How Trend Micro Empowers the SOC with Agentic SIEM
By delivering both XDR leadership and Agentic SIEM innovation under one platform, Trend is redefining what security operations can be.
XDR combines security data from endpoints, networks, email, and cloud systems to help detect and investigate attacks across an organization.
Search across headline titles and summaries.
Background for this topic.
Extended detection and response (XDR) combines security telemetry from domains such as endpoints, identity systems, email, networks, servers, and cloud workloads. It correlates related events into potential attack activity, helping analysts investigate a sequence of actions rather than isolated alerts. XDR platforms may also trigger responses such as isolating a host, disabling an account, or blocking a message, subject to configured policies and approvals.
XDR’s effectiveness depends on the quality and coverage of its integrations: missing telemetry, incompatible data, or poorly tuned detections can leave attack paths hidden or create excessive false positives. Automated response requires careful testing because an incorrect action can interrupt legitimate operations, while compromised XDR administration could provide broad control over connected systems. Centralized collection may also expose sensitive endpoint, identity, or communications data, so access controls, retention, and privacy requirements need review. Practitioners should assess telemetry coverage, detection logic, audit trails, and response playbooks rather than treating product integration alone as evidence of protection.
Weekly headline count for the current query.
By delivering both XDR leadership and Agentic SIEM innovation under one platform, Trend is redefining what security operations can be.
Trend Micro™ Managed XDR assisted in an investigation of a B2B BEC attack that unveiled an entangled mesh weaved by the threat actor with the help of a compromised server, ensnaring three business partners in a scheme that spanned for days. This article features investigation insights, a proposed incident timeline, and recommended security practices.
Native sensors vs. integrations in XDR: Native sensors offer faster deployment, real-time detection, and deeper visibility, while integrations may add complexity and delays. Learn how to optimize your XDR strategy for improved security.
XDR is reshaping cybersecurity by unifying and enhancing SIEM and SOAR capabilities into a single platform. It addresses alert fatigue, improves incident correlation, simplifies operations, and enhances efficiency for SOC teams.
The Managed XDR team investigated a sophisticated campaign distributing Lumma Stealer through GitHub, where attackers leveraged the platform's release infrastructure to deliver malware such as SectopRAT, Vidar, and Cobeacon.
This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data.
In this blog entry, Trend Micro’s Managed XDR team discuss their investigation into how the latest variant of NodeStealer is delivered through spear-phishing attacks, potentially leading to malware execution, data theft, and the exfiltration of sensitive information via Telegram.
AI-driven insights for managing emerging threats and minimizing organizational risk
The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.
Customer feedback validates Trend's leadership in in XDR, endpoint security, hybrid Cloud
As the Zero Trust approach gains momentum, more organizations are looking to apply it to their security strategy. Learn how XDR and Zero Trust work together to enhance your security posture.
As the extended detection and response (XDR) market grows and evolves, it’s a great opportunity to learn about the positive outcomes like better security posture experienced by organizations that have invested in these capabilities.
The Trend Micro Managed XDR team investigated several Ducktail-related web browser credential dumping incidents involving different customers.
To meet the expectations of today’s digital enterprises, cybersecurity operations need to modernize in three key ways: by optimizing extended detection and response (XDR), adopting proactive cyber risk management, and moving to a unified security platform.
Find out how the Managed XDR team uncovered RedLine Stealer’s evasive spear-phishing campaign that targets the hospitality industry.
50% of teams in a Trend Micro global study said they’re overwhelmed by the number of alerts surfaced by disconnected point products and SIEMs. Discover how XDR can reduce false positives and enhance threat detection and response.
Trend Micro’s Managed XDR team addressed a Kingminer botnet attack conducted through an SQL exploit. We discuss our findings and analysis in this report.
Trend Micro's VP of Threat Intelligence, Jon Clay, explores the latest trends in today's threat landscape and why XDR is key to better understanding, communicating, and mitigating cyber risk across your enterprise.
We recently investigated a case related to the BlackCat ransomware group using the Trend Micro Vision One™ platform, which comes with extended detection and response (XDR) capabilities. BlackCat (aka AlphaVM or AlphaV) is a ransomware family created in the Rust programming language and operated under a ransomware-as-a-service (RaaS) model.