Trend Vision One Reviews

We primarily use the solution for the XDR.

We have integrated this with all of our endpoints. Basically, we are using it for incident response. We have a SOC team here, so we are using it in a SOC and the Workload solution. For two or three months, we have been migrating to Workload Security. It is mainly for incident response.

We are able to observe attack techniques and targeted attack detection. 

We need to explore more on it since it is still a new product for us. 

It is quite advanced, and it can help us protect our organization against threats. The targeted threat detection is great.

My understanding is the initial setup is pretty straightforward. 

The solution has been stable. 

We can scale the product as needed. 

Technical support is helpful.

It is easy to maintain. 

We'd like to see a few more integrations. Specifically, we'd like to see more IOC integration tools. 

We haven't implemented the automation piece just yet; however, we will go through that soon. We just need more time to see how it all works. 

I've been using the solution for six or seven months. 

This solution seems to be pretty stable so far. I haven't come across any issues. There are no bugs or glitches. It doesn't crash or freeze. 

The product is scalable. When we started, we had a few agents and very few endpoints. At this point, we've integrated with most of them. We haven't seen any issues as we've scaled up.

Support has been quite helpful overall. We've dealt with them multiple times, and they have always been helpful. We tend to get the help we need within two or three hours. They ask many questions and get down to solving the problem at hand. 

Positive

I also work with Microsoft Defender. 

We were using OfficeScan and ApexOne as well. 

We decided to work with this product as it had a good reputation.

While I wasn't directly involved with the setup, my understanding is it was straightforward. I do not recall hearing about any complexities coming up. The deployment itself took a few months.

In terms of maintenance, we do get hotfixes every once in a while. It's pretty simple to maintain. 

Trend Micros assisted our team with the setup process. However, it was mostly handled in-house. 

I can't speak to the exact cost.

I'm an end-user. We are using the latest version of the solution. 

The support is pretty good. It is really straightforward. It is very easy to understand, and therefore, I highly recommend the solution.

I'd rate the solution nine out of ten. 

I was team lead with incident responses and incident management. We used the solution for that.

We were already using Trend Micro endpoint, NGAV by Trend Micro, and we got that upgraded to the XDR version. There was not much of a change after that. The only good thing about upgrading to XDR from NGAV was, having those real-time logs and network activities in front of us.

My reviews with Trend Micro are somewhere average. I won't rate it as an excellent tool or utter nonsense. I won't rate the two extremes, however, I would say it's in between them. It was mostly fine.

XDR provided a much more deep view into what is actually happening.

The rest of the features were pretty simple. There's nothing glamorous about them, however, it works. Nothing much really stood out amongst what the others were giving and what Trend Micro was giving. They are all pretty typical.

The dashboard was pretty easy to navigate. It was pretty convenient and user-friendly.

Results were delayed. We had all the logs in our hands. We were pretty quick in giving out the results and coming up with a conclusion. Trend Micro was pretty delayed on that front, however.

Their turnaround time or the response to their MDR services was slow. While doing POC, we did MDR as well. They could improve the response time on that. That was my view back then, as it used to take a lot of time to get that case generated, get that case analyzed. In the end, we were more interested in the responses from the actual human analysts. Instead of having a machine-generated thing, we were banking on understanding how an incident is treated and how a response is being given. For us, for example, we were able to do our analysis and come to the same conclusion maybe four or five hours before we received Trend Micro's report. Almost all the results were identical.

There was one feature called Sandbox that I wanted to try on, however, at that time, they had not released it yet. 

Since last August, I have been working with another organization, so I am not sure how Trend Micro has developed within the last ten months.

I was never able to test the live response feature, wherein I could take access, remote access of the infected system, and send some commands to kill the processes, or maybe to grab the artifacts, to triage the artifact. By the time it came online, I was moving to another organization.

