Try our new research platform with insights from 80,000+ expert users

Tanium vs Trend Vision One comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Tanium
Ranking in Endpoint Detection and Response (EDR)
27th
Average Rating
7.4
Reviews Sentiment
6.5
Number of Reviews
16
Ranking in other categories
Server Monitoring (9th), Vulnerability Management (26th), Endpoint Protection Platform (EPP) (37th)
Trend Vision One
Ranking in Endpoint Detection and Response (EDR)
4th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
69
Ranking in other categories
Network Detection and Response (NDR) (3rd), Extended Detection and Response (XDR) (5th), Attack Surface Management (ASM) (2nd), AI-Powered Cybersecurity Platforms (3rd)
 

Mindshare comparison

As of March 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Tanium is 2.4%, up from 2.3% compared to the previous year. The mindshare of Trend Vision One is 2.9%, down from 3.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR)
 

Featured Reviews

Mo Vermeiren - PeerSpot reviewer
Is able to make several campaigns work in parallel, but the user interface needs improvement
It's mainly used by the cybersecurity team for Windows patching and deployment of some software solutions I like the fact that you can create patching campaigns depending on the area of your network that you want to address first. I like the ability it has to make several campaigns that work in…
DavidBowman - PeerSpot reviewer
It improves the detection speed, but it could be more customizable
They need to stop changing Vision One once a week. They're in a hurry to change things so badly and so fast that I can't find where stuff is half the time, which is a challenge sometimes. I've given one piece of feedback to their product guys. One thing that they're trying to make is a SIEM. It's a product where you input all the logs from your tools, and it creates additional insights into how things look. They've been kind of playing the "me too" game on that, even though that's not what I bought the product for. They have a new gateway where I can take my firewall of email logs and send it over there. In theory, it's supposed to do a more comprehensive evaluation of all my stuff to improve that risk index score. I'm not impressed with it, and I've told them as much. I feel if you're good at something, you should keep working on that and not try to be all the things to all the people. I bought a different email solution even though it would have been 10 times easier to just stay with their email solution because they aren't great at it. They are great at other things, but they're playing the "me too" game with some of their products. Their competitors do this, so they should be doing this, too. They need to pick a product and keep being good at that. If they're going to roll new things out, they should do it but do it right. They have a button to isolate an endpoint because it looks bad, but it doesn't usually work. I've had no chance to argue with the product guys to show them examples of how their button doesn't work. You think it does, but it doesn't work in a real environment. That can be a challenge sometimes. I can see in the data showing what is a false positive. But it doesn't save me time helping them figure out how to fix the problem in their engine. It can help me identify it as a false positive, but it doesn't apply that consistently. It will ignore the false positive for that device, but if they start detecting a false positive on Apple devices, I have eight thousand Apple devices and get 8,000 alerts. I can tell that specific false positive, but it doesn't learn from that particularly well. We use the executive dashboards, but I don't find them particularly useful. One is the ability to customize. That has gotten a little better, and it'll be better in the future. Most of what they have on there are data points that are generic and not particularly actionable. That's why it's called an executive dashboard. Executives want to see if we are secure, but it's hard for me to find out why our attack surface risk went down by x percentage. I don't know. It says that on the dashboard, but it doesn't give me specific details about why. I find it confuses my executives, and it's not useful for me because it doesn't give me things to work on. It will give me generic things on the executive dashboard like you have a thousand accounts with an old password. Those are big generic things, but I also can't tell it that our password policy is different from what your automatic detection model means, and I don't have a problem with that, so quit lowering my risk score. The risk score is useless. In theory, it's based on the random intelligence they're getting from their various customers. I'm in K-12 education, so they have a decent amount of K-12 customers, but it's a subset, and the baseline of what's common in K-12 education is not the same. There's not enough data to make that particularly clean or useful. Vision One is not custom, and that's part of my beef. That index score is based on whatever random report they're looking at from their data sources at any given moment in time. It's nice, but I'd rather have one that's based on your particular circumstances. Instead, it's saying that the number one attack threat surface for school districts is email phishing. It's too generic.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like the fact that you can create patching campaigns depending on the area of your network that you want to address first. I like the ability it has to make several campaigns that work in parallel."
"I would say Tanium is the best tool for vulnerability management."
"The solution is scalable and helps to understand how infrastructure works. It helps to improve the health of the organization."
"The most valuable features of this solution are the consolidation of all historical data on device endpoints, security drivers, firmware, and Software version gaps."
"I'm not so familiar with the tool but I like the interaction of the console to the picture. Patching is the primary model I have been focusing on for the last couple of weeks. So I have created a proof of concept environment and have been checking the available features."
"Tanium has made the process of detecting threats more proactive with its detection. So, the process is easier and more efficient."
"When I push a quick update, it's done right away, and I can rescan immediately to confirm completion within minutes."
"When I push a quick update, it's done right away, and I can rescan immediately to confirm completion within minutes."
"The most important features of Vision One include visibility, AI integration, attack pattern analysis, predictive analytics, and centralized visibility and management across protection layers."
"Trend Micro can integrate third-party tools, such as Fortinet, Cisco, or any other vendor's firewall, to get the logs and alerts from them. Vision One is much more capable in that way."
"They were one of the companies, early on, that spent a lot of time integrating their toolsets, and I was really impressed with that... the endpoint management system could reach out to the Deep Discovery system on the network and pick up something that it perceived as a suspicious object."
"It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
"The zero-day vulnerability is valuable."
"We had previously deployed on-premises, and all we had to do was access the designated console and click a button to migrate all on-premises agents to cloud agents."
"For our day-to-day use cases, the correlation and attribution of different alerts are valuable. It is sort of an SIEM, but it is intelligent enough to run the queries and intentionally detect and prioritize attacks for you. At the end of the day, it is different data that you see. It correlates data for you and makes it meaningful. You can see that someone got an email and clicked a link. That link downloaded, for example, malware into the memory of the machine. From there, you can see that they started moving laterally to your environment. I quite like it because it gives visibility, so Workbench is what we use every day"
"It is a stable product. It works very well."
 

