Trend Vision One Endpoint Security Reviews

We use Trend Micro to build our entire, CI/CD pipeline. In short, I check out the code from my VCS (Version Control System), then I run a static code analysis as the first job in the pipeline.

From that point onward, I can do multiple scans in multiple environments. For example, I can have the code checkout from my Dev environment, run the static code analysis, then I can do a folder scan. I perform the scan in my Dev environment, in the integration environment, and in the UAP environment. These are the multiple scans that you can run and enter on your application.

All the static code analysis is on the application-side, and the rest of the workflows can be triggered in several places throughout the pipeline and on the infrastructure side as well. I can use it to do VAPT (vulnerability assessment and penetration testing) throughout the entire pipeline.

Broadly speaking, it means adopting the DevOps culture of Trend Micro. DevOps culture is well adopted in Trend Micro. It's very comparable to Prisma Cloud. Palo Alto has recently informed me about their Prisma Cloud offering regarding CI/CD deployment.

We develop and deploy the CI/CD pipeline in the free workflow, using various tools like GitLab.

Palo Alto is a big competitor of Trend Micro.

Within our organization, there are roughly 1,000 plus users, using Trend Micro.

We definitely plan on using Trend Micro in the future. They are one of our preferred vendors, along with Forescout.

Forescout handles the initial stages of threat discovery and it integrates with SIEM.

If we are going to continue with Trend Micro as our endpoint security solution, then we need to have a SIEM solution, like IBM QRadar, ArcSight, Forescout, Micro Focus ArcSight.

Trend Micro does region-based scanning — the threats are shown in different regions.

I did some workshops based on tracking zero-day vulnerabilities, etc.

Trend Micro's coverage and scans can be broadened to encompass different types of classified threats based on different parameters.

For example, say I want to filter out all of the threats in The United States. In this case, I will see the US region and I will see the number of threats that are present on my infrastructure. This is referred to as threat intelligence.

When I was in this workshop, the filters always recommend that we start with the region as a first parameter. Once you get into the region (the US region), you might look at the different data centers within the US, then within the different data centers, you can drill down on the folder — on the number of hosts.

The host can then be extracted from the region and the region can be marked red. Red means there are a lot of vulnerabilities in a particular region. If Multiple hosts have multiple vulnerabilities, then the entire region will be marked red. Trend Micro somewhat shows this on their dashboard. In other words, the parameters should be improved, including zero-day filtering.

They should include easy-to-use connectors to make it easier to connect to SIEM. The integration environment has to be available so it can easily connect to SIEM. 

Also, you should be able to perform more scans.

I have been using Trend Micro for two years.

Trend Micro is both scalable and stable.

We are satisfied with the technical support. They are available 24/7.

The initial setup was very straightforward. I did the installation by myself.

Regarding deployment topologies, whether it's on-premises, a hybrid cloud, or a public or private cloud, installation is quite easy. It will be up and running within a couple of hours.

Once we deployed it, we had to connect the console to the dashboard. Once the dashboard was up and running, we could filter out threats by connecting to the Trend Micro Data Security Operations Center, which has a threat intelligence ability that highlights all of the threats. The data comes from the CMDB database and It shows us the CVS4 of each threat.

If you buy Trend Micro, you will also need to purchase a SIEM solution which is often quite expensive.

I would definitely recommend Trend Micro to other potential users.

On a scale from one to ten, I would give Trend Micro a rating of eight.

It serves as a comprehensive solution for antivirus scanning across all endpoints. It facilitates the deployment of the application portal within the access center, ensuring device control for vulnerability protection which enables the implementation of device-blocking measures to enhance security.

It safeguards endpoints by detecting threats like malware or malicious scripts, employing features such as behavior monitoring and machine learning. This includes detecting zero-day attacks and analyzing application behaviors for enhanced security. It delivers excellent products for effectively safeguarding endpoints, utilizing advanced features that enhance protection and mitigate various threats. It is equipped with advanced ransomware detection capabilities through real-time machine learning. 

This detection is not solely reliant on signatures; instead, it incorporates built-in features for proactive identification of ransomware threats, offering an advanced and pre-emptive approach to detection. A single console facilitates cross-layer detection, and access to the central console is necessary for on-premises solutions. In the SaaS-based model, the EDR console serves as the unified interface. 

