-BED80320-70E5-47C4-9530-CC26073D469D-10

Assign the new custom role to the user account.

Generate a bearer token for the new account:

https://automation.trendmicro.com/xdr/Guides/First-Steps-Toward-Using-the-APIs

Required Permissions #

https://automation.trendmicro.com/xdr/Guides/Authentication

Field	Value
App and Permissions	Search > View, filter, and search
App and Permissions	Endpoint Inventory > View

API Documentation #

https://automation.trendmicro.com/xdr/api-v2

Solutions

COMPANY

Resource Library

Ready for
a Demo

What is Lucidum?

Getting Started with Lucidum

Proxy Server

Managing Users

Connectors

Dashboards

Value-Oriented Dashboards (VODs)

Streamlining Queries with SmartLabels and Tags

Value-Oriented SmartLabels (VOSLs)

Risk

Actions

Use Cases

Viewing Data

Running Headless with Webhooks

Lucidum API v1

Lucidum API v2

Sending Alerts to Slack

Managing Your Lucidum System

Trend Micro Vision One

What is Trend Micro Vision One? #

Why Should You Use the Trend Micro Vision One Connector? #

How Does This Connector Work? #

Configuring the Connector in Lucidum #

Source Documentation #

Creating Credentials #

Required Permissions #

API Documentation #

What are your Feelings

Quick LInks

SOLUTIONS

COMPANY

RESOURCES

Solutions

COMPANY

Resource Library

Solutions

COMPANY

Resource Library

Ready fora Demo

What is Trend Micro Vision One? #

Why Should You Use the Trend Micro Vision One Connector? #

How Does This Connector Work? #

Configuring the Connector in Lucidum #

Source Documentation #

Creating Credentials #

Required Permissions #

API Documentation #

What are your Feelings

Share This Article :

Still stuck? How can we help?

Quick LInks

SOLUTIONS

COMPANY

RESOURCES

Solutions

COMPANY

Resource Library

Ready for
a Demo