July 8, 2024–Threat detection for AWS VPC Flow Logs is now available as a feature
of XDR for Cloud. Once VPC flow log monitoring is enabled, Trend Vision One automatically analyzes the logs for any traffic activity related to suspicious or
malicious IP addresses, and also monitors for malicious activity such as brute force
attacks, access to sensitive database ports, data exfiltration, and more. Additionally,
you can also use VPC flow logs to seep for indicators of compromise (IOCs) via the
Threat Intelligence app, leveraging Trend Micro's threat intelligence feed or imported 3rd-party IOC sources.
-
To enable VPC flow log monitoring, go to
-
To view VPC flow logs, go to
-
To view threat detections from VPC flow logs, go to