TrendAI Vision One Reviews

I work on TrendAI Vision One endpoint security in the XDR part. I have been working with TrendAI Vision One for approximately two years. We manage multiple endpoints, approximately 3,000 endpoints. We collect telemetric data from there and check all the servers in our inventory, whether they are online or offline. We troubleshoot whether there is unusual activity happening on the endpoint. TrendAI Vision One generates alerts for any suspicious activity, and then we mitigate accordingly. We are using TrendAI Vision One's sensors on endpoints and servers.

The versatility of TrendAI Vision One is what I like the most; we have a lot of options. The segregation is best, with endpoints divided into separate parts and servers into different parts. The policies are well-figured and well-maintained. We have the threat hunting part, the mitigation part, and the sandboxing capabilities. The areas to explore in TrendAI Vision One are fabulous. We can divide the endpoint on our own, and the server part is also great. It is very user-friendly, and we can segregate it on our basis. We can generate alerts on the basis of what we want. We have the option of playbooks, which makes it a more user-friendly and understandable environment that gives us exactly what we want.

TrendAI Vision One is very critical for us because we do not use an EDR tool; we use an XDR tool only, and we have integrated it with the SIM solution. If we did not have TrendAI Vision One, we would not be receiving the traffic or SIM data, and if there is any individual traffic or any individual behavior in the network, we would not be able to recognize it without it.

The biggest challenge is that users take care of their laptops approximately 80% of the time, but when there is an outbound connection, the user is not able to do anything. The user does not understand if he gets redirected from a legitimate site to another site through backtracking. At that time, the user is not itself involved in this, but TrendAI Vision One blocks the site on its own. It blocks the traffic on its own, which is the greatest thing and the live working thing with TrendAI Vision One that helps us.

We have the Cyber Risk Exposure Management capabilities in TrendAI Vision One. It shows us how much risk is in our environment based on the data it takes from the endpoints and the environment. We check that on a regular basis and develop a report every day on the basis of that. It is very great and gives us much more visualization. We do not need to go anywhere; we just need to open that and check where it is happening, and it gives us the best results.

In exposure management, we have multiple parts covering spyware and malware. Approximately six or seven months ago, one of the users was trying to access a website and it was getting linked to another website which was carrying grayware, which is a kind of spyware. Usually, the EDR solution does not track that because it is a web traffic issue, and EDR solutions are not able to track spyware much because it is only a bit suspicious without anything malicious in it. However, in the exposure management part, we received an alert of unusual traffic. We checked the telemetric data and all other things through our VTA and other tools. We did not find much that was malicious, but TrendAI Vision One was generating an alert again and again. We deep-dived into it and found that the website itself was not malicious, but it was carrying some spyware and was redirecting to something different. That was the best experience I had from the past two years.

When we started to use the product, the policies were not fitted properly. At that time, we used to receive a lot of false positive alerts. After doing some fine-tuning and adjusting some playbooks, the noise has been reduced to 80 to 90 percent. A lot of data has started coming in, and the data we get now is mostly true positive. We get to segregate it easily because the noise is reduced.

The AI of Trend Micro is really very good. If we are getting an alert and analyzing it, people sometimes ask to charge ChatGPT, but that is not good because that data is going to ChatGPT and that is not safe either. If we are asking the AI model of Trend Micro only, that is the best thing because our data is not going to anyone external, and Trend Micro already has that data. At that time, the threat gets less. However, the area where it should improve is that it gets stuck. It does not have that much amount of data. It does not understand easily, and we have to explain it more. I suggest that you make sure to train that model a bit more.

Apart from that, the rest of the things are really very fine. Only the AI part needs to be learned more. The AI should be given more data and should be made to understand more how to work. The rest of things are great, really great.

I have been working with TrendAI Vision One for approximately two years.

On Diwali, I do not remember the exact date, but it may have coincided with the AWS outage. We were not able to log into TrendAI Vision One due to a problem in the back end, which I believe was due to the AWS outage. We were not able to log in for approximately an hour or two. At that time, it caused us a lot of crisis because anything could have happened at that time. Fortunately, everything was on its case after we logged in. No attack happened during that one to two hours, and everything was fixed.

I found TrendAI Vision One to be very scalable because it is adaptive in nature. It takes care of vulnerabilities on its own. Its core services and AI-driven capabilities are also good. It has threat management on its own, and its effectiveness is also good; it is efficient.

I would rate customer service as 4 out of 10.

Positive

The setup process of TrendAI Vision One is pretty quite easy. We set up a path and keep the sensor there and then run it as an illustrator and perform some basic steps. We check the telnet of the URL and ping the IPs. If everything is working fine, then the connectivity is perfect and we are good to go.

I work in the Cybersecurity department. We do the deployment and take care of the security part end-to-end. I have not personally done the implementation myself, but I have done this work and I have knowledge about this all.