This single console allows for threat hunting, investigations, incident management, playbook creation, and incident response. It is essential as it provides end-to-end visibility into the entire IT security environment, especially in EDR. However, challenges may arise when dealing with endpoints that contain files lacking signatures or behavior detection capabilities. To address this, a sandboxing solution becomes crucial to analyze and understand the behavior of such files. 

It offers the capability to swiftly deploy updates to endpoints, allowing for the immediate deployment of patches or signature files in response to incidents or attacks. In scenarios with no existing signatures, the support team from the OEM can provide the necessary signatures, and these can be promptly pushed to the Apex One Center. 

Timely updates are crucial for us as they help us maintain security. 

Since transitioning to Apex One, we have observed a notable decrease in viruses and malware. 

Our product now detects threats much faster, leading people to express confidence in the effectiveness of our custom machine-learning capabilities, evident in the significant reduction in detection times. Utilizing an independent cloud has significantly reduced the workload for our staff by eliminating the need to manage hardware, operating systems, and applications. 

Daily tasks such as console endpoint restarts, application protection, and agent communications compliance become more straightforward. The ease of managing these aspects is a notable advantage. 

Moreover, the SaaS solution proves particularly beneficial when customers are unable to provide on-premises infrastructure for applications. Users can effortlessly log in, deploy agents, and manage tasks without the complexities associated with on-premises solutions, which depend on factors like hardware, databases, operating systems, networks, proxies, and other variables.

The standout and highly valuable feature of Apex One is its XDR capability. 

Featuring advanced protection capabilities that dynamically adapt to defend against evolving and emerging threats, Apex One stands out. Detecting ransomware and utilizing machine learning capabilities are crucial features, especially for safeguarding customer environments. 

It stands out as a pioneer in incorporating these features within its antivirus solution. Trend Micro was the first to integrate behavior-based analysis, signatures, and reputation-based detection to enhance protection against ransomware and other threats. 

The learning curve for Apex One is minimal, as it is a straightforward and user-friendly product. The graphical user interface is simple, making it easy to navigate without the need for additional training or complex documentation. 

The terminology and features are presented in a common and basic language, ensuring that anyone can comprehend and work with the product easily. 

Administering it is also a straightforward process. It offers virtual patching capabilities to safeguard against significant vulnerabilities. This involves an active signature-based approach to virtual patching. 

The added value that managed XDR brings to our Apex One deployment is significant.

There is room for improvement in the reporting aspect. Custom-level reporting is crucial for in-depth analysis and its significance is evident in the effectiveness of managing and prospecting products.

I have been working with it for fifteen years.

In terms of stability, Apex has proven to be a reliable product with no reported downtime requirements. In my experience, I haven't encountered any significant challenges. The only instances of the console being down were typically related to database issues, such as log saturation or routine database maintenance.

It's a scalable solution with good performance.

The support has been challenging, particularly when utilizing bots during customer calls, as it often results in ineffective solutions. The primary issue revolves around prolonged resolution times. Even with ongoing follow-ups, cases remain unresolved within the anticipated timeline. The consistent request for logs implies that multiple submissions may be necessary for a potential solution or resolution. Enhancements in specific areas are required to improve the overall support process. I would rate it seven out of ten.

Neutral

Deploying the on-premises solution is a seamless process, especially when dealing with the application components. Apex One or Apex Central is the management console, with Apex One managing antivirus consoles, groups, and parts. Policies can be efficiently pushed through Apex Central. The agent itself is equipped with XDR capabilities for on-premises solutions. Conversely, an additional service installation on endpoints is necessary for cloud-based implementations. The deployment process is relatively quick, typically taking around half an hour

Opting for cloud solutions can provide a more cost-effective and efficient alternative, with fewer dependencies on physical setups and unexpected costs associated with on-premises tasks.

Integration capabilities exist for Trend Micro with its own suite of security products, allowing seamless collaboration. However, integration with Apex One may not be supported regarding other security products from different vendors or OEMs, such as Central One, CrowdStrike, or Palo Alto. Overall, I rate it nine out of ten.

We use Trend Micro Apex One to monitor our security environment. 

Apex One helps us defend our endpoints against threats such as malware, ransomware, and malicious scripts. We have configured Apex One to send us alerts so that we can take remedial action.

Apex One has advanced protection capabilities that adapt to protect against unknown and stealthy threats. These advanced protection capabilities are important because most targets are end users who are not well-informed and make mistakes that can end up compromising our entire environment.

It uses its runtime machine learning capabilities to detect ransomware attacks.