We'd like a bit of freedom or flexibility on the portal. If I'm the end-user, and I see something bad which might not be bad from Trend Micro's perspective, however, for my organization, was an abnormal activity.

Executing things via PsExec might be something that is normal for some organizations, however, for my organization, it is a highly suspicious thing. If I want to investigate that, having the flexibility for me to investigate it in a deeper sense would be ideal.

That was something that was not possible at that time. I don't know if they have given more freedom to Trend Micro admins. 

We'd love more flexibility in terms of implementing some of the configurations, estate-wise. That is something that I would have loved to see in Trend Micro.

I used the solution for a month and a half, maybe. Or six weeks.

The response time, the analysis, or the human part was something which was requiring improvement. From the tool perspective, there were a lot of things that were to be released at the time I was using it.

We used to see those on the dashboard. For example, the sandbox. They had a sandbox, just like what CrowdStrike does where you can have a license for the sandbox. You can run those EXEs or whatever files, or malicious artifacts through those sandboxes and get a result.

That was something that was under development, though it was being displayed on the dashboard as "coming soon". There were a lot of features that were to be implemented. It was notified to the end-user as "Okay, that these features are coming in, and we are not sure how long it will take." 

The trend lines were pretty extensive - like a year or maybe seven months, eight months. Those were the timelines for the actual deployment of those features into the dashboard. Therefore, it's hard to speak to the stability of the product.

The scalability is good. It was just a matter of installing the agent, which was pretty easy to deploy via a group update. Scalability was not an issue. The more licenses we purchased, the more systems we could get coverage upon.

There were endpoints plus servers covered. 

We were heavily dependent on them. The reason was, that we had Trend Micro NGAV and we upgraded to Trend Micro XDR. 

Their technical support isn't that great. 

I used to speak with their CSMs quite frequently. They used to take a lot of feedback from us, asking about how things were, as their detection improvement was something which, also we were part of, not directly, however, we had one more team who used to do VAPT.

We used to post those results and say, "Okay, this is what we did. We did not get any alerts from you. We did not get any communications from you. What if this was an active hands-on keyboard activity and we were under attack?" They used to take that feedback. They used to get it implemented. Detection was then pushed in. They were in that development phase. I am not sure how well they are doing right now.

Negative

I've worked with CrowdStrike and Sophos and they provide a much better way to handle things than Trend Micro.

We never had any other tools or other antiviruses, other EDR solutions, that were playing any roles in the infrastructure. We only had ESET, and we were phasing those ESET servers out to Trend Micro. The only tool that we worked on, or XDR that we worked on, was Trend Micro.

The initial setup was pretty straightforward. They had given us one file which we could push through group policy updates. It was implemented throughout the organization. Implementing was pretty easy and it was pretty lightweight.

I was happy about that as it was not a resource-hungry agent which was running in the background, and we could not kill it, we could not limit it. Typically, XDR agents can be a bit resource-hungry, however, this one from Trend Micro was very light. 

I'm not sure how long the deployment itself took.

Our IT team was pretty huge. It was around 30 odd people who used to work on it, however, I'm not sure how many of them were dedicated to working on Trend Micro for maintenance.

We had our internal IT team who we used to do the installation.

The company I worked for did not lose its money as Trend Micro was a low-cost tool. The features which we were getting were justified by the cost. It was not too costly to have those features.

I'm not sure of the exact price, although it is moderate. I'd rate it 3.5 out of five in terms of affordability.

You could get new features with an added cost per license, or it used to be bulk. Having that modularity helped in choosing and protecting our systems, and keeping the cost down. That modularity helped us in the beginning.

We also evaluated CrowdStrike with Trend Micro. CrowdStrike was phenomenal. I have all the good answers for them. If I have to rate them, I will rate each feature four out of five and above since they were that good.

CrowdStrike was too costly for our organization to have, as we had started building the Infosec inside, having Infosec in-house. Previously, it was outsourced.  I was the first person who was enrolled for Infosec.

