Views:

Analyze, investigate, and respond to incidents and alerts using the power of AI.

Trend Companion AI is an AI-powered cybersecurity chatbot that helps you to investigate, analyze, and respond to Workbench alerts, generate XDR Data Explorer queries, and answer any cybersecurity questions.
Important
Important
  • Each user can send up to 100 messages per day and 10 messages per minute. The message limit resets every day at 00:00 UTC.
  • Prompts have a 500-character limit.
  • Trend Companion AI has filters to remove personal information from prompts.
The following table outlines the available functions in Trend Companion AI.
Action
Description
Supported Apps
Open Trend Companion AI
Click the Trend Companion AI icon (newCompanionIcon=GUID-20240819112525.jpg) to start a conversation.
All apps and screens in Trend Vision One™
Enable generative AI capabilities
Some features require generative AI capabilities.
To enable generative AI capabilities, open Trend Companion AI and go to Settings (gear_icon=fc9a51ad-35af-4fe3-92c6-5e41b2dfc5d9.png)Turn On Generative AI.
 -
Explain a Workbench alert
During alert investigations, Trend Companion AI can explain the alert displayed on your screen.
You can use prompts such as Provide an explanation of this Workbench alert.
Add response to case
Click Add to Case to add a response as a case note.
Add response to a Workbench alert note
Click Add to Note to add a response to the alert notes.
Generate search queries
When using the XDR Data Explorer app, Trend Companion AI can help you write search queries and decide what is the appropriate search method for your query.
Tip
Tip
Begin your prompts with Query to have Trend Companion AI create queries.
Example: Query all elements where the destination port is 80
  • XDR Data Explorer
Add generated search query to search box
Click Add to Query to add the generated query to the search box.
Trend Companion AI automatically selects the suggested search method when adding queries to the search box.
  • XDR Data Explorer
Explain CLI commands in Workbench alerts, Search results, and Observed Attack Techniques events
Right-click a CLI command element (cmd_icon=a5184412-0713-41ea-868c-b948a93e9fea.png) and choose Explain Command.
Trend Companion AI can also provide explanations for CLI commands that include base64-encoded elements.
Explain Observed Attack Techniques events
To learn about an event, right-click an event or click options=ddb0b67f-0654-4aa5-8bc7-48ec554c5448.png and choose Explain Event.
Important
Important
Trend Companion AI cannot explain events that contain only custom filters.
  • Observed Attack Techniques
  • XDR Data Explorer
Create an investigation summary report for a case in Case Management
Important
Important
This is a "Pre-release" feature and is not considered an official release. Please review the Pre-release disclaimer before using the feature.
Do one of the following:
  • Click a case name to open the case details. From the Trend Companion AI list, select Summarize investigation report.
  • In Case Viewer, click a case. Click the three dots, and then click Summarize investigation report.
Trend Companion AI generates a threat investigation and remediation report for the case, which you can preview, edit, and download by going to Dashboards and ReportsReports. This action is only available for Workbench cases with a “True positive” finding.
  
Summarize progress notes for a case in Case Management
Do one of the following:
  • Click a case name to open the case details. From the Trend Companion AI list, select Summarize progress notes.
  • In Case Viewer, click a case. Click the three dots, and then click Summarize progress notes.
Trend Companion AI summarizes all the notes created in the case since last time a summarized progress note was created. Summarized progress notes are helpful when transferring a case to a new owner.
 
Summarize Workbench insights
Important
Important
This is a "Pre-release" feature and is not considered an official release. Please review the Pre-release disclaimer before using the feature.
During insight investigations, Trend Companion AI can summarize the attack context of the insight displayed on the screen.
You can use prompts such as Summarize the Workbench insight.
Workbench (only during Workbench insights investigations)
Receive proactive guidance on noteworthy and false-positive Workbench insights
Important
Important
This is a "Pre-release" feature and is not considered an official release. Please review the Pre-release disclaimer before using the feature.
  • When Trend Companion AI detects one or more Workbench insights in which at least one correlated alert is classified as noteworthy, click Show me the [number] noteworthy Workbench insights. to get insight summaries or further contextual analysis.
  • When Trend Companion AI detects one or more Workbench insights in which all correlated alerts are classified as false positives, click Show me the [number] false positive Workbench insights. to get insight summaries or further contextual analysis.
Trend Companion AI uses labeled detection data to classify Workbench alerts into noteworthy or false-positive alerts to proactively recommend insights that may require further analysis.
Workbench
Receive guidance on threat investigation workflows
Important
Important
This is a "Pre-release" feature and is not considered an official release. Please review the Pre-release disclaimer before using the feature.
Trend Companion AI can suggest next steps during threat investigation and response related to a Workbench insight.
You can use prompts such as What should I do next?
Workbench (only during Workbench insights investigations)
Related information