They provide a single console for cross-layer detection, threat hunting, and investigations. I find the single console very useful because it eliminates the need to log in to multiple consoles to view different security layers, such as Mail Security. For example, I can see all of my security information in one place, without having to log in and out of different consoles.

The single console provides end-to-end visibility into our entire IT security environment, which has helped to reduce our response time. We configured the alerting and have dealt with a lot of false positives since there are often a few false positives among security alerts. The solution is also capable of performing remedial actions without requiring me to actively monitor it. For example, I am working towards the mole, and there is no one in the office monitoring it because we do not have 24/7 monitoring. We have configured the solution so that I will be notified whenever there are alerts, and the solution will take action from the cloud.

Apex One integrates well with all our security products. 

I'm more technically inclined. When I joined my current company, I had never used Apex One before, but I've been able to navigate it easily since then. We have some reading materials, but the best thing about Apex One is that it provides recommendations, just like Microsoft Sentinel. This makes it easy to learn. If I'm not sure about something, I can go to the Learning Hub and watch videos on how to do it, in case there's something I don't understand.

The difficulty level of administering Apex One is reasonable. Many features are self-explanatory. For example, if we click on an alert, it provides a recommendation of what to do. Therefore, learning to use Apex One is not difficult. In general, all these security products are not difficult to use. For example, I have never used QRadar, but I believe it would not be difficult because I have used similar products in the past. All these products have many similarities.

We have seen a reduction in viruses and malware since we implemented Apex One. Occasionally, when I review tickets or attend SecOps meetings, I only see a presentation of what has been detected. However, I can confidently state that the number of incidents has decreased significantly, as we have not had many since I joined the company.

Apex One as SaaS has helped reduce our staff's workload by deploying endpoints in the cloud. We do not need to monitor our environment all day.

I believe the managed XDR adds value to our Apex One deployment. 

Vulnerability management is a valuable feature that I enjoy. I also enjoy having a single platform.

Apex One's threat and vulnerability management has room for improvement.

I have been using Trend Micro Apex One for one year.

I would rate the stability of Trend Micro Apex One as eight out of ten.

I would rate the scalability of Trend Micro Apex One as eight out of ten. We are currently looking into increasing our usage.

Technical support is excellent. We have an account manager who is always available to help us when we have a problem, regardless of the time zone difference.

Neutral

In my previous organization, I used CrowdStrike. The single platform offered by Trend Micro Apex One is an advantage.

I would rate Trend Micro Apex One eight out of ten.

Apex One provides virtual patching to protect against vulnerabilities, but we don't use the feature because we are already using Qualys Patch Management.

We have 20 people who use Apex One within our organization, including 10 administrators.

I primarily use the solution for endpoint protection. 

It's made it easier for us to monitor the security environment in general.

The DLP functionality is very good. It helps us effectively defend endpoints against threats such as malware or malicious scripts.

The solution offers advanced protection capabilities that adapt to protect against unknown and new threats. This is very important for me. 

Apex One provides us with a single console for cross-layer detection issues, threat hunting, and investigation. It helps me with monitoring and makes it easier. 

The learning curve is okay. It's not too hard to learn. The learning materials are helpful. I found the documentation very useful.

It's not difficult to administer Apex One. That said, you do need to have a person that has a technical background to administer it.

It doesn't take a long time to update from old to new versions. 

I've found that it isn't long before you realize the benefits of Apex One.

We haven't had any viruses or malware since moving to Apex One. 

The product has reduced the amount of time spent administering our security environment. We've reduced the time spent by about 10%.

It takes time to update when I update the security patch. I'd like updates to take less time. 

The cost could be improved. If it was cheaper it would be better.

I have no notes on what extra features could be added. 

I've used the solution for four or five months.

The stability is good. I am satisfied with the level of reliability.

We are able to increase its capacity and functionalities. We may increase usage in the future.

I do not have experience with technical support. I never called them.

I did not previously use a different solution. 

The solution is easy to implement. It took about three hours to implement it.

My team of maybe two or three people were able to handle the deployment. We have three people who can handle maintenance as well. 

Everything for the deployment was handled in-house.

The solution is expensive. 

The price is fixed. There are no additional costs.

I'm a customer and end-user. I am using the latest version of the solution. 

We do not utilize its ZDR services right now. 

My understanding is the solution offers virtual patching. I'm not sure if I've used it on my system or not. 