I have used Centra one, which is a very small product compared to TrendAI Vision One. TrendAI Vision One has many things in it and takes care of many servers. In Centra one, we have global sites and endpoints, but all the policies are at one place with all the endpoints and servers at one place, which is a bit of a hurdle when we take care of compliance. In TrendAI Vision One, we have that at different places, which makes it help us a lot. Centra one is an EDR solution that takes care of endpoints only and does not take care of the network. TrendAI Vision One takes care of the network also. If we have ten laptops in the environment and only eight of them are integrated with the XDR, then the remaining two will sometimes generate an alert on the basis of network. In EDR, if the eight endpoints are integrated, we will get the data of those eight only. That is the plus point here. If there is anything in the network, we will get to know. I also use other India solutions like Sentinel One and CrowdStrike.

I gave my highest consideration to TrendAI Vision One based on its integration and its user-friendly nature. Everything is segregated properly. The servers we get on the different part, and the endpoints we get on the different part. The alerts for the servers we get on the different part and for the endpoints we get on the different part. One more thing that is great is the workbench part. We have OAT, we have EPR, we have other things, but the best thing about it is its workbench. If we get an alert anywhere in the EDR XDR part and if that is much critical and it is getting an alert again and again, then TrendAI Vision One on its own generates its workbench. What makes it easy is the check that this one is more critical, and we should go and check this one first and then move to another part. It helps us to reduce the time to check which one we should go first and which we should check second. As an incident responder, it is very good to segregate the criticality of the function. If TrendAI Vision One gives that on its own, it becomes really very helpful.

We do face vulnerabilities. I know of Zbot, which is one vulnerability. We were getting an OAT alert over that vulnerability, and we were getting many more alerts also. We got approximately 40 to 50 alerts in an hour. For an incident responder, it becomes hard to decide which one to pick first and which one to resolve first. The workbench came here and analyzed all of the data and generated one workbench indicating that we should first go for this host and check the details here because it is more crucial than the other one. Security is never complete, so we can go for the more critical one which will be affecting the business more, and then we should resolve that first and then move to the other part. That is the best thing ever.

Whenever TrendAI Vision One gets connected to any malicious IPs or URLs or anything, it blocks it first and then generates the alert. If it is not blocked, it generates the alert, and then we analyze the telemetric data and find the URL and IPs from it. We then make sure to block it from our end, not from the XDR only, but from the SIM and other firewalls and all the tools. We do threat hunting from it. We check the telemetric data on a regular basis and find some URLs and IPs, and then we block it from the firewall and our SIM, EDR, XDR, and another tool. What happens from it is we know that this IP is malicious. We get the advisory, we block it from our side, and we give these IPs and URLs to another security tool so they block it. In the future, if a user clicks that malicious IP or visits those malicious links, TrendAI Vision One will block it on its own.

I would also like to mention that we do isolate the machines from the back end when they are not compliant or when the version is older. After isolation, the network gets completely isolated, the user tends to work faster, and our compliance gets maintained much more easily. The data encryption and access controls across the isolated system for the non-compliance does not get much of the risk, and our data also gets out of the control. The inconsistency of security comes into the point, and then our compliance gets maintained properly, and it is all because of the silo performance. I know that Trend Micro works for the hybrid environment, but right now we do not use that. We have on-premises for all the things. We are thinking to shift over the cloud, but right now we have not shifted.

One thing I would like to suggest is the user login and log out time. If we have ten users integrated with the XDR solution, it should show us when the user was last logged in and when it was logged out. That time should reflect over the console. The blocking capability works most of the time, but it does not work every time, which is a bit problematic.

I rate this product 9 out of 10.

Our usual use cases for Trend Vision One involve the detection of any kind of threat. We are getting alerts from the workbench on Trend Vision One and we perform threat hunting. If there are false positives, we close them, and in the case of true positives, we take action toward remediation and closure. Predominantly, we use it for threat management.

Trend Vision One is an integrated platform where I can get all the information about all the endpoints, whether it be a server, laptop, or desktop. Everything is integrated, allowing me to see everything within one console; that is one of the greatest advantages of Trend Vision One.

In terms of centralized visibility and management across protection layers, Trend Vision One provides protection across all attack vectors. It allows us to manage threats in all phases. We can even perform forensics where we can collect suspicious files remotely to submit to Trend Micro.

Trend Vision One helps reduce the time to detect and respond to threats. We get alerts in real-time. We receive notifications as email alerts, as well as alerts in the console. Through the workbench, we can monitor the console 24/7 with real-time information; there is not much delay.

Trend Vision One has helped us reduce noise from false positives, thanks to the SOAR functionality. We are able to configure automatic responses, and in case any false positives are identified, the Vision One console takes care of them automatically. This helps us reduce a lot of false positives.

Trend Vision One has indeed helped consolidate our use of security vendors and reduce silos. We sometimes get threat notifications from other vendor products, such as Microsoft Cloud App Security, which identifies threats, and we can trace similar traffic from the endpoints in Vision One. This correlation adds more value for our clients.

The most valuable feature of Trend Vision One is response management; when there is a malware issue, we need to isolate the endpoint, which I can do through response management. I can isolate an endpoint, restore the endpoint, and run manual malware scans, which will be very useful when performing malware remediation actions.

In future releases of Trend Vision One, I would like to see improvements regarding role-based access control, as it is important to ensure that when granting admin access to a person, their visibility is limited to only their respective markets. For example, while creating roles for countries like France, Germany, and Italy, they should only manage their own endpoints to maintain privacy and security.

