Module 1: TrendAI Vision One™ Endpoint Security Overview
Solution Architecture and Core Components
This topic introduces the architecture of TrendAI Vision One™ Endpoint Security, detailing its integrated modules and how they work together to provide unified protection.
Students will learn the purpose of each component, including the management console, agent framework, and integration points with XDR and CREM. The discussion emphasizes why centralized security management is essential for reducing complexity and improving operational efficiency in enterprise environments.
By the end of this module, learners will understand how TrendAI Vision One™ consolidates multiple security layers into a single platform, enabling faster threat detection and streamlined administration.
Deployment Scenarios and Use Cases
This section explores common deployment models for Server & Workload Protection across physical, virtual, and cloud environments. Students will analyze real-world use cases, such as hybrid cloud adoption and containerized workloads, to understand how SWP adapts to diverse infrastructures. The module highlights best practices for planning deployments, including considerations for scalability, compliance, and integration with existing security tools. Learners will gain insights into how deployment choices impact performance and security posture.
Module 2: Server & Workload Protection Fundamentals
Protection Modules and Their Functions
This topic provides an in-depth review of SWP’s protection modules, including anti-malware, firewall, intrusion prevention, and web reputation services.
Students will learn how each module addresses specific attack vectors and operational risks, such as ransomware, unauthorized access, and zero-day exploits. The discussion includes configuration options, performance tuning, and compatibility considerations.
By mastering these fundamentals, learners will be equipped to design layered security strategies tailored to their organization’s needs.
Policy Based Security Management
Here, students will explore the concept of policydriven security and its role in enforcing consistent protection across workloads. The module covers creating, applying, and managing security policies, including inheritance models and exceptions Practical exercises will demonstrate how to align policies with compliance requirements and organizational risk profiles. This topic emphasizes the importance of automation and standardization in reducing human error and maintaining a strong security posture.
Module 3: Agent Deployment and Lifecycle Management
Agent Installation and Configuration
This section walks through the process of deploying SWP agents on various operating systems and platforms. Students will learn best practices for installation, including silent deployment options, agent grouping, and version control. The module also addresses common challenges, such as network restrictions and compatibility issues, providing troubleshooting strategies to ensure smooth implementation.
Maintaining Agent Health and Performance
Focused on post-deployment management, this topic teaches how to monitor agent health, apply updates, and optimize resource usage. Students will learn to interpret health indicators, resolve connectivity issues, and implement automated update mechanisms.
The goal is to ensure agents remain effective and aligned with evolving security requirements without disrupting business operations.
Module 4: Advanced Protection Features
Vulnerability Shielding and Virtual Patching
This topic explains how SWP mitigates risks from unpatched vulnerabilities through virtual patching and intrusion prevention rules. Students will learn to configure IPS policies, prioritize vulnerabilities using CREM insights, and validate protection effectiveness. The module emphasizes proactive risk management strategies that reduce exposure without waiting for vendor patches.
Application Control and Integrity Monitoring
Students will explore advanced features that prevent unauthorized changes and block unapproved applications. The discussion includes configuring application whitelists, monitoring file integrity, and responding to suspicious activity. These capabilities are critical for maintaining compliance and preventing insider threats.
Module 5: Monitoring, Reporting, and Incident Response
Log Analysis and Alert Management
This section teaches how to interpret SWP logs, configure alert thresholds, and integrate notifications with SIEM systems. Students will practice identifying indicators of compromise and correlating events across endpoints and workloads. The module highlights how timely analysis supports rapid incident response and minimizes business impact.
Leveraging XDR and CREM for Threat Detection
Here, learners will discover how to use TrendAI Vision One™’s extended detection and response capabilities to investigate complex attacks. The module covers correlating telemetry data, prioritizing remediation efforts, and generating actionable reports for stakeholders. Students will gain hands-on experience in using CREM dashboards to assess risk and plan mitigation strategies.