I'd rate the solution nine out of ten. I'm satisfied with the service of Apex One. It's easy to monitor.

We're using Apex One for data protection. It's an excellent solution because of its machine learning and other features.

Apex One delivers some components we use that aren't available in other solutions. We've seen a reduction in viruses and malware since switching to Apex One. I would estimate that the number of incidents has been reduced by about 25 percent. 

We use Apex One as a service, with a few licenses in the cloud. When it's deployed on-prem, you need to maintain a physical site and deploy it within the environment. It's easier to manage on the cloud. I had no problems implementing policies on the application. It reduced the workload by about 50 percent. It saves some money because you do not need to maintain internal infrastructure. It can reduce your spending on Cisco hardware. 

I like Apex One's DLP capabilities. You can scan and control data leakage on the user system level. Our previous solution would look at things from the user desktop level, and you had to have an agent deployed to collect that. The solution offers different levels of protection that you can invest in. 

For example, you can implement Deep Security, which provides more advanced protection for your assets. If you are working in an industry like finance or health care, you need to secure critical user data on the servers. Apex One's ML-driven ransomware protection capabilities are critical these days.

Apex One provides a central server for monitoring. You can monitor activities, issues, and compliance. From the dashboard, you can see the number of systems experiencing alerts or find other system information. Having a single console for monitoring is essential because it's difficult to monitor on-premise systems one by one. I have integrated Apex One with QRadar. 

The ease of use varies depending on the person, but you can usually learn how to do it by going to the Internet to find out how. I wasn't familiar with the solution when I started, but I could figure it out by using Google. 

Apex One could improve endpoint patching. For example, Kaspersky can download Microsoft updates and install them. Having that feature in the cloud application would help a lot.

I have used Trend Micro ApexOne for three years.

Apex One is stable. 

The SaaS version of Apex One is scalable and can increase with demand if you have the licenses. If you're using the on-prem solution, you may need to purchase some additional hardware sources. 

I hardly use Trend Micro's technical support because I haven't faced any major issues. When we were using another solution, we had some challenges with support. Trend Micro is a little more responsive. 

We were previously using Symantec antivirus but switched to Apex One because we were looking for a solution that also offered DLP. Symantec has limited DLP capabilities. With Apex One, you can also implement the DLP tool at the client level as well as the endpoint.

Deploying Apex One was reasonably straightforward and took almost a month because we had to deploy it across multiple locations. Three or four engineers are enough to handle the deployment if you have any kind of organizational access and data purposes.

First, we had to identify and prioritize our assets. We did some testing on the low-level assets to analyze the solution's impact and adjust the policies. Some things might be inappropriately blocked. We deploy for a limited number of applications first to ensure they're running smoothly. After we install the antivirus, our full schedule is used for the other applications or on servers and production only.

Apex One is a bit expensive, but the additional AWS costs are limited. It's competitive compared to other solutions in the market.  It's a good price for the functionality that it provides.

We evaluated Kaspersky and CrowdStrike. The other solutions were too expensive. 

I rate Trend Micro Apex One eight out of 10. I would recommend it. 

We utilize Trend Micro Apex One for our endpoint security needs. This solution incorporates machine-learning capabilities that assist us in monitoring and preventing attacks.

Trend Micro Apex One effectively safeguards our endpoints against threats like malware and malicious scripts, provided that we accurately define our policies.

The advanced protection capabilities of Trend Micro Apex One, which adapt to safeguard against unknown and stealthy threats, are commendable. The solution scans our system and generates a repository that it can subsequently cross-reference when an unfamiliar application attempts to access or install a file on our system, thereby restricting access.

It is important for our organization that the runtime machine learning capabilities of Trend Micro Apex One can assist our organization in defending against ransomware, especially when we activate the behavior monitoring feature.

It is important that Trend Micro Apex One offers a single console for us to investigate threats.

Trend Micro Apex One is easy to learn. Additionally, there are numerous helpful training videos available online, along with a support site designed to assist with any issues.

Administering Apex One is easy through its user-friendly console.

Apex One has nearly all the features necessary to safeguard us from malicious or viral attacks. The solution incorporates proactive machine learning, web application capabilities, and real-time scanning features. Furthermore, we have the capability to install this agent on our server. Apex One encompasses a wide range of options that allow us to create policies on our server.

Apex One has helped reduce the number of viral attacks in comparison to our previous solution.