I have been working with Trend Vision One for more than 2 years.

I have not encountered any issues with the stability of Trend Vision One. There have been no problems at all.

Stability is critically important for us with Trend Vision One; it is very stable, providing continuous 24/7 support, and we do not face challenges in accessing services from Trend Micro.

Regarding scalability, Trend Vision One accommodates many endpoints without any challenges, allowing easy expansion of our portfolio.

I would rate the technical support for Trend Vision One a perfect 10 out of 10, as Trend Micro supported us throughout the transition from on-prem servers or other vendors, providing top-notch service at all times.

Positive

Before using Trend Vision One, we were utilizing McAfee, and some of our clients were using Symantec. Currently, most clients have transitioned to Trend Micro.

The decision to switch from McAfee was driven by factors such as high costs and the global presence of organizations. Trend Micro has a more robust global reach and its pricing is very competitive compared to McAfee.

The initial setup of Trend Vision One is not complex; it is straightforward. We had the options in the Trend Vision One console, and we received training from Trend Micro-certified administrators. We had knowledge transfer sessions, and later, we successfully migrated our products from on-prem servers to the cloud. 

We have been using the product for more than 7 to 8 years, and we did not face any challenges during this migration.

We have seen a return on investment with Trend Vision One, primarily in terms of having more confidence in addressing any kind of suspicious activities. Any such activities will be notified to us, allowing us to take action. The return on investment is apparent in managing the endpoints and addressing suspicious activity that might otherwise go unnoticed.

It has saved about 25% to 30% of our time. The risk has been reduced by more than 25% after switching to Trend Vision One.

Its price is very decent. It suits our requirements.

I did evaluate other options, including Microsoft Sentinel, but ultimately, most vendors choose Trend Vision One.

The factors that led us to choose Trend Vision One over Microsoft or other options include costs, and since we already have Microsoft for other protections (like M365 security protection), we opted for protection with a different vendor, rather than the same vendor.

I would rate Trend Vision One a nine out of ten.

TrendAI Vision One provides a platform where everything is consolidated. I started with the proxy and then moved on to the XDR, which TrendAI Vision One provided. We collaborated with them, had POCs for the customer, and they liked it, going ahead with it. The main scenario was to integrate with the cloud security platform since the customer had a hybrid platform and needed one-point access to view the whole infrastructure in one place rather than having different solutions for each cloud and device.

The best feature of TrendAI Vision One that I like the most is the investigation graph, which was the main point demonstrated during the POC. If an attack happens and data is exfiltrated or an attacker finds a backdoor into the system, I need a graph of it rather than going to third-party sources. TrendAI Vision One XDR provides this graph, which helps visualize and make RCA and incident understanding easier, especially when presenting the findings to management.

TrendAI Vision One has greatly reduced my time to detect and respond to threats. After the implementation, I see how it integrates with the SOC team, and the XDR is so consolidated, making it easier for the SOC team to analyze tickets since it does not export logs from different components. The logs from TrendAI Vision One are easy to understand, which has helped me reduce false positives and determine whether they are true or not without checking each system individually, which made my job much easier.

The ability of TrendAI Vision One to provide centralized visibility and management across various protection layers is the best part for me. Many may not appreciate everything under one roof because it creates confusion, but once you get familiar with the dashboard, it becomes easy to navigate. However, it can create confusion because everything is under one roof, showcasing both pros and cons.

Aside from the investigation graph, I find that sometimes when we collect data, the UI seems a bit laggish and is not that interactive during that process. When we extract logs, it can be a bit slow, but everything else is acceptable.

The UI does lag a bit.

The implementation of TrendAI Vision One was not easy; it is not a one-click process. I prefer it for larger organizations that can allocate team resources because the implementation can be complex. Resource utilization is quite high, and there is a scarcity of resources focused on TrendAI Vision One. The availability of troubleshooting guides is not as high as with some other vendors, creating some difficulties, but it is manageable because their support is good. When I open a ticket, they respond quickly.

I have been using TrendAI Vision One for two years in my previous organization, and right now, I am implementing it as a system integrator at our customer location.

Stability-wise, I feel there are times when it is not a stable solution, but I also had another client where it worked smoothly, and I did not have to revisit it often. However, in hybrid setups, I do face multiple issues, but the on-premises platform works quite well.

TrendAI Vision One is scalable. We have deployed it for the maximum users, around two hundred to two hundred fifty, and it handles that well.

For TrendAI Vision One's technical support, I would rate it around seven point five to eight, so let us give it an eight.

Positive

I have worked with SentinelOne and multiple other solutions, and from a user experience perspective, I find SentinelOne to be more convenient compared to TrendAI Vision One. However, for consolidation, the fact that I can find everything under one roof is a plus for TrendAI Vision One, despite my preference for ease of user experience in other products such as SentinelOne.

The implementation of TrendAI Vision One was not easy; it is not a one-click process. I prefer it for larger organizations that can allocate team resources because the implementation can be complex.

In my organization, there are only four TrendAI Vision One specialists, including me.

I would estimate that overall, I have seen approximately a twenty percent return on investment.

