Skip to main content

Trend Micro Vision One

TrendMicroVisionOne enhances and consolidates detection, investigation and response capabilities across email, endpoints, servers, cloud workloads and networks.


In TrendMicroVisionOne

  1. Create a TrendMicro Vision One Account.
  2. Login to the Tenant using the URL: https://portal.<county_Region>.xdr.trendmicro.comLogin
  3. Create a User Role
    • Go to Administration > User Role > Add RoleAdd Role
    • Under the General Information section, provide the appropriate role name and role description. Role Name and Description
    • Under the Permission section, provide the following permissions:
      • Cloud Account Management (View)
      • User Accounts (View)
      • Endpoint Inventory (View)
      • Workbench (View, Filter, Search)
      • Report Management (View, Configure, and Download)
    • Under the Scope section, select necessary scopes. Scopes
    • Click on the Save button.
  4. Generate API Key
    • Go to Administration > API Keys > Add API KeyAPI Key Generation
    • Provide the API key name, Select the Role provided in step 3, and the Expiration time as No Expiration Date.
    • Turn on the status and add the description for the API key.
    • Click on the Add button.

Configuration in JupiterOne

To install the Trend Micro integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Trend Micro. Click New Instance to begin configuring your integration.

Creating a configuration requires the following:


  • In Trend Micro Vision One API Key enter the API key previously generated.

  • In Trend Micro Vision One API Base URL Enter the Trend Micro Vision One URL (e.g.

[Optional] Disable TLS Verification - Set this to true in advanced settings only if you have an on-prem Trend Micro Vision One server that does not have a valid SSL certificate configured. For most cases this value should be false.

  1. Click Create Configuration after you have entered all the values.

General Settings

  • The Account Name used to identify the Trend Micro account in JupiterOne. Ingested entities will have this value stored in tag.AccountName when the AccountName toggle is enabled.

  • Description to assist in identifying the integration instance, if desired.

  • Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as DISABLED and manually execute the integration.

Click Create once all values are provided to finalize the integration.

Next steps

Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.