The deployment of the services endpoint in the cloud has helped to decrease our employees' workloads by 30 percent.

Apex One has reduced our administrative overhead by 30 percent.

Trend Micro's managed XDR service, in conjunction with Apex One, adds value by offering visibility into our environment.

The most valuable features are web application features and real-time scans.

The support is slow and has room for improvement.

I have been using Trend Micro Apex One for almost two years.

It is stable.

Trend Micro Apex One is scalable.

The technical support is not consistent and can take time to resolve our issues.

Neutral

Previously we used Symantec Endpoint Security and switched to Trend Micro Apex One because we were not receiving sufficient support from Symantec Endpoint Security after its acquisition by Broadcom.

The implementation was completed through a third-party partner.

We evaluated CrowdStrike and two other solutions.

I would rate Trend Micro Apex One eight out of ten.

I recommend Trend Micro Apex One for endpoint security.

I have learned that there are features that assist administrators in granting access to specific servers by adding a MAC address and creating a policy.

We use it for many use cases, such as servers, clients, laptops, end-users, servers, and endpoints.

It's easy to use and used to be a very good solution a few months ago. However, we recently did an intrusion test, which didn't work as expected. So now we're very disappointed with it.

There is room for improvement in the behavior filtering and control of Trend Micro. Currently, this feature is not functioning correctly, which is evident in the behavioral backset basset on signatures like visors, but the behavior filtering is not working properly and needs to be improved.

I have been using this solution for five years now.

There are no issues in performance. It is a stable solution, and I would rate the stability a seven out of ten.

It is a scalable solution, and I would rate it a seven out of ten.

The customer service team is very good. It is very responsive and knowledgeable.

Positive

The initial setup is very easy. The deployment was very fast.

You do not need an expert to set up the solution, and you can deploy it yourself.

We use a yearly subscription, and it is expensive.

Overall, I would rate the solution a seven out of ten. There are some issues with the behavior filtering functionality.

We are using Trend Micro Apex One for security.

Trend Micro Apex One is good at detecting zero-day threats. When the solution was in operation I did not notice any system performance problems. Upgrades of the solution were simple to do and there are plenty of features.

Trend Micro Apex One can be at times heavy on resources, but I did not notice any difference as an end-user.

If certain alerts could be translated into day-to-day English with some action plans, a few points, what to do, and how to do it, that would help me personally as IT Manager. They have some recommendations regarding the vulnerability of the endpoint. They take you to some very technical information and if you are not a security engineer or security-trained you might not understand what they're talking about. We are a small company and it would benefit if things were explained better, we cannot afford a dedicated Trend Micro Apex One engineer.

I have been using Trend Micro Apex One for approximately eight years.

The solution has been stable. We have not had any problems with ransomware or anything else.

We are a small company and I am not sure how scalable it is. It has worked fine in our usage.

We have approximately 200 endpoints.

I have not contacted the support from Trend Micro. 

We have used other solutions in the past, such as Kaspersky, but we currently are migrating to a Microsoft solution. Since we use many Microsoft solutions and wanted to consolidate the organization it seemed like the natural thing to do to move from Trend Micro Apex One to Microsoft.

The installation of Trend Micro Apex One is straightforward. Once we added the endpoints to the console the installation was not problematic in any way.

I would rate the migration and implementation of Trend Micro Apex One a five out of five.

We receive weekly maintenance reports. If we receive any report of something causing issues for us here in the IT department, we look into the issue, but I do not remember the last time we had any alerts.

The pricing of Trend Micro Apex One was reasonable. There is a license required to use the solution and we have upgraded the solution to include some additional features, such as XDR.

When evaluating Trend Micro Apex One and Microsoft Defender I didn't find any major differences. The benefit of Microsoft Defender is it is well integrated with Azure, Intune, and other Microsoft solutions. Trend Micro is not as straightforward where everything is in place.

I didn't have any hands-on experience with another system to compare the metrics too. However, I have found the solution to work well.

Trend Micro Apex One gives you a lot of features. You will make good use of it if you have somebody who can attend to the dashboards and do deep security scans. In larger organizations, you would have somebody dedicated and well-trained to oversee the solution. It is important and an advantage to have somebody well-trained and who can receive the value from the information they are able to provide. Otherwise, it will be similar to what we are doing. The solution is sitting on the endpoint, and we are happy that we are not being infected. 

I rate Trend Micro Apex One an eight out of ten.