Trend Vision One Reviews

It offers very good ransomware protection. You have more visibility on the network.

It helps with compliance. We are also well-protected from ransomware and network attacks.

It's improved our organization in two ways: we can have more visibility and have more confidence in security. We also have better reporting for regulatory compliance. 

The endpoint protection is the most useful. It's powerful. I've faced issues with other products regarding ransomware; however, with Trend Micro, I have no fear of network attacks. I have experience with consistent protection. 

Customers have NDR and XDR protection, and it's very good for protection. There are also regulations within our country that require us to use XDR. 

The centralized visibility is good. It's great for the IT team as they have to export reports to management for compliance. It helps with reporting. It's essential. 

The centralized visibility and management across protection layers helped our efficiency. We have a limited number of security engineers. With Trend Micro and its centralized dashboard, it will show everything we've learned and reflect reporting on the dashboard and this helps when you have a limited amount of users. It simply reduces the number of people that need to be involved in the security effort. 

We use the executive dashboards on both sides. We can drill down on them right into XDR detection. It's essential when we have an incident. If we need to know more about the threat, we need to know where and how they are attacking. We can drill down and get forensic data. 

The solution's risk index feature is very good. It comes out of the box. Our customers can use it. 

The product has helped us decrease our time to detect and respond to threats. 

It took some time to realize the benefits, as we had some issues with support. It took us three to four months to realize its benefits. 

The support should be improved. 

We'd like to see deception features in the next release. It would help us to reduce false positive alerts. 

I've been using the solution for seven years now.

The stability is good overall. 

The solution is scalable. You simply need the resources on the VM, and you can easily change your license. 

We've had issues with support. Their services could be improved. 

Neutral

I have used Fidelis and found you can control the endpoints better. They also have a deception module, which is very powerful. You can manage your endpoints perfectly. It also offers very good network visibility. I use both products. It depends on the customer's needs and approach.

I observed the deployment process. 

We had issues. It should be straightforward; however, with a customer, we faced a problem with technical support. It took us almost eight months to deploy. They had issues with the installation on the endpoints and on the network side. We had a problem with a few things, including use cases. 

The plan was to deploy in two weeks, and yet it took almost eight months.

From the customer side, there were three engineers, and from Trend Micro, there were one or two engineers working on the solution.

Almost every two weeks, there are maintenance calls. The customer has three people handling maintenance duties. 

The solution was deployed by support. 

The pricing is average. The costs are acceptable. It's good for small or medium-sized businesses. 

I'm a partner. 

We're using the latest version of the solution. 

I'd rate the solution eight out of ten. 

For enterprise customers, I wouldn't recommend the solution. However, it's a good solution for small or medium customers. New users need to ensure they have the correct sizing and licensing. 

You need to talk to the right support engineers in order to have a smooth experience. 

Trend Vision One is a comprehensive endpoint security platform that combines NDR, XDR, and MDR capabilities in a single dashboard. We deploy it in offline environments, such as power plants, using relay management to ensure system connectivity without internet access. This approach allows for implementing robust security workflows even in isolated networks.

Trend Vision One effectively protects endpoints from malware, ransomware, and malicious scripts by allowing for the configuration of policies and sensors that detect and prevent unauthorized file modification.

Trend Vision One offers advanced threat protection that adapts to new and unknown threats. Upon detecting a threat, it deploys a virtual patch to mitigate the issue.

Trend Vision One helps detect ransomware with runtime and machine learning capabilities and will alert us of the detection.

Trend Vision One provides us with a single console for cross-layer detection, threat hunting, and investigation and is easy to learn.

It enhances risk management by providing comprehensive visibility into our environment. This ensures all systems are up-to-date and vulnerabilities are minimized.

Virtual patching is extremely helpful because it provides proactive protection against vulnerabilities even before a fix is available for the underlying issue.

Trend Vision One has helped reduce the number of viruses and malware we received. It has also helped manage risk effectively across various products like workload security, email security, and others through a single dashboard, thus making it easier for the organization to manage risk.

The most valuable features of Trend Vision One are its capabilities for XDR, EDR, MDR, and NDR, allowing for network detection and response. It is a comprehensive solution, and even Gartner recognizes TrendMicro as a leader. Additionally, it offers excellent endpoint security and protection that can be easily managed with sensors and agents.

I would like Trend Vision One to incorporate more AI.

I have been using Trend Vision One for approximately two and a half years.

I rate Trend Vision One's stability ten out of ten. I have only faced downtime once and am confident in its stability.

Trend Vision One is scalable, and I have not encountered any issues scaling the solution to meet different client requirements.

I rate the scalability of Trend Vision One ten out of ten.

