Skip to content

Trend Micro Cloud App Security

Trend Micro Cloud App Security provides monitoring for common services such as Microsoft Exchange, Microsoft Teams, DropBox, and GMail which can be monitored to detect initial access and/or data exfiltration.

Cyderes supports the ingestion of Trend Micro Cloud App Security events using their Log Retrieval API.

Chronicle Data Types



  • An authentication token must be created in the Cloud App Security management console, as described in the documentation.


  • services: secured cloud applications

    • exchange (exchange online)
    • sharepoint
    • onedrive
    • dropbox
    • box
    • googledrive
    • gmail
    • teams
    • exchangeserver
    • salesforce_sandbox
    • salesforce_production
    • teams_chat
  • events: security event category

    • securityrisk
    • virtualanalyzer
    • ransomware
    • dlp

Gather Information

  • Authentication token
  • List of services and event types which are to be collected