I was an end-user.

I'm not sure which version we were using it. 

The solution was on the cloud. We were discussing having it on-prem, however, the cloud made much more sense for such a small organization rather than utilizing the resources on-site.

I'd rate the solution six out of ten.

One of the features I like in Trend Micro XDR is that you can drill down on the root-cause analysis for anything you find on the solution. I also like that it works for detection purposes. Behavior analytics is also what I like most about Trend Micro XDR. I love that it has features such as behavior detection, program detection, and memory scanning. By default, the solution protects against spyware, apart from the normal virus scan. Smart Scan and DLP are also available in Trend Micro XDR which I like as well.

A room for improvement in Trend Micro XDR is more visibility into the alerts. We do get alerts from the solution, but when we are away, we need to have more visibility.

An additional feature we'd like to see in the next release of Trend Micro XDR is reporting, particularly RCA reports because those will help us a lot. Right now, we need to log into the portal to drill down the RCA. For example, when an alert comes in, it will be blocked immediately by Trend Micro XDR. We get the message "This has been blocked", but when we want to drill down in terms of where it started, we need to log into the server, do the RCA, and drill down on it. While doing the RCA and drilling down on it, it would be good if we could get a report directly from Trend Micro XDR because that report could help us.

We've been working with Trend Micro XDR for more than one year, and we're still using the solution.

During the first time we used Trend Micro XDR, we had some issues in terms of stability, but later on, everything became stable.

Trend Micro XDR is a scalable solution.

My impression of the technical support for Trend Micro XDR is good.

We compared Trend Micro XDR against CrowdStrike and Palo Alto, but in terms of the features and pricing, we went with Trend Micro XDR. The solution had a really good price and we are getting almost all the features.

The setup for Trend Micro XDR was easy and didn't have much challenges, especially because we have centralized management so it was easy to manage.

The first time we implemented Trend Micro XDR, we had an integrator because we were on Trend Micro Apex One, then we wanted to migrate that existing solution to Trend Micro XDR, so during that time, we needed an integrator for the implementation of the solution.

Trend Micro XDR has a good price, and on a scale of one to five, I would rate it a four out of five in terms of price.

My company evaluated CrowdStrike and Palo Alto.

My company is working with Trend Micro XDR, an advanced version of the EDR solution.

There are around six hundred users of this solution, but only one person required for its maintenance. Normally, my company deploys this agent. There's another tool from where my company pushes this agent to the end user, pulls to the end user system, then scans from this console, then my company gets all the reports.

I would rate Trend Micro XDR seven out of ten.

We use the solution primarily for monitoring. It's for running investigations.

If we need any endpoint logs, we're able to access them. It helps us with investigations. We can see, for example, if we are investigating email, the processes running, and any anomalous activity. It detects that kind of stuff. 

We are using MicroVision One and it helps us with centralized visibility and management across protection layers. Having a centralized view is very helpful. If we have everything in one place, we can see in one display all of the virtual information and attack rates, et cetera.  It makes it easier for an engineer to monitor everything. 

We use the risk index feature for the endpoints. It helps with the analysis of malware. It can automate scanning for day-to-day activities. 

Trend Micro helped us to decrease our time to detect when responding to threats. It has also helped reduce the amount of time used to investigate false positive alerts.

The support has been delayed at times. They could improve that aspect of the solution. 

I've been using the solution for about six months. 

The solution is stable. We've had a good experience. 

The solution can scale. I'd rate the ability to scale eight out of ten.

The support response can be delayed during investigations. 

Neutral

We did not previously use any other solutions. 

We did not handle the deployment. It was handled by Trend Micro.

There is a bit of maintenance required. However, the vendor handles it. 

Trend Micros handled the initial setup for us. 

I'm on the client side. I don't deal with the licensing directly. 

We use the solution across our network.

I'd rate the solution eight out of ten.

The information you get for the solution in terms of investigation, makes things easier. 