Customer service and support are excellent. The support team is very timely and helpful, offering solutions and assistance as needed.

Positive

The initial deployment can be done quickly and easily, especially for smaller deployments within one day. For larger deployments, like those with hundreds of endpoints, it might take a few weeks.

I am not directly involved with pricing, but I emphasize the need for competitive pricing to facilitate easier sales.

I would rate Trend Vision One ten out of ten.

Our clients range from small up to enterprise level.

I recommend Trend Vision One to others.

We had a SIEM in place, but we wanted to do some behavioral analysis of the files that are getting deployed. We wanted to check to ensure that it was nothing with the external registration side. We needed an EDR solution for checking and monitoring everything deployed on this target machine or our host machine site. It will check and detect if any malicious files are there or not. We are getting alerts related to that kind of thing. So we used to check those alerts on the XDR, and we used to, like, do the incident and response to that kind of thing there.

If you have a SIEM in place, you will only get the network logs. XDR gives you more control over what files are getting deployed, how they are being executed, and how they can potentially harm your system. XDR doesn't work like a normal antivirus solution, which uses signatures to detect and block threats. XDR detects based on behavioral analysis and blocks most things.

It reduces the investigation time because it gives you everything, including how the file was executed, which processes it called, the file name, the stemming, and the time. When we have the endpoint name, we can reach out directly to the endpoint owners and communicate with them regarding those alerts.

I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed.

It's a SaaS solution that covers endpoints, email, and cloud. We have agents installed wherever data is being pushed, so it used to give us a payload. Cloud functionality is one of the most critical things because we don't generally have visibility for cloud applications. Once we install the agents, we gain visibility into all the things integrated on the cloud or any SSH attempts.

XDR offers visibility across layers. This is critical when you want to implement some policies and apply exclusions for particular parts of the system that should not get scanned. It's easy to implement those things. Let's say you want to deploy policies for multiple systems. Using Apex Central, you can directly push the policy to various systems and cover the logs of several systems at a time. 

Sometimes, there are some false positives. For example, once a user had a file in their system named recovery.txt. The solution was flagging that as a ransom note, so we were confused. It isn't that serious, but it should be improved. 

Also, XDR should improve its coverage of the latest IOCs. Their suspicious object management works, but the coverage should be improved. It will take one or two months to get those things covered. XDR will detect on a behavioral basis, but these databases will not get updated daily like some other solutions. If you're dealing with new ransomware or malware, it may take around a month before it's covered by Trend Micro. 

I have used XDR for two years.

Trend Micro XDR is stable. We've never had downtime. 

Trend Micro XDR is scalable if you can pay more for licenses. 

I rate Trend Micro support seven out of 10. Their technical support is good. They reply regarding your cases. However, if you don't reply to them properly, they may close your case if you are not reviewing that kind of thing. 

Neutral

 I previously used Crowdstrike, which is an MDR, so it was totally managed by the Crowdstrike team. They were monitoring every alert that was generated, so it's hard to compare it to Trend Micro XDR. It was somewhat similar, but CrowdStrike is more proactive than Trend Micro, and it has greater coverage of IOCs. I have also used SentinelOne.

It's a SaaS solution deployed across multiple locations covering 20,000 endpoints. It doesn't require any maintenance aside from updates. 

I rate Trend Micro XDR seven out of 10. If you plan to implement XDR you should be aware of the IOC coverage and follow up with the Trend Micro team. Most things are covered, but it takes time to add and deploy all that stuff. 

I did a POC with Trend Micro on our servers. We were testing for detection capabilities. We wanted to use it for security protection.

Once we deployed the solution into our organization, we were able to view logs. From there, we could handle detection. 

The detection was very good. It helps with threat hunting. 

Its interface is good. We were able to find logs easily.

It's been working well on our organization's network. I'm satisfied with the level of coverage. The policies have been very useful and detailed. 

We use the solution's executive dashboard. We actually have two or three dashboards. It helps us spot vulnerabilities. 

It's helped us reduce workloads. By getting logs, we could reduce detection time. The threat hunting became easier. We're still working through a POC, so I can't speak to if it will enable us to work on other tasks. We're still testing. 

The solution has helped us to decrease our time to detect and respond to threats. We can respond to threats in half an hour to an hour.

When an incident occurs, it will detect the incident within half an hour to an hour. I'd like to see alert time reduction so that they show up on the dashboard faster. 

I've been using the solution since 2021. 

The solution is stable. 

I've never tried to scale the solution. For my purposes, it's fine. I can't speak to how scaling would go. Likely, it can scale. 

I've been satisfied with the technical support. They are very good. 

