Enable Managed Detection and Response

This feature is now GA and being rolled out to Workload Security customers. If it’s not available in your account yet, it will be soon.

Trend Micro Managed Detection and Response (MDR) detects and responds to threats across email, servers, cloud workloads and networks. Workload Security can send server activity metadata and Integrity Monitoring data to the MDR server for correlation and visibility across physical, virtual, and cloud workloads. For more information about MDR, see XDR - Managed Detection and Response Service.

To enable Managed Detection and Response:

  1. Obtain the following information from your Threat Investigation Center administrator:
    • Threat Investigation Center Server URL
    • Company GUID
    • Data Source GUID
    • (Optional) Proxy server address
  2. In the Workload Security console, go to Administration > Managed Detection and Response.
  3. Click Enable the MDR service and fill in the following information:
    • Server URL (for example: "https://[server]/"): The Threat Investigation Center Server URL
    • Company GUID
    • Data Source GUID
  4. If required, you can choose to use a proxy to access MDR. Select When accessing MDR server, use proxy and click Edit to specify the proxy server address provided by your Threat Investigation Center administrator.
  5. Before saving, click Test Connection to make sure Workload Security is connected to TIC. If the connection fails, double-check that all the information entered is correct. If the connection passes, click Save.