Agentless Vulnerability & Threat Detection Notifications

Views:

Configure notifications to receive alerts in the TrendAI Vision One™ console or by email when completed scans exceed a set failure rate.

Agentless Vulnerability & Threat Detection sends notifications when a completed scan detects a scan failure rate that exceeds a configured threshold. Notifications are delivered through the TrendAI Vision One™ Notification Center and are recorded per cloud account.

Note

Notifications are available for TrendAI Vision One™ accounts with connected AWS, Microsoft Azure, and Google Cloud accounts. You must have the Administrator role or equivalent permissions to configure notification recipients and alert thresholds.

Agentless Vulnerability & Threat Detection supports two notification types from the Notification Center:

Type	Description	Threshold
Email	An email is sent to configured recipients summarizing the scan failure rate and a breakdown of failed resources by type, including disks, containers, and serverless resources.	Configurable. The default threshold is 5%.
Bell	An in-console notification appears in the TrendAI Vision One™ console. Clicking the notification opens Audit Logs.	Not configurable. Fixed at 5%.

To configure Agentless Vulnerability & Threat Detection notifications:

In the TrendAI Vision One™ console, go to Administration → Notifications.
Select Agentless Vulnerability & Threat Detection scan failures in the notification list to open Alert settings.
Set Status to Enabled.
Under Email, go to Recipients and specify an account or group, or type an email address directly and press Enter. Repeat to add multiple recipients.
Adjust the Failure rate threshold to set the percentage at which email notifications are triggered. The default is 5%. Notifications are sent when the scan failure rate meets or exceeds this value.
Click Save.

When the scan failure rate meets or exceeds the configured threshold, Agentless Vulnerability & Threat Detection sends an email to all configured recipients. The subject includes the overall failure rate and the body provides a breakdown of failed resources by type. The subject uses the following format:

Agentless Vulnerability & Threat Detection | Scan [failure rate]% Failure Rate (do not reply)

The email body includes the scan completion date and time, the cloud account details in the format [cloud provider]:[cloud account ID]:[region], and a scan result summary. The following table shows an example summary:

Resource type	Total resources	Failed scans	Failure rate (%)
Disk	100	10	10%
Container	50	5	10%
Serverless	30	8	26.7%
Total	180	23	12.8%

The email also includes a link to Administration → Audit Logs → System in the TrendAI Vision One™ console, pre-filtered to the Agentless Vulnerability & Threat Detection category.

An in-console bell notification also appears in the TrendAI Vision One™ console whenever a scan failure rate exceeds 5%. This threshold is fixed and cannot be adjusted. The notification indicates an error-level event. The following is an example notification:

A recent Agentless Vulnerability & Threat Detection scan failed to scan [failure rate]% of included cloud resources. Find additional details in Audit Logs.

Note

Clicking the bell notification takes you to Audit Logs pre-filtered to the Agentless Vulnerability & Threat Detection category so you can review which resources failed to scan.