What's new in Workload Security

Subscribe via RSS

Workload Security is automatically updated with new features, enhancements and fixes. For new features, enhancements and fixes related to Deep Security Agent, go to the Deep Security Software page, select your agent version and platform, click the green plus sign and click Release Notes.

If you'd like to know what has been updated in the API, see the API changelog.

The Deep Security as a Service release notes have been moved to this page.

June

Date Type Release notes
Jun. 03 Resolved issue A Forensic Computer Report could not be generated if an Integrity Monitoring rule was applied.
Jun. 01 New feature The smart folders auto-creation capability has been extended to allow you to create sub-folders automatically based on GCP Labels. You might use this feature to create different management folders automatically for different cost centers, deployment environments, security requirements, and so on.
Jun. 01 Information We're continuing to update our UI to reflect the transition from Deep Security as a Service to Trend Micro Cloud One - Workload Security. For more information please see https://cloudone.trendmicro.com/docs/about/

May

Date Type Release notes
May 28 Enhancement Updated the Events & Reports > Scheduled Reports page so that you're unable to create a report that might result in a failure. An alert appears that specifies the settings you must set before creating the scheduled report.
May 25 Enhancement Increased the timeout used when synchronizing AWS Workspace directories in an AWS account, to reduce failures for large directories.
May 21 Resolved issues When you did an advanced search on the Computers page for Status Light > Equals > Managed [Green], then selected Export to CSV, the CSV file did not contain the listed computers.
May 15 Enhancement

Re-ordered the protection modules into the following categories:

Malware Prevention:

  • Anti-Malware
  • Web Reputation

System Security:

  • Application Control
  • Integrity Monitoring
  • Log Inspection

Network Security:

  • Firewall
  • Intrusion Prevention
May 15 Information For new accounts, we will no longer automatically be adding instances with the demo application. The Deep Security demo application can still be deployed easily and accessed through the demo app project on GitHub. See Try the Deep Security demo for more information.
May 12 New feature Smart Folders can be configured to use GCP Labels and Network Tags, which you can use to organize and find computers in your cloud environment.
May 12 Resolved issues If you deleted a Workload Security account that was previously subscribed to AWS Metered Billing, you could not create a new Workload Security account subscribed to the same AWS account.
May 12 Resolved issues When an agent activated with no AWS metadata but then provided it on a later heartbeat, the cloud provider was not updated which caused the computer to never be rehomed properly.
May 12 Resolved issues Anti-Malware events that were marked as "Pass" were not properly counted on the dashboard or under Anti-Malware events.
May 12 Resolved issues When the Alert on any Computer action was selected for Intrusion Prevention, Firewall, Integrity Monitoring or Log Inspection rules, the computers were not automatically updated with the new policy.

April

Date Type Release notes
Apr. 20 New feature Added the CentOS platform as an option to select on Updates > Software > Agent Version Control. This means when you deploy an agent using the deployment scripts, you can specify that only CentOS agents should be deployed.
Apr. 20 Resolved issues When you clicked the + button on the Dashboard, you couldn't type a new entry in the New Dashboard Name field.
Apr. 15 New feature You can now subscribe to an RSS feed on the English and Japanese Help Center Software pages to get notified right away when there is a new software release.
Apr. 14 Enhancement Added a GCP Network Tag column to the Computers tab.
Apr. 09 Enhancement Added a page to the Trend Micro Cloud One documentation on Google Cloud Platform (GCP) auto-scaling using managed instance groups (MIGs). See GCP auto scaling and Workload Security.
Apr. 02 Resolved issues An issue with timing occurred when an AWS Workspace was deployed from an image. This potentially created a duplicate standalone computer that never moved into an AWS account.
Apr. 02 Resolved issues Sometimes GCP accounts did not sync correctly.
Apr. 01 Resolved issues The Scan for Integrity and Rebuild Baseline buttons were disabled on Computers > Computer Details > Integrity Monitoring > General even after the corresponding operation was completed.

March

Date Type Release notes
Mar. 31 Information On May 1st, 2020, the sender address from Deep Security as a Service emails will be updated from <deepsecurityasaservice@trendmicro.com> to <no-reply-cloudone@trendmicro.com> to reflect the coming transition to Cloud One - Workload Security. Customers using email routing rules should ensure their rules are updated to include this new email address.
Mar. 31 New feature Added the ability to do a simple search or advanced search for Cloud Instance Metadata on the Computers page. This allows you to easily find workloads with specific labels, network tags, and more.
Mar. 31 Enhancement Improved the description of Behavior Monitoring events by including the reason the event occurred.
Mar. 26 Resolved issue Some computers reported the following error: Send Policy Failed - An error occurred in the Workload Security Manager to Deep Security Agent/Appliance protocol: TimeoutException: Write timed out.
Mar. 24 Resolved issue The sign-up page did not render properly in Internet Explorer.
Mar. 24 Resolved issue When alerts were viewed in list view and the details for "Agent/Appliance Upgrade Recommended (New Version Available)" was selected, the hyperlink "View all out-of-date computers" did not work.
Mar. 24 Resolved issue Azure accounts did not sync correctly because of duplicate worker threads.
Mar. 17 Resolved issue When Intrusion Prevention rules were assigned or unassigned based on the scan recommendations, sometimes the policy editor's performance was poor and the recommendations were not applied.
Mar. 12 Enhancement Improved the capability of event-based tasks by adding support for GCP security automation.
Mar. 12 Enhancement Introduced "Cloud Vendor" as an event-based task condition in order to limit a task's scope to AWS or GCP.
Mar. 12 Resolved issue You could not reset your password because of an issue with the Google Recaptcha key.
Mar. 05 Enhancement In the past, if your credentials were entered incorrectly for AWS accounts in Workload Security, the agent failed to activate. This might have occurred because the credentials were entered incorrectly or because, over time, the credentials changed without a corresponding update on Workload Security. To help ensure protection remains in place in this situation, which in many cases is a simple configuration error, we will now create the computer outside of the account and allow the agent to activate.
Mar. 05 Enhancement When Anti-Malware actions fail, the results will be displayed in the Syslog result field.
Mar. 03 Enhancement Optimized the time it takes to discover and map new GCP instances for known Google Projects inside existing GCP accounts. When an agent-initiated activation occurs, the time it takes to complete the activation and for the GCP data to be available to Workload Security has been reduced to make the product more responsive.