Positive

To deploy the POC takes less than one week. Implementing the cloud is fast. It's not complex to set up. 

The pricing is expensive. Most organizations cannot afford XDR. 

I don't deal with the licensing directly. 

I've looked into other solutions, like Cortex. Trend Micro offers good visibility. I prefer Trend Micro. It's good. I like the useability. 

I'm an end-user.

We have yet to use the attack surface risk management capabilities. I only downloaded the sensors and installed them on the current phones and servers. We've only done this in the last week. 

I'd rate the solution nine out of ten.

Trend Micro XDR is utilized for security management, and we apply it to our email, network, and endpoints.

Trend Micro XDR is based on its proprietary cloud.

Trend Micro provides us with centralized visibility and management across protection layers, which are important to our organization.

The centralized visibility and management across both layers improve our efficiency by offering central security without the need for extensive management or fine-tuning. Trend Micro is also comprehensive and user-friendly. We have confidence in the results.

The risk index provides us with insights into potentially vulnerable areas or aspects that we may need to double-check to ensure everything is working as expected. In other words, it's a useful tool to obtain a quick overview of parts that could be more exposed to risks and other potential issues.

Trend Micro helps reduce our MTTD and MTTR.

Trend Micro presents results in a comprehensive and easy-to-read manner, which helps reduce the time we spend investigating false positive alerts.

We utilize Trend Micro's automation capabilities for alerting and categorizing emails into specific categories based on their risk level.

Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage. The security results have been quite good.

I would like to have more integration with mobile device management.

I have been using Trend Micro XDR for three years.

Trend Micro XDR is stable.

Trend Micro XDR is scalable. As a small company, the licenses we have are sufficient to meet our needs.

The technical support team is excellent, and they were able to answer our questions to our satisfaction.

Positive

The deployment did not appear to be complex, but it was managed by Pro-Axis, who utilized a large workforce to ensure the swift completion of the deployment.

We engaged an external partner named Pro-Axis to assist us with migrating from Trend Micro on-premises to Trend Micro XDR. Their services were excellent, and we did not encounter any unexpected issues. We were fully satisfied with the migration process as Pro-Axis promptly restored our services.

The pricing is competitive, and the cost aligns with the features we receive. The license fee covers all of our needs.

I give Trend Micro XDR a nine out of ten.

We were initially using Trend Micro on-premises and then expanded our usage by implementing XDR. We were satisfied with the solution and its features, so we made the decision to stick with Trend Micro.

A small team is required for maintenance, which will not impose a significant burden on our IT team.

Our entire organization uses the solution.

I suggest trying out the trial of Trend Micro XDR to assess its suitability for their environment. It can be a good solution for small or medium-sized organizations, but keep in mind that everyone has their own specific requirements.

Currently, our company uses the solution solely to monitor our servers for intrusions and other security-related issues.

I will have to have a look at my end to be able to explain the features that I find most valuable about the solution.

A room for improvement is Trend Micro XDR's website. It's a very complicated website since finding the right point one wants to see is difficult.

I have been using Trend Micro XDR for a year now. Also, I am a customer using the solution.

It is a stable product. It works very well.

Presently, we have 150 users in our company using the solution. Even if the number of users were to increase in my company, it would still work the same.

Initially, while using the solution in a company, we faced some issues. Our company did help us to resolve these issues.

Since another company carried out the initial setup process, my company did not find it complicated.

The solution is currently deployed on-premises, but we are planning a move to the cloud. We have a plan to conduct a POC for Trend Micro XDR on the cloud shortly.

The pricing of the solution is okay. There is a need for me to look into the new pricing plan introduced by the solution recently.

I would tell those planning to use the solution that they need to consider using it. I rate the overall product an eight out of ten.

We primarily use the solution for the XDR.

We have integrated this with all of our endpoints. Basically, we are using it for incident response. We have a SOC team here, so we are using it in a SOC and the Workload solution. For two or three months, we have been migrating to Workload Security. It is mainly for incident response.

We are able to observe attack techniques and targeted attack detection. 

We need to explore more on it since it is still a new product for us. 

It is quite advanced, and it can help us protect our organization against threats. The targeted threat detection is great.

My understanding is the initial setup is pretty straightforward. 

The solution has been stable. 

We can scale the product as needed. 

Technical support is helpful.

It is easy to maintain. 

We'd like to see a few more integrations. Specifically, we'd like to see more IOC integration tools. 

We haven't implemented the automation piece just yet; however, we will go through that soon. We just need more time to see how it all works. 

I've been using the solution for six or seven months. 

This solution seems to be pretty stable so far. I haven't come across any issues. There are no bugs or glitches. It doesn't crash or freeze. 

