From 3c7b260949c2bd694e3fd544a347f6e77ca227ff Mon Sep 17 00:00:00 2001 From: My Peaches <31301492+MyPeaches@users.noreply.github.com> Date: Thu, 30 Apr 2026 21:07:41 +1000 Subject: [PATCH 1/2] Update EDR_telem_windows.json TrendAI Vision One - telemetry updates verified via XDR Search pipeline --- EDR_telem_windows.json | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/EDR_telem_windows.json b/EDR_telem_windows.json index 6c2c2b3..6ddbe8c 100644 --- a/EDR_telem_windows.json +++ b/EDR_telem_windows.json @@ -157,7 +157,7 @@ "Symantec SES Complete": "Pending Response", "Sysmon": "No", "Trellix": "Pending Response", - "Trend Micro": "Pending Response", + "Trend Micro": "Yes", "Uptycs": "Via EnablingTelemetry", "WatchGuard": "No" }, @@ -265,7 +265,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Via EnablingTelemetry", + "Trend Micro": "Yes", "Uptycs": "Yes", "WatchGuard": "Partially" }, @@ -292,7 +292,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Via EnablingTelemetry", + "Trend Micro": "Yes", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -373,7 +373,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Via EventLogs", + "Trend Micro": "Yes", "Uptycs": "Via EventLogs", "WatchGuard": "No" }, @@ -427,7 +427,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Via EnablingTelemetry", + "Trend Micro": "Yes", "Uptycs": "Via EventLogs", "WatchGuard": "No" }, @@ -562,7 +562,7 @@ "Symantec SES Complete": "Partially", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "No", + "Trend Micro": "Yes", "Uptycs": "Yes", "WatchGuard": "Partially" }, @@ -1210,7 +1210,7 @@ "Symantec SES Complete": "No", "Sysmon": "Yes", "Trellix": "No", - "Trend Micro": "Via EnablingTelemetry", + "Trend Micro": "Yes", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -1237,7 +1237,7 @@ "Symantec SES Complete": "No", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Via EnablingTelemetry", + "Trend Micro": "Yes", "Uptycs": "No", "WatchGuard": "No" }, From e55ee3fd19d4afaf6e5fae74eb429ea42f20c780 Mon Sep 17 00:00:00 2001 From: My Peaches <31301492+MyPeaches@users.noreply.github.com> Date: Thu, 30 Apr 2026 21:17:08 +1000 Subject: [PATCH 2/2] Update EDR_telem_windows.json & Rename vendor key "Trend Micro" to "Trend AI" (57 entries) Trend Micro has rebranded to TrendAI. This commit updates the vendor key name across all Sub-Category entries in EDR_telem_windows.json to reflect the new brand name. Along with telemetry value changes made. --- EDR_telem_windows.json | 114 ++++++++++++++++++++--------------------- 1 file changed, 57 insertions(+), 57 deletions(-) diff --git a/EDR_telem_windows.json b/EDR_telem_windows.json index 6ddbe8c..44fe3f6 100644 --- a/EDR_telem_windows.json +++ b/EDR_telem_windows.json @@ -22,7 +22,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -49,7 +49,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "Yes", "Trellix": "No", - "Trend Micro": "Via EnablingTelemetry", + "TrendAI": "Via EnablingTelemetry", "Uptycs": "No", "WatchGuard": "No" }, @@ -76,7 +76,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "No", "WatchGuard": "No" }, @@ -103,7 +103,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -130,7 +130,7 @@ "Symantec SES Complete": "No", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -157,7 +157,7 @@ "Symantec SES Complete": "Pending Response", "Sysmon": "No", "Trellix": "Pending Response", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Via EnablingTelemetry", "WatchGuard": "No" }, @@ -184,7 +184,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -211,7 +211,7 @@ "Symantec SES Complete": "No", "Sysmon": "Yes", "Trellix": "No", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "No", "WatchGuard": "No" }, @@ -238,7 +238,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Partially" }, @@ -265,7 +265,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Partially" }, @@ -292,7 +292,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -319,7 +319,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -346,7 +346,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Partially" }, @@ -373,7 +373,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Via EventLogs", "WatchGuard": "No" }, @@ -400,7 +400,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Via EventLogs", + "TrendAI": "Via EventLogs", "Uptycs": "Via EventLogs", "WatchGuard": "No" }, @@ -427,7 +427,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Via EventLogs", "WatchGuard": "No" }, @@ -454,7 +454,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Via EventLogs", + "TrendAI": "Via EventLogs", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -481,7 +481,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Via EventLogs", + "TrendAI": "Via EventLogs", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -508,7 +508,7 @@ "Symantec SES Complete": "Via EnablingTelemetry", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -535,7 +535,7 @@ "Symantec SES Complete": "Via EnablingTelemetry", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -562,7 +562,7 @@ "Symantec SES Complete": "Partially", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Partially" }, @@ -589,7 +589,7 @@ "Symantec SES Complete": "No", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -616,7 +616,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "No", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Partially", "WatchGuard": "Yes" }, @@ -643,7 +643,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -670,7 +670,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -697,7 +697,7 @@ "Symantec SES Complete": "No", "Sysmon": "Yes", "Trellix": "No", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "No", "WatchGuard": "No" }, @@ -724,7 +724,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "No", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -751,7 +751,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -778,7 +778,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -805,7 +805,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -832,7 +832,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "No", - "Trend Micro": "Via EventLogs", + "TrendAI": "Via EventLogs", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -859,7 +859,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Via EventLogs", + "TrendAI": "Via EventLogs", "Uptycs": "Via EventLogs", "WatchGuard": "No" }, @@ -886,7 +886,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "No", - "Trend Micro": "Via EventLogs", + "TrendAI": "Via EventLogs", "Uptycs": "Via EventLogs", "WatchGuard": "No" }, @@ -913,7 +913,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "No", - "Trend Micro": "Via EventLogs", + "TrendAI": "Via EventLogs", "Uptycs": "Yes", "WatchGuard": "Partially" }, @@ -940,7 +940,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Via EventLogs", + "TrendAI": "Via EventLogs", "Uptycs": "Yes", "WatchGuard": "Partially" }, @@ -967,7 +967,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "No", - "Trend Micro": "Via EventLogs", + "TrendAI": "Via EventLogs", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -994,7 +994,7 @@ "Symantec SES Complete": "No", "Sysmon": "Yes", "Trellix": "No", - "Trend Micro": "Via EnablingTelemetry", + "TrendAI": "Via EnablingTelemetry", "Uptycs": "Via EventLogs", "WatchGuard": "No" }, @@ -1021,7 +1021,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "No", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -1048,7 +1048,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "No", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "Via EventLogs", "WatchGuard": "No" }, @@ -1075,7 +1075,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "No", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -1102,7 +1102,7 @@ "Symantec SES Complete": "Via EnablingTelemetry", "Sysmon": "No", "Trellix": "No", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -1129,7 +1129,7 @@ "Symantec SES Complete": "Via EnablingTelemetry", "Sysmon": "No", "Trellix": "No", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -1156,7 +1156,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "No", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "Via EventLogs", "WatchGuard": "No" }, @@ -1183,7 +1183,7 @@ "Symantec SES Complete": "Pending Response", "Sysmon": "No", "Trellix": "Pending Response", - "Trend Micro": "Pending Response", + "TrendAI": "Pending Response", "Uptycs": "No", "WatchGuard": "No" }, @@ -1210,7 +1210,7 @@ "Symantec SES Complete": "No", "Sysmon": "Yes", "Trellix": "No", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -1237,7 +1237,7 @@ "Symantec SES Complete": "No", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "No", "WatchGuard": "No" }, @@ -1264,7 +1264,7 @@ "Symantec SES Complete": "Via EnablingTelemetry", "Sysmon": "Yes", "Trellix": "Pending Response", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -1291,7 +1291,7 @@ "Symantec SES Complete": "Via EnablingTelemetry", "Sysmon": "Yes", "Trellix": "Pending Response", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -1318,7 +1318,7 @@ "Symantec SES Complete": "Via EnablingTelemetry", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -1345,7 +1345,7 @@ "Symantec SES Complete": "Via EnablingTelemetry", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "No", "WatchGuard": "Yes" }, @@ -1372,7 +1372,7 @@ "Symantec SES Complete": "Via EnablingTelemetry", "Sysmon": "No", "Trellix": "Pending Response", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -1399,7 +1399,7 @@ "Symantec SES Complete": "Via EnablingTelemetry", "Sysmon": "Yes", "Trellix": "Pending Response", - "Trend Micro": "No", + "TrendAI": "No", "Uptycs": "Yes", "WatchGuard": "No" }, @@ -1426,7 +1426,7 @@ "Symantec SES Complete": "Partially", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Via EventLogs", + "TrendAI": "Via EventLogs", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -1453,7 +1453,7 @@ "Symantec SES Complete": "Partially", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Via EventLogs", + "TrendAI": "Via EventLogs", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -1480,7 +1480,7 @@ "Symantec SES Complete": "Partially", "Sysmon": "Yes", "Trellix": "Yes", - "Trend Micro": "Via EventLogs", + "TrendAI": "Via EventLogs", "Uptycs": "Yes", "WatchGuard": "Yes" }, @@ -1507,7 +1507,7 @@ "Symantec SES Complete": "No", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Via EventLogs", + "TrendAI": "Via EventLogs", "Uptycs": "Via EventLogs", "WatchGuard": "No" }, @@ -1534,7 +1534,7 @@ "Symantec SES Complete": "Yes", "Sysmon": "No", "Trellix": "Yes", - "Trend Micro": "Yes", + "TrendAI": "Yes", "Uptycs": "Yes", "WatchGuard": "No" }