I would not say TrendAI Vision One is cheap; I always recommend it for mid-size to large-sized enterprises, not for SMBs, as I have other solutions suited for them. I have never pitched TrendAI Vision One to SMBs because I believe it fits mid-sized to large-sized businesses better.

I have worked with SentinelOne and multiple other solutions, and from a user experience perspective, I find SentinelOne to be more convenient compared to TrendAI Vision One.

I actually believe that it has reduced false positives by more than fifteen to twenty percent.

The switch to TrendAI Vision One did reduce risks significantly. Deploying XDR created a spiderweb effect, monitoring every endpoint and node, which mitigated many attacks and helped prevent some.

The built-in AI is important, and I am currently working on certifications from TrendAI Vision One to better pitch it to AI development companies to demonstrate its benefits. I need hands-on experience with it before I pitch to those companies.

Overall, from implementation to operations, I would rate it a seven.

I do recommend this product; it depends on the case-to-case scenario. If a customer wants everything in a single platform, I recommend TrendAI Vision One without hesitation. Its good support and lack of major issues influence my decision to pitch it to customers looking for a consolidated platform. My overall review rating for TrendAI Vision One is seven.

My use case for the solution is primarily for EDR purposes, but we are also starting to use the CREM.  This technology allows us to see our endpoints within seconds to ensure they are NIST 800-83 compliant.  This technology is critical in today's world as there are many customers requiring this now.  

We have used advanced threat intelligence, and we continue to do so. There is a way to run a threat query to find where a certain item is located. For example, Quick Assist from Microsoft was used a while back to gain access to our environment, and we didn't know it at the time. Of course, we've since locked that down. Now, we can also use that query we created to monitor if someone tries to use it again. I recently saw an attempt to use it, but they couldn't succeed because we have it blocked. It's really good to know these things, and without the available technology, we wouldn’t be able to do this.

Trend Vision One's automation capabilities have helped, for example, with atypical travel. We have a playbook set up. When Trend Vision One finds someone signed on in the United States and then catches them signed on in Africa, it will immediately run a playbook. This will disable that profile and prohibit that person from logging in. That is huge when you consider the possibilities of what could happen if we didn’t have that feature.

Our response time is greatly enhanced because of all the features that Trend Vision One offers. It simplifies things and makes it clear what’s going on inside our environment. With just a click of a button, we can get the information we need. We can mitigate issues very quickly using Trend Vision One. We can isolate endpoints, effectively removing them from the network while still accessing them through the Trend Vision One console. Additionally, we can run malware scans instantly on computers, and there are so many features available that it can be hard to keep track of them sometimes. Overall, Trend Vision One has really helped a lot. When it comes to time savings, I would estimate that our response time has improved by at least 40%.

Using this solution has benefited our business greatly. It keeps me informed of everything happening in our environment. We have site admins at every location with specific admin authority to do certain things. Trend Vision One monitors that, allowing me to validate actions taken by admins. Trend Vision One caught various incidents, and it gives me a clear understanding of our environment and its activities, with quick searches and deeper capabilities.

With Trend Vision One, my favorite feature is the app they provide. You can turn on different features and notifications. The other night I was sitting at supper when the app went off, and I got an alert that was very strange. It turned out to be an event, and we got our cyber team together to mitigate the issue with Trend's IR Teams help, preventing any major problems. That app is a lifesaver.

The dashboard provides extensive information. It gives detailed information regarding endpoints and servers, tracking everything. You can search for things and run threat analysis. There are many features within there, and it's difficult to pinpoint one because all the features work very effectively together.

The centralized management feature contributes to faster decision-making within our security operations, greatly enhancing our response time. With all the features that Trend Vision One offers, it simplifies things. It clarifies what's going on inside your environment; with a click of a button, you can see what's happening and mitigate very fast.

In Trend Vision One, there is always room for improvement. The console is well done, but there might be a bit of improvement needed with the app's capabilities. I know they are constantly working on it, and they have regular Webinars "What's New In Trend Vision One" to share updates and enhancements that are taking place.  

Trend also allows its VIP customers to pretest new features or products and enables us to give feedback on those we test.  This is an incredible benefit to Trend's VIP program.  I do not know of any other product like Trend Micro.

I've been using this solution for quite a while. It was about eight years ago when our company had Trend implemented at every location. We have eleven locations overall. In my opinion, it wasn't managed properly; the situation was quite poor. There were many updates that were needed. I approached management and expressed my desire to take over the project. I said, "I want this. I will do it, fix it, and make it work." Management agreed and gave me the responsibility.

What I did next was take all the servers, fix and upgrade them, and prepare them for migration to one on-site server. After that, we decided to move to the cloud. I gathered everything together and worked with Trend to get all of our endpoints and servers transitioned to the cloud. It's been an ongoing process with Trend, as there is always something that needs to be done.

I rate the stability of Trend Vision One as a ten out of ten.

I would rate the scalability of Trend Vision One as nine out of ten.

It is really good. They even have a feedback system to report suggestions or problems, which are addressed promptly. We also benefit from 24/7 monitoring, and we have direct contacts for technical issues and ongoing weekly support calls.