The solution is used to secure our servers and server endpoints and acts as cloud security. It protects us and acts as an antivirus, antimalware, and web protector. 

There are lots of benefits. Definitely, it is protecting the enterprise from, you know, cyber attacks, including viruses and malware. We are protected from malicious websites and dangerous attachments in phishing emails.

It's capable of handling automatic responses. It can act to block certain files and clean up files as well automatically.

The solution has its own threat score and can give you details about events. It can recommend actions and show you the graph of execution to help you understand what is happening and what the impact is for the end-user machine. 

The threat database is continuously getting updated across the globe.

It's very stable.

The initial setup is easy.

Scaling is not a problem at all. 

There are certain items that are blocked, and another component is not working properly so the blocking does not happen correctly.

They have a DLP module in Tredn Moicros and they need to enhance its capabilities. 

I've only recently started working on the solution. I started working on the solution in March of this year. 

The solution is absolutely stable. There are no bugs or glitches. It is reliable.

It is easy to scale the solution. 

We have about two users dealing with XDR. They monitor work benching and logs. 

We previously used McAfee. I did not directly handle the product. XDR has more capabilities, including server, cloud, and network security.

The initial setup is very good, as they offer very helpful support. We didn't have any issues when it came to deploying it. It has a very good GUI that makes it easy.

The deployment started with the XDR component, which gets deployed. We add agents to the endpoints. We can see, on the dashboard, which is XDR enabled. For the cloud solution, we don't have to deploy as many agents. 

The network inspector also needs to be installed at the parameter level.

For Trend Micro  Deep Security, there are separate policies we need to configure as well.

The deployment typically takes a month to deploy if there are 500 resources. 

The support is very good, and there are quarterly health checks to ensure maintenance is very easy. The vendor handles the maintenance. 

An internal deployment would require a team. We're able to handle the process ourselves. 

The licensing is reasonable. It's not overly expensive. There is just a standard license. We do not pay additional fees. The solution is agent-based. The cost depends on the number of agents you have. 

We are using the latest version of the solution.

This is a SaaS solution. 

I'd recommend the solution to other users.

I would rate the solution eight out of ten. 

We primarily use the solution as security against ransomware as ransomware now has become the biggest threat for our customers.

Our central customer had a breach on the ransomware side. Even production is stopped by ransomware - which is why it's so important to protect against it.

The solution has similar features to Sophos. Every parameter security of Trend Micro sends the telemetry to the cloud. Then they try to analyze on the cloud. There's something like Deep Discovery for the sandboxing. Every parameter security will send the telemetry as well to the cloud.

The IPS prevention is great.

It's easy to set up the product.

The solution is stable.

You can scale the product.

It's affordable. 

Trend Micro doesn't have the next-generation firewall. They have the IPS TippingPoint, however, interms of the next generation firewall, Trend Micro doesn't have this as a part of their solution. 

We've been using the solution for three or four years. 

The solution is on the cloud and that makes it pretty stable. The accessibility of the cloud is better. They maintain the uptime so we don't have to worry about it. It's reliable. There are no bugs or glitches. 

The scalability is very good. Once again, being based on the cloud makes it very scalable. Right now, many, many people are using the product.

Most clients will start very simply with the basic functionality, like endpoint security. Then, they will move on to Deep Discovery for the sandboxing. Then they will move to another solution, like the IPS prevention system for the TippingPointing solution. Typically, they keep scaling and expanding to get more options and services. 

Technical support has been helpful and responsive in the past.

Positive

I Have also used Sophos, which does have a next-generation firewall. They are very similar solutions, however.

The implementation process is straightforward. It takes effect in eight days. For the Endpoint solution, it just depends on the number of endpoints that we deploy to customers. If it is small in size, like 50 to 100 endpoints, then it will take between ten and 20 days. If the endpoint number is around 1,000 endpoints, it will take more days to complete the deployment.

