---
title: Trend Micro Vision One XDR alert
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: Docs > Datadog Security > OOTB Rules > Trend Micro Vision One XDR alert
---

# Trend Micro Vision One XDR alert

{% alert level="danger" %}
This rule is part of a beta feature. To learn more, [contact Support](https://docs.datadoghq.com/help/).
{% /alert %}
Classification:attack 
## Goal{% #goal %}

Detect alerts generated by Trend Micro Vision One XDR. These alerts may indicate the presence of malware, suspicious activity, or other security threats that require immediate investigation.

## Strategy{% #strategy %}

Monitor XDR alerts, utilizing the detailed information provided to assess the potential impact and nature of the threat. The detection rule focuses on understanding the context of the alert, including the affected systems and the type of threat identified.

## Triage and response{% #triage-and-response %}

1. Review the description of the alert - `{{message}}`.
1. Review the impacted entities like IP address `{{@impactScope.entities.entityValue.ips}}` and entity type `{{@impactScope.entities.entityType}}`.
1. If the alert is confirmed as malicious quarantine the affected host or isolate it from the network if needed.
1. Monitor the affected systems for further suspicious activity.