Q: How often does Trend Micro release updates to its rule groups?
A: Updates are not released on a fixed schedule. Instead, they are made available whenever an important vulnerability is discovered in an application that matches the rule group’s coverage. In the long run, we expect to provide weekly updates, on average.
Q: Do the Trend Micro rule groups cover cross-site scripting (XSS) and SQL injection (SQLi) vulnerabilities?
A: We do cover specific XSS and SQLi vulnerabilities, but we do not provide generic coverage for these classes of vulnerabilities.
Q: What vulnerabilities do the Trend Micro rule groups cover?
A: We cover the following vulnerabilities, organized into the two rule groups we offer.
Please note that each rule group also includes rules that are not associated with a Common Vulnerabilities and Exposures (CVE) number. You can look up the CVE here.
Trend Micro Managed Rules for AWS WAF – WebServer (Apache, NGINX):
Trend Micro Managed Rules for AWS WAF – Content Management System (CMS):
Q: Why does Trend Micro not offer more generic rules?
A: Generic rules can be powerful, but ultimately rely on a trade-off between their generality and the risk of blocking legitimate traffic (false-positives) and a consequent negative business impact. Given the targeted nature of most high impact vulnerabilities today, we chose to favor specificity. We feel that we can provide excellent protection for specific web applications by tailoring our coverage to attacks that are specific to the application in question.
Questions? Contact us at firstname.lastname@example.org