Typically, we have five to seven people that manage the implementation process. 

I'd rate the ROI at a four out of five. It offers good ransomware protection.

The pricing is okay. I'd rate it three or four out of five in terms of affordability. They are competitively priced. 

We are partners. We're also partners with Sophos. 

We are using the latest version of the solution. While we still use an on-premises version, most of the solution is now on the cloud. 

I'd advise potential new users to start using the basic check and move up from there. 

I'd rate the solution eight out of ten. 

Trend Micro XDR is useful for more extensive networks, and it's cost-effective for networks with over 500 or 1000 users.

I like that it is a comprehensive security solution with a lot of features. You can say XDR is an end-to-end security solution with endpoint security. It includes all your servers, networks, and other devices. The endpoint security solution does not cover this. Plus, machine learning and features like that are the main things in XDR solutions.

It would be better if it were more user-friendly. It would also be better if the implementation were more straightforward.

I have been selling Trend Micro XDR for two or three years.

Trend Micro XDR is very stable.

Trend Micro XDR is a scalable solution. We have about eight to ten clients using this solution.

Technical support is good. You have your own technical team and the Trend Micro team as well. Plus, Trend Micro itself is present in Pakistan. So typically, we don't have that many issues contacting them and getting support.

The initial setup is a little complicated. It is a huge solution, and it usually takes about a week or so to implement and deploy the solution. You will need at least two to three technical professionals to implement and maintain this solution.

Trend Micro XDR is expensive, and you have to pay for it yearly. 

I would recommend this solution to customers in the financial sector. I usually do not recommend this product to any company with about 100 to 300 users because it's not cost-effective. XDR is quite expensive, so we typically sell XDR to the financial sector, especially banking. They are the prime candidates for this kind of solution because of their extensive network.

On a scale from one to ten, I would give Trend Micro XDR a nine.

It is for endpoint protection. It is essentially a modern updated version of antivirus that has more heuristic and behavioral detection components. 

We are using its latest version. In terms of deployment, it is a combination of cloud and on-premises. There is a local install on the endpoints, but it is controlled through a cloud interface.

Its detection rate is valuable. It is really an easy product to install and manage. It is quite effective at what it does, and if needed, it can also be co-managed, which means 24 hours and seven days a week monitoring through a SOC.

There isn't a lot I'd do to change it. The web interface could be improved to sort of make it a little easier to manage multiple clients out of one location. It could also be made a bit easier to sort of manage the licensing side of it.

In terms of additional features, probably the only thing would be a rollback function. They are actually working on it because they're halfway there with it.

It is a new product. We have been using it since they released it. It has probably been about 6 to 12 months.

It is a very good product. I've been working with Trend Micro as a company for probably 20 years. Their products are pretty rock solid.

It is easy to scale. We've got about 150 or 200 endpoints at the moment.

I have contacted their support, and they are very good. Their response time is quick.

It is very straightforward to install. It is pretty clear, and it takes a couple of minutes per device. You can automate that process of rollout as well.

Because it was a new product, I reached out and spoke with technical and obviously salespeople and so on within the company to do some basic training and get my head around it to be able to deploy it. I could've researched that myself, and it would've been fairly easy, but I chose to sort of speak to my company rep and so on. He organized a bunch of short get-togethers with some of their technical staff, which was useful.

It would be nice if it was a little bit cheaper, but I think it has a fair price. It is comparable to others in the market.

It is basically Trend Micro's response to other products in the market such as SentinelOne and so on. I don't know how it stacks up against SentinelOne and others, but I suspect that it is sort of right up there.

Trend Micro is a very large company. They put a lot of money into the development of their products and so on. I would recommend it to others, and I have already been recommending it to others because our clients pretty much are on Trend Micro products. So, there would be legacy ones. To those who are coming for renewal, I recommend moving to XDR.

I would rate Trend Micro XDR about a nine out of 10.