February

Date Type Release notes
Feb. 27 Enhancement To better align with AWS best practices and improve AWS account security, we have made a change to the process of adding a new AWS account into Workload Security using cross-account roles. Previously when using a cross-account role for authentication, Workload Security required two pieces of information: a role ARN, and an external ID trusted by the role. This has now changed to a new process where Workload Security provides the external ID, and requires that the role provided has included this external ID in its IAM trust policy. This change provides stronger security in shared Workload Security environments, and ensures that strong external IDs are always used. For details on switching your external ID to a manager-generated one, see Update the external ID. For details on the new process of adding cross-account roles using manager-generated external ID, see Add an AWS account using a cross-account role.
Feb. 27 Information Action required for customers using cross-account roles with the API /rest/cloudaccounts/aws. For details, see https://success.trendmicro.com/solution/000241973.
Feb. 25 Resolved issue Unacceptable delays occurred when events were sent to a syslog server and the option to send extended event descriptions was enabled.
Feb. 21 Enhancement Improved the heartbeat handling for AWS Workspace deployments when the workspace sync feature is not turned on for the matching AWS account.
Feb. 21 Enhancement Added GCP information such as Instance ID, Labels, Network tags, and more, to Computer Editor > Overview > General.
Feb. 21 Resolved issue Sometimes when you attempted to add a GCP account, you were not redirected to the results page.
Feb. 21 Resolved issue The advanced search on the Computers page did not work properly when the criteria included "Version field" and the value was "N/A".
Feb. 21 Resolved issue The Workload Security console sometimes failed to generate a summary report on Events & Reports > Single Report.
Feb. 21 Resolved issue When adding a relay, the wrong icon for GCP computer groups appeared in the navigation pane on the left.
Feb. 11 Resolved issue When the "Untagged" filter was selected on the dashboard, some widgets continued to display tagged items.
Feb. 06 New feature

If you are using metered billing and looking for a way to break out costs by individual cloud accounts, we have made the Security Module Usage Report (Event & Reports > Generate Reports) available. This report contains a detailed breakout of consumption hours by cloud account. This data can be used to breakout the single Workload Security line item on your marketplace bill supporting chargeback to your teams.

Feb. 06 New feature

In a heartbeat, if the number of agent events is very high, they will be split under more than one "Events Retrieved" system event.

This feature is being gradually rolled out. For more information, see How are features released in Workload Security as a Service?

Feb. 06 Enhancement Added a progress bar to Administration > User Management > Roles > New > Computer Rights > Selected Computers to indicate the status of the computers list that's loading.
Feb. 06 Resolved issue GCP projects temporarily disappeared during syncs.

January

Date Type Release notes
Jan. 28 Resolved issue When Integrity Monitoring was enabled but Anti-Malware was turned off, a warning message would appear indicating "Security Update: Pattern Update on Agents/Appliance Failed".
Jan. 23 Enhancement Improved performance when image files are repeatedly downloaded to the browser.
Jan. 21 Resolved issue When adding new dashboards in the Workload Security console, if you clicked "+" on the Dashboard and then pressed Enter several times in quick succession, multiple dashboards were created and the first dashboard lost widgets.
Jan. 21 Resolved issue Some agents on the AWS platform did not report valid BIOS-UUID, which caused a NullPointerException.
Jan. 14 Enhancement Enhanced the Relay management experience by providing possible solutions for the "Empty Relay Group Assigned" alert in the alert's description and removing the relay count for tenants that are using the Primary Tenant Relay Group.
Jan. 14 Resolved issue Agent-initiated activation failed for hosts with the same Virtual UUID when the "Activate a new Computer with the same name" setting was was selected on Administration > System Settings > Agents > If a computer with the same name already exists .
Jan. 14 Resolved issue When you did a search on the Application Control ruleset page, block rules were not returned.
Jan. 07 Enhancement Added the "sproc" field to Syslog events, which displays the name of the event's source process. For more information, see Syslog message formats.
Jan. 07 Resolved issue If Deep Security Agent was up-to-date, the Workload Security console did not generate an "Upgrade on Activation Skipped" event.
Jan. 07 Resolved issue The column names in the CSV output of the "Security Module Usage Report" were partially misaligned with the data columns.
Jan. 07 Resolved issue In the Malware Scan Configuration window (Computers or Policies Editor> Anti-Malware > General > Manual Scan > Edit > Advanced and select Scan Compressed File) the Maximum number of files to extract setting could not be set to 0, meaning unlimited.