Trend Micro Cloud App Security integration
You can integrate Trend Micro Cloud App Security with Sophos Central so that it sends data to Sophos for analysis.
This page gives you an overview of the integration.
Trend Micro Cloud App Security product overview
Trend Micro Cloud App Security is a SaaS security solution that provides advanced threat protection and data loss prevention for cloud applications. It helps organizations secure their SaaS environments by detecting malware, enforcing compliance, and protecting sensitive data.
Sophos documents
Integrate Trend Micro Cloud App Security
What we ingest
Advanced Spam Protection
Alerts ingested in full
We ingest alerts from the endpoint v1/siem/security_events
.
We collect data from the following services:
sharepoint
exchange
onedrive
dropbox
box
googledrive
gmail
teams
exchangeserver
salesforce_sandbox
salesforce_production
teams_chat
We collect the following event types:
securityrisk
virtualanalyzer
ransomware
dlp
Filtering
We filter only to confirm that the data returned is in the correct format. We don't drop any alerts.
Sample threat mappings
{"alertType": "Advanced Spam Protection", "threatId": "T1566", "threatName": "Phishing"}