I would rate them a nine out of ten. There's always room for improvement. Five years ago, I would rate it as a five, but support has significantly improved in availability, responsiveness, and keeping me updated.

We purchased the software through CDW, which used to be called Sirius. That's how we acquired it. I have several contacts at Trend that I can reach out to directly, as I have been working with them for about eight years. They have helped me implement the software directly. I worked with Trend through the entire process. They have a learning platform with videos that break down each product. They show you step-by-step how to implement or use each solution. Trend Micro Service One, monitors our corporation, 24/7/365 support service. We can contact a representative, and they’ll get back to us if we encounter any problems or technical issues in our environment. They’ll even join us on a conference call to help. We also have a weekly call with them, where we can ask questions, and they guide us to the right resources and documentation. It’s really an incredible support package.

It wasn’t complicated to deploy. Now they offer a product called Server and Workload Protection, which is tailored specifically for servers. We're in the process of upgrading our servers to use this product. It’s more focused on server-specific security and functionality. When I used it about five years ago, the process was quite complex. I had problems and issues. Over the years, we moved away from the product — about four years ago — and we’re only now starting to return to it. The changes made in those four years are incredible. It’s like night and day. What used to take me days to deploy to one server now takes about half an hour. Trend is constantly updating, enhancing, and improving how things are done. It’s a continually evolving package. They’re even integrating AI capabilities now, which will greatly enhance what Trend products can do.

The capability of Trend Vision One to be deployed both on-premises and in the cloud has been extremely beneficial to my organization in terms of flexibility and scalability. Being in the cloud eliminates the need for on-prem servers. With several divisions, managing all of those on-prem servers was a nightmare. It was not an option, so I migrated to the cloud, which is a one-stop shop. We have our entire corporation in the cloud, making it easy to see everything without logging onto multiple servers; this saves a lot of time.

The solution itself does require some maintenance. The updates are automatic, so we don't need to manually check. However, some endpoints have to be maintained more carefully, ensuring they are fully updated because missing MS updates can prevent Trend Vision One from working correctly. It's good practice to keep everything up to date, which is crucial for managing over 1,000 endpoints and 200 servers. Trend Vision One allows us to see all software on a person's computer, even outdated web browsers, and it flags potential threats, which is an incredible feature.

In my organization, approximately three people work with Trend Vision One.

In terms of return on investment, I've seen a 100% return. It has paid for itself. Our company went through a ransomware event, and if Trend Vision One's IR Team had not stopped it, that could've closed the company's doors.

Trend Vision One is definitely cost-efficient compared to other solutions. I have seen others that are double or triple the price. I'm surprised Trend Vision One hasn't raised their prices, considering everything offered. Depending on the features selected, cost varies, but overall, endpoint and server security is very reasonable.

Comparing Trend Vision One to other solutions, I've seen other vendors with complicated software requiring extensive training to understand. If software is that hard to learn, I don't find it to be a viable solution. Learning takes weeks or months, potentially creating holes in security instead of securing it.

I would absolutely recommend Trend Vision One to other users because it's cost-efficient and it just works. It tells you what you need to do, alerts you of threats, and informs you about software needing updates. They have an IR team that is exceptional and works on the mitigation and remediation until all issues have been resolved!  Over time, it becomes easier to understand, especially moving from on-prem to cloud deployment; there's no comparison. 

I would rate the solution overall as a ten out of ten.

My use cases for Trend Vision One are typically reactive, letting it scan and monitor our environment, and we typically respond quickly to any workbenches that come up. 

We also try to adapt to the Cyber Risk Index or the security score, keeping that at the lowest amount possible on a weekly or bi-weekly basis as we push out updates and do maintenance.

My favorite features in Trend Vision One include the Cyber Risk Index, which breaks down various pieces of info into one easily digestible score. I appreciate the workbenches. They provide a visual of how they operate for the most part, and I value the in-depth details they offer since we can mostly operate off of that, giving us enough info to crunch and figure out what's happening.

While it's not an actual feature of the application, I appreciate the clinics and seminars that Trend provides, as I went to one last year that got me from zero to beginner, and I hope to advance to intermediate with another seminar series this year.

Trend Vision One helps reduce my mean time to detect and respond to threats as without it, we would be scrambling and confused with not much information to go off of for threat hunting. I'm not sure what we were using previously. As long as I've been here, it's been Trend Vision One, and we're very happy with it. We're hesitant to shop around for any other provider since we think it's a very good product, and we appreciate the speed and breadth of data we receive from it.

I sometimes see noise from false positives with Trend Vision One. One clear instance involved the AI deep fake feature, which would throw up false positives whenever someone had a Teams meeting with a blurred background, leading us to turn it off as it activated for every meeting. Additionally, there were minor false positives throughout the year related to Microsoft update files and certain DLLs, however, they don't clutter Trend Vision One much and have essentially gone away in recent months.

I am very happy with Trend Vision One's platform ability to provide centralized visibility and management across protection layers. The platform extends into various categories, offering oversight over email and even flagging suspicious activities that occur on a server, despite not having a Trend Vision One agent on it. For instance, an admin setting up remote access on that server was flagged as suspicious, and I appreciate the reach that Trend Vision One has across different scattered categories it monitors.

