Trend Micro Vision One

In this guide, you will set up the Trend Micro Vision One connector within Radiant in order to forward data to Radiant.

Obtain the Trend Vision One API key

1. On the Trend Vision One console, go to Administration > API Keys.

2. Click Add API key.

3. Specify the settings of the new API key:

   1. Name: RADIANT_SECURITY_API_KEY (Important: Make sure to use this value for API key name, as Radiant uses it to keep track of your credential's expiration date)

   2. Role: The user role assigned to the key. The assigned role must have the following permissions:

   3. API Category

      App

      Permissions

      Alerts / Workbench

      Workbench

      View, filter, and search

      Observed Attack Techniques

      Observed Attack Techniques

      View, filter, and search

      Search

      Search

      View, filter, and search

      API Keys

      IAM

      View

   4. Note: The API Keys view permission allows Radiant to access only the API keys metadata (not their actual key values) and is used to keep track of your key's expiration date.

4. Expiration time: The time the API key remains valid. By default, authentication tokens expire one year after creation. A master administrator can delete and regenerate tokens at any time.

   1. Status: Provides information about whether the API key is enabled.

   2. Details: Provides additional information about the API key.

5. Click Add.

6. Copy and store the API key in a secure location.

Add the data connector in Radiant Security

1. Log in to Radiant Security.

2. From the navigation menu, click Settings > Data Connectors and click + Add Connector.

3. Search for and select the Trend Micro Vision One API option, click Data Feeds

4. Click on all data feeds to select them and click Credentials.

5. Under Credential Name, give the credential an identifiable name (e.g. Trend Vision One Integration).

6. Enter your API Base URL and API Key values

7. Click Add Connector