Cons

"Any movement into a SaaS solution has challenges since the processes and data flows are not well defined. Hence, you need to build it at the same time."
"They could improve the UI."
"I would like to have more integrations and custom plugins to input. Integration is always a big deal in a lot of different environments."
"When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, create bundles, and then perform the task."
"Tanium’s scalability could be improved."
"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."
"The solution needs to improve the reporting and tracking capabilities."
"The solution can give a lot of false positives."
"It should integrate with more tools. There are a lot of tools that can do the PTP dump."
"The agent system is very slow, it needs to improve its performance."
"I would like Trend Vision One to incorporate more AI."
"Trend Micro doesn't have the next-generation firewall."
"We've received some mild complaints that the documentation is sometimes not up to date."
"They need to stop changing Vision One once a week. They're in a hurry to change things so badly and so fast that I can't find where stuff is half the time, which is a challenge sometimes."
"Currently, there is nothing specific that needs improvement. Their support is very cooperative, and they provide an educational portal for learning the solution. However, deployment could improve by considering customer environments that are not fully updated."
"Trend Vision One has some usability issues."
 

Pricing and Cost Advice

"The solution offers value for money."
"It is higher than some competitors in the market."
"The solution is expensive but it's a good investment."
"The product's pricing differs from region to region depending on negotiations and the number of endpoints."
"It's an expensive solution. It would be nice if the cost were lower."
"There is an annual license required to use this solution."
"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."
"The pricing is fair and not on the higher side."
"The pricing is fair compared to other solutions."
"It is definitely not cheap. I do believe you get what you pay for to some degree. It is cost-effective."
"The price is reasonable. It's not exorbitant. CrowdStrike and other players are on the higher side."
"The price for Trend Vision One is reasonable compared to Microsoft and Symantec."
"I find it to be a cost-efficient platform."
"It's relatively well-priced."
"Trend Micro XDR is expensive."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
842,296 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
17%
Government
13%
Computer Software Company
10%
Manufacturing Company
8%
Educational Organization
24%
Computer Software Company
18%
Financial Services Firm
5%
Healthcare Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Tanium?
Tanium’s linear-chain architecture is valuable.
What needs improvement with Tanium?
When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, creat...
What is your primary use case for Tanium?
We primarily use Tanium for patching, focusing on vulnerabilities. Our major goal with Tanium is to patch based on vulnerabilities detected by our other vulnerability tools.
What do you like most about Trend Micro XDR?
I appreciate the value of real-time activity monitoring.
What is your experience regarding pricing and costs for Trend Micro XDR?
It is very good. The flexibility to temporarily exceed license limits when setting up new devices is helpful, as it allows us to ensure security before purchasing additional licenses.
What needs improvement with Trend Micro XDR?
Improving the user interface would be helpful—it can be confusing, especially if you do not use it daily. We do not see a need for additional features. The tool has so many capabilities that it can...
 

Also Known As

No data available
Trend Micro XDR, Trend Micro XDR for Users, Trend Vision One - XDR for Networks
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life
Panasonic North America, Decathlon, Fischer Homes, Banijay Benelux, Unigel, DHR Health,
Find out what your peers are saying about Tanium vs. Trend Vision One and other solutions. Updated: March 2025.
842,296 professionals have used our research since 2012.