In terms of improving Trend Vision One, it might sound silly, yet it seems notoriously uncooperative with middle clicks and opening sections in new tabs. I'm a big tab browser, and it feels hitting a brick wall when I have to refresh in a new tab or make a copy of a tab to move forward. If we can enable middle clicks to open sections in new tabs, it would greatly benefit me personally.

I've been using Trend Vision One for a few months, approximately eight to ten months at this point.

Regarding stability, I don't think Trend Vision One has ever caused any lagging, crashing, or downtime. There was one situation where we may have misconfigured something, forgetting a checkbox, and Trend Vision One's scheduled scans might have used some CPU resources, however, that's on our end. Besides that, Trend Vision One works exactly as intended and has never hindered our operations, feeling more a collaborator than a roadblock.

I don't think I've encountered any issues with scalability; we're growing steadily, and I believe Trend Vision One can keep up with our demand. Our company has about 200 employees in Canada, and I can foresee that if we doubled in size, Trend Vision One would accommodate that very easily.

I have contacted the technical support before. We're very happy with the technical support from Trend Vision One, feeling we have our own dedicated technician who knows the entire suite of applications. They are very intelligent and responsive, and as we submit feature requests, they seem to make it into the actual list of features in Trend Vision One, so we maintain a good relationship with their technical support and development teams.

Positive

I'm not sure what we were using previously. As long as I've been here, it's been Trend Vision One, and we're very happy with it. We're hesitant to shop around for any other provider as we consider it a very good product.

The experience of first using Trend Vision One is really difficult due to the steep learning curve. Thankfully, I attended a Trend Vision One seminar that got me from zero to beginner, as without that, it involves a lot of guesswork with little grounding to go off of. I really recommend their seminars and tutorials.

I do not know much about the pricing of Trend Vision One. My understanding is it's expensive. We pay for it anyway, and there's always sticker shock. Still, we feel it's necessary as this product covers all our needs.

We're hesitant to shop around for any other provider. Trend Vision One is a very good product, and we appreciate the speed and breadth of data we receive from it.

I'm not sure if I use the cyber risk exposure management capabilities. Trend Vision One requires very little maintenance on my end, mostly just keeping up with refreshing the license, which is about all I hear related to Trend Vision One maintenance.

Some top security challenges in my industry include securing anything exposed to the internet, especially since we were previously hit with ransomware. The ability of Trend Vision One to detect and cut off threats early, clean up files before they execute, and address phishing emails helps us significantly. We also have their email and collaborative security, which is crucial along with having zero-day protections to receive early warnings of threats, allowing us to act immediately outside our maintenance windows.

I'm not completely sure where we use the Trend Vision One sensors, as I didn't set them up. However, we do have a DDI that we paid a lot for, which is one of our biggest data sources and populates much of the information in Trend Vision One. We also have a network sensor at our different location in the United States, which is a temporary holdover until we can upgrade to something more robust.

It's not critical for my company that Trend Vision One has AI built into its platform in terms of needing a language model to explain things, however, AI is actually critical for threat detection and behavioral analysis. That aspect of behavior monitoring and action based on behavior is very important.

Trend Vision One has helped my organization reduce its cyber risk. For instance, even prior to acquiring the DDI, the DDI's presence on our network found a threat actively in progress, and we were able to act on it, demonstrating its effectiveness from day zero.

On a scale from one to ten, I would rate Trend Vision One a nine overall.

We operate as an MSP. Most of my clients are financial institutions, such as one of the largest banks in Pakistan. We primarily serve enterprise-level financial institutions and banks. 

The best features in TrendAI Vision One are the workbench and the XDR feature for the playbooks. We continue to use these two features extensively. 

We also have our own product called SIRP, which is a SOAR platform, and we integrate it with TrendAI Vision One for automations, alert information, auto enrichment, and IOC enrichment. 

We appreciate that TrendAI Vision One provides a good API with actions for our SIRP operations. 

While we did not calculate specific MTTR and MTTD metrics, it has significantly reduced suspicious alerts and benign alerts compared to what we previously experienced.

TrendAI Vision One provides its own MDR services for detection capabilities, similar to CrowdStrike. Their team collaborates effectively with us on response and detection. The solution doesn't require frequent maintenance, and services are not regularly interrupted.

Areas that need improvement in TrendAI Vision One include the AI-based mechanism, AI-based detections, and AI-based autonomous detections, which are currently lacking. Additionally, they need to add more integrations to their playbooks. They should lower the cost for integrations as they charge for each individual integration. TrendAI Vision One does not initially disclose to customers that they need to purchase additional licenses and pay more for integrations. They need to modify their licensing mechanism and improve their AI-based detections.

We have been using TrendAI Vision One for approximately six to seven years. We provide services to different customers on various security controls and security products.

TrendAI Vision One demonstrates strong stability, warranting a rating of seven out of ten.

TrendAI Vision One is scalable. For DMG area operations, they have their own dedicated product available.

I cannot provide detailed feedback about TrendAI Vision One support as we haven't needed to utilize it extensively. The configuration process is straightforward enough that we rarely require support assistance.