The product is scalable. When we started, we had a few agents and very few endpoints. At this point, we've integrated with most of them. We haven't seen any issues as we've scaled up.

Support has been quite helpful overall. We've dealt with them multiple times, and they have always been helpful. We tend to get the help we need within two or three hours. They ask many questions and get down to solving the problem at hand. 

Positive

I also work with Microsoft Defender. 

We were using OfficeScan and ApexOne as well. 

We decided to work with this product as it had a good reputation.

While I wasn't directly involved with the setup, my understanding is it was straightforward. I do not recall hearing about any complexities coming up. The deployment itself took a few months.

In terms of maintenance, we do get hotfixes every once in a while. It's pretty simple to maintain. 

Trend Micros assisted our team with the setup process. However, it was mostly handled in-house. 

I can't speak to the exact cost.

I'm an end-user. We are using the latest version of the solution. 

The support is pretty good. It is really straightforward. It is very easy to understand, and therefore, I highly recommend the solution.

I'd rate the solution nine out of ten. 

I work with it as a third party in other companies. I installed XDR in other companies. And then, I help them understand the tool, help them with developing the necessary use cases, and understand, for example, how to do a threat intel, how to do a threat investigation, and stuff like that. Sometimes, I work with it as well by implementing it and actively using it in the customer's environment.

The workbench feature is excellent. It helps a lot with understanding how the environment is working and how the threats are working in their own environment. It helps a lot to understand where the threat is coming from, where it is going, how is it being dealt with, et cetera. 

We do not use XDR to protect a multi-cloud or hybrid cloud environment. I have other solutions on the cloud, like Apex One, the endpoint protection feature in the cloud. I have Cloud One Workload Security, which is protection for workloads and servers where the main console is in the cloud. I'm mainly using this to protect an on-premises environment. 

I've been using it for emails, for networks, endpoints, workload servers, et cetera. It has the ability to cover all of those. The coverage is really important. The integration between all those different tools and those different assets makes a big difference in understanding the analytics.

It provides centralized visibility and management across our protection layers. That helps in a lot of ways. For example, the fact that it has some centralized visibility means we can do searches between email addresses and an endpoint. We can take a workspace, for example, and do IPS detection in a workspace and understand from which endpoint something is coming. 

We use the executive dashboards that they have almost every day. Once we see an anomaly or something that feels weird in the environment, we can go straight to work, straight to the detections, and we can take a look at it to see what's going on. 

We use the Risk Index mainly to help us understand a customer's environment. We use it to get a brief overview of how the environment is, how high their risk is, and then, given the score that we've received, to understand what is causing this risk and then give them suggestions on how to take the score down.

We use the Managed XDR feature. It just basically collects the telemetry and sends it to the console so we can use it in other parts. It has helped a lot with the team's workload. The detection has been really, really useful. It helps a lot to rank where we should put our efforts. Sometimes we'll have to take a deep investigation into some of the stuff we see. Sometimes other issues emerge as we dig. It's helped in detection.

We use the risk management attack surface capability to understand the vulnerabilities and how high a risk something is in the environment. It can help with detection. It's helped us effectively identify blind spots. 

The product has helped us decrease time to detect. We've had some issues with a couple of our customers in which the XDR helped us easily detect an issue, and it was fast enough for us to be able to react and respond quickly in order to mitigate damages.

The web viewer could be improved. I've had some issues with it in the past. 

The zero trust is a bit complicated compared to other parts of the solution. 

Mostly, I don't have any issues with XDR.

I've used the solution for about three years.

I haven't had any issues with stability. There has been no crashing to lagging. We occasionally get informed about maintenance that may cause downtime. 

We've had no issues with scalability. 

I've contacted support in the past. They are pretty good. They have a high understanding of the platform and the solutions. If they need to escalate, it's easy to do so. 

Positive

We did not use a different solution previously.

I was involved in the installation. We have an agent installed in the endpoints or a sensor connected to the mail sensors. 

The initial setup is straightforward. You just click through with a simple connection. 

It doesn't require any maintenance on my end. 

We had about four people handling the implementation. We just had to have some credential access, and once the connections were made, we had to distribute the sensors throughout the environment. 

You need the whole platform to use XDR. However, there are some activities you don't need XDR to use. 

I'm not familiar with their pricing and licensing. 

We are an official Trend Micro partner.

We do not yet use the automation capabilities found in XDR.

I'd rate the solution nine out of ten. 

After implementing XDR, have a good understanding of how the workbenches work to create a decent playbook. Use the service gateway to your benefit. Connect your active directories, make connections, and use integrations with your firewalls. These third-party integrations are really good, and they help you a lot with your environment.