Neutral

Most of the enterprise-level clients use CrowdStrike or Cylance. TrendAI Vision One or TrendAI Vision One Apex Central is used by most smaller banks, while bigger banks predominantly use CrowdStrike and Cylance.

In Pakistan and the MENA region, clients prefer on-premises deployment unless cloud services are available. When cloud hosting is located in the US or other countries, Saudi and UAE clients typically opt for on-premises deployment.

Vision One is very easy to deploy. We don't have to do much of anything on that. We just have to deploy the agent, and we have to configure the policy. It's not very complicated.

Regarding pricing, TrendAI Vision One offers very competitive rates compared to CrowdStrike and Cylance. Customers who cannot afford CrowdStrike's pricing can easily opt for TrendAI Vision One.

We are not a partner with Trend Micro; we only provide deployment services. TrendAI Vision One can generate false positives; however, this depends on the whitelisting configuration, particularly in the application control area and IOC whitelisting. The detection mechanism is good, though CrowdStrike performs better in detections and reducing false positives due to its behavioral-based analysis and AI-based features. In comparison with other vendors, CrowdStrike ranks first, followed by Cylance, then TrendAI Vision One. Cylance and TrendAI Vision One can work together effectively.

I would primarily recommend CrowdStrike, and then TrendAI Vision One for customers with budget constraints. CrowdStrike's recent launch of a new AI model and features such as the MDC module for comprehensive log collection provide superior visibility and control compared to TrendAI Vision One.

The overall rating for TrendAI Vision One is seven out of ten.

TrendAI Vision One serves as my use case starting simply with its sensor agent as a basic Endpoint Detection and Response solution. After that, we started using its endpoint protection, and now we are integrated with its NDR solution, which is Network Detection and Response. We are moving forward towards its complete suite.

The best features of TrendAI Vision One that I prefer most are two main ones. One of them is its Attack Surface Discovery, which gives us the overall security posture of our network. The second is its Observed Attack Techniques section, which is mapped on MITRE ATT&CK and gives us an overall view of what is happening in our system and provides us with automatic detections based on the telemetry data.

One area that has room for improvement is the interface of TrendAI Vision One, which is very slow due to its data center being based in America. If the data center were in a nearby location, its response would be very quick. I think just the interface because everything else we can find in TrendAI Vision One such as endpoint protection, D-SIM security, DLP solution, and FIM, so there is nothing left behind.

I have been using TrendAI Vision One for almost two years.

I would rate the stability of TrendAI Vision One as nine because in the last two years, we have never had downtime except for one recent incident when Azure cloud was down, which was from Azure's side, not from Trend Micro. Overall, we have not received any downtime from Trend Micro's end.

TrendAI Vision One is very scalable. We can integrate different solutions with it and perform some type of automation with this solution, so it is very scalable. I would rate it nine.

I would rate the technical support that Trend Micro provides as seven point five. It depends on the functionality we are using. In most cases, the support quickly resolves the issue, and in some cases, they take some time.

Positive

The deployment of TrendAI Vision One is very handy. There are not any complex issues I faced during the deployment, and it is a very quick deployment. The different guides they provide during deployment and for other configurations help us a lot in the overall deployment of the solution. The deployment process took approximately one point five to two months overall. We are working on an enterprise solution, so for each step, we have to do some testing on the configuration and then we do a full deployment. We are still testing its new features and enhancing it, so it is an ongoing process for us.

We are using the sensors of TrendAI Vision One to cover almost seven thousand endpoints. It is covering our enterprise endpoints, and it is very critical to get overall telemetry data from all of the endpoints. It gives us better visibility into what is actually happening on these systems.

The top security challenges I faced in my industry before using TrendAI Vision One were about getting the whole telemetry data, meaning what is actually happening on the system. SIEM solutions only get limited logs, and secondly, we could not calculate our attack surface, which means what is our proper security posture and where we are standing according to our security level.

My impressions of TrendAI Vision One's ability to provide centralized visibility and management across protection layers is that it provides overall very good visibility in the network. It gets integrated with other security solutions, and we can centrally manage it. It can be integrated with our Active Directory, our firewalls, and security solutions for automatic IOCs blocking. In that respect, it is very much better.

Regarding the Cyber Risk Exposure Management, it helps my organization identify blind spots by calculating based on the vulnerabilities identified on our endpoints, the configuration settings on different endpoints, and on the Active Directory level, the number of alerts we are getting from different points. By calculating all of these, it gives us an overall percentage. Based on that, we assess how we are actually standing in terms of our security posture.

The solution has helped consolidate the use of security vendors because we are also using its MDR service for critical and high-level alerts, and it is cloud-based, so we do not usually need any type of vendor support to solve daily issues. If we get anyone, we can directly open a case with TrendAI Vision One, and the issue can be solved within one or two days.

Almost fifty people use the solution. They are all in Pakistan and working on-site.

The Service Gateway Management machine we use in our network requires maintenance on a monthly basis or every one to two months when we get a new update from them. To manage the different types of functionalities it provides, its license is credit-based, so we have to carefully use all of the functionalities provided by TrendAI Vision One. So it requires some type of maintenance as well.

Maintaining TrendAI Vision One is very easy and very handy.

I do not know the exact pricing of TrendAI Vision One, but the type of structure licenses they provide is very useful for us. We purchase overall credits and can use these credits according to our needs. So the structure of licensing is very much better than other vendors.

I chose TrendAI Vision One here in Pakistan because we have their principal support here in Pakistan, and we can directly connect with them and reach out to them. So the main purpose of purchasing TrendAI Vision One was its principal support.

TrendAI Vision One has reduced our time to detect and respond to threats almost sixty-five to seventy percent. We get alerts in real-time on the Observed Attack Techniques section, and for the higher critical alerts, our MDR service from Trend Micro sends us an email alert within approximately thirty minutes, and they also give us a call reminder to respond to that alert. Then it depends on us how we respond to that alert with different teams and come to the solution.

I cannot quantify by how much TrendAI Vision One has reduced our false positives, as we get false positive alerts on a daily basis. But in the high and critical section, we only get the most relevant alerts. In the medium and low sections, there are very false positive alerts and we are working with Trend Micro and our vendor to reduce these observed attack techniques.

I would recommend TrendAI Vision One because it provides many services in a single console, such as Attack Surface Discovery, awareness session, vulnerability, attack simulation, DLP, and many other EDR services, NDR services, and email security gateway. I would recommend this suite as one console can be used for many solutions.

It is very important for us that TrendAI Vision One has AI built into the platform as we are doing a proof of concept for its new technology, which is called ZTSA. The industry is evolving with respect to artificial intelligence, and we have to secure that area from both data leakage and data protection. So it is very important, and we are doing a proof of concept of ZTSA, which is its new feature of TrendAI Vision One.

I rate this review nine overall.

I have experience with TrendAI Vision One, specifically using endpoint security, email security, and all of the modules that are used most commonly.

We mostly install TrendAI Vision One endpoint security in all client organizations, configure everything covering endpoints, servers, emails, and then work on the alerts for them as the need arises.

We are using the sensors that are included in TrendAI Vision One.

TrendAI Vision One has helped me to consolidate my use of security vendors quite a lot. Many of my clients were using different brands of antivirus for the server security and endpoint security, and another product for email security. Because of TrendAI Vision One, they were able to combine all of them in the same console. This reduced a lot of siloed tools.

I am quite impressed by the speed with which the server policy gets deployed. While the endpoint policy takes about 15 minutes to get assigned to the system, server policy is quite quick in that regard.

The coverage of these sensors is quite vast. When compared to other antiviruses, we found that TrendAI Vision One does cover quite a lot of ground.

The endpoint security policy for standard endpoints with TrendAI Vision One takes a lot of time. It would be beneficial if there were DLP features in it, as many customers require that. While TrendAI Vision One's full suite is quite impressive, customers have to find another product for DLP and file monitoring. TrendAI Vision One does have a not fully-fledged DLP in the endpoint security part, and it sometimes hangs up the PC when we apply it.

The alerts could be better because when an alert comes for an email that has been compromised and found on the dark web, we cannot quite find where it got compromised from.

The network part is something that needs to be worked on because most of the time we have to look at the firewall to get the full scenario or coverage.

We have found a lot of performance issues with TrendAI Vision One agents. They are not lightweight. The first time I used TrendAI Vision One, the agent was 500 MB. Now that I am using them, the initial size is 800 MB. Sometimes the CPU utilization is so high that the computer crashes or lags behind. This is a really big concern for everyone using TrendAI Vision One.

TrendAI Vision One is quite a good tool because there are not any issues in scalability. We can easily add more licenses to it and increase our organization security. Scalability-wise, it is good.

I have contacted the technical support or customer support of TrendAI Vision One quite a lot.

The engineers are quite helpful when they respond, but I have found that sometimes the assigned engineer responds to the first query a bit too late. I can see in the portal that the engineer has been assigned to my case, but we have to prompt them to give us a reply because nobody is answering. We have to call TrendAI Vision One support sometimes. Once we start the case, the responses are quite helpful, though we have had to escalate some of the cases quite a lot when customers need it.

Negative

I have not basically used any alternatives to TrendAI Vision One. I have tried CrowdStrike and Symantec. Symantec is so far out of TrendAI Vision One's reach and CrowdStrike, I have not used it much, but it is a bit harder to configure than TrendAI Vision One. I find TrendAI Vision One's UI much easier.

The initial deployment of TrendAI Vision One is quite easy since it is basically a cloud-based app, and you just have to deploy the agent.

If integrating AD with TrendAI Vision One, I am sure only one person would be needed. If you have to deploy and install the agents directly into the systems, at least four to five people are needed if the size of the organization is for 1,000 to 2,000 employees.

It would take one or two months to deploy TrendAI Vision One for a client, but mostly because sometimes things get delayed on the client side.

No maintenance is required on our side for TrendAI Vision One.

I am not into sales, but we have lost a few customers because of the pricing of TrendAI Vision One. They seem to gravitate to Symantec and others because their pricing range is quite less than TrendAI Vision One, and we have lost them because of that.

My review rating for TrendAI Vision One is 9 out of 10.