Trend Vision One Reviews

I use Trend Vision One for banking, retail, and government clients. We sell it with other technologies. It provides more sources for alerts and visibility into threats and vulnerabilities. We have all Trend Micro's modules, including full asset protection, EPS, IDS, endpoint protection, and email security.

Vision One has reduced our detection time by approximately 30 percent, enabling us to use our human resources more effectively. The solution has allowed us to consolidate 90 percent of security tools across hybrid environments, improving our operational efficiency. We've reduced our administration and management tasks by half.  Vision One has also decreased our risk.

The most critical feature of Vision One is that it gives us a single console for threat management. The organizational view simplifies management and improves visibility, helping us identify areas for action. The solution is intuitive and easy to manage. 

The solution's ransomware protection with runtime machine-learning capabilities gives us peace of mind. We also get total protection and fewer false positives than in other solutions we sell. Vision One integrates well with our other security products.

Vision One could improve its area networking and email security.

I have been using the solution for around three years.

Trend Vision One is stable.

Positive

We have not previously used a tool like Trend Vision One, but we have used individual tools for various functions, such as EDR and EPS. For example, we used Vicarius and Ivanti for virtual patching and other tools by Palo Alto, CrowdStrike, Sophos, and Kaspersky. Trend Micro consolidates all these features into one platform, so that's one advantage it offers. 

Setting up Vision One was straightforward. 

I rate Trend Vision One nine out of 10. 

The reason we invested in Trend Micro XDR was to consolidate security operations and monitoring. On top of that, we invested in their managed detection and response service, which they can provide on top of the ETA service, which makes our lives easier. You can say that with it, we need fewer hands.

We're able to gather a more simple view of what was going on in our infrastructure. Before this solution, we used a SIEM system. Trend Micro XDR made monitoring more simple, and we trusted them as a security partner.

It definitely has improved our visibility of all of our ongoing items in the infrastructure. We can get a good overview of what's going on across our network and what our security looks like.  

Having everything under one management console and having them monitored from one place is the most beneficial.

It saves time and we do not have to invest in a lot of products to meet all of our use case needs.

It's quite simple to monitor everything under one console. It makes life simpler for our operations team. 

We have the solution everywhere, including email, network, endpoints, and cloud. This is important to have this coverage. As a former incident response analyst, having visibility everywhere is really important. Having everything correlated into one place increases visibility.

We have centralized visibility and management across our production layers. They are also improving that from month to month. It's important for us. In security operations, the fewer places you need to go to have a look around, the easier it is. Back in the day, we had to open ten different consoles. Now we just open one. 

The most important thing for us as a customer is that we can spend more time in other places as it's simpler to have that overview. We have much more time for other tasks. 

We use the solution's executive dashboards. We like that we can drill down from the dashboards into XDR detections. It helps the C-suite understand. However, it also helps us drill down by allowing us to choose which views we want. 

We have a trial version of the Risk Index. We have a daily look at it and it gives a nice overview of our vulnerability management and what the attack surface looks like. It helps us prioritize our daily tasks. 

The Managed XDR service was great. It helped quite a lot. We had to get used to working with them and they with us, however, now it's quite an easy task and the advisory and alerts we get from them have been helpful. The availability to work on other tasks has helped us improve in other areas. It's positively affected our business. Having this product means that we are improving in a lot of different areas that we also need to focus on. They can do the monitoring better than we can do it ourselves. We don't have the manpower to do it on our own so it helps a lot to have them help with management.

We use the Attack Surface Risk Management capabilities, which are also in the trial period. It's absolutely helped us to identify blind spots in our environment. It made us realize that, for example, users were using their work email for private services such as Netflix or other services that, if they had a data breach, would be an issue. With this, we can reach out to those users and explain to them how to act on the Internet, not to use your work email for private services, et cetera.

It's helped decrease our time to detect and respond to threats. It's likely 80% faster now. It's also helped us reduce the time we spend investigating false positive alerts. They do a lot of the initial work for us and come back with the actions we need to do on our part (if any). It's helped us reduce false positive investigations by 50%.

We're using some of the automation capabilities of XDR. It's helped us save time. At the moment, it's likely helped us save 20% of the time we'd normally spend on manual processes. 

They should increase their potential for third-party integrations. We'd like to see integrations with other IT security vendors that are not currently there. 

I'd like to see central management of all products.

I've been using the solution since it came out, essentially. I've been working with it for eight or nine years.

The solution is quite stable. 

We don't have branch offices, however we have 2200 clients and 800 servers. 

It is easy to scale if you are a bigger organization. We do plan to scale further in the future. 

We have Service One, which includes three-year support. It is 24/7/365 support and they are quite good. 

Positive

Before Trend Micro, we used Splunk. The use case and monitoring were easier with Trend Micro. We found it easier to fulfill our needs using Trend Micro. 

I was involved in the deployment process. Some of it was quite complex. Unfortunately, we had an on-prem environment that wasn't well taken care of. The migration was hard, however, that was more our fault. It could be easier to migrate, however. 

It took us about nine months to fully deploy. 

We already had some products in the cloud, however, we needed to migrate all of our endpoints. The on-premise agent needed to be placed in the cloud and we had some problems as some clients did not have an opening to the internet, et cera. There was some preparation we needed to do. We needed to do some upgrading before migrating. 

There were two to four people performing the implementation. 

The solution requires maintenance and we have a person that manages that. 

We had help from Trend Micro professional services. 

We have noted an ROI. Having them monitor our IT solutions allowed us to have fewer people on the team. It's saved us in man hours. 

The solution is affordable. You do need to pay additional fees for some of the functionalities.

We also evaluated Microsoft's solutions. 

I'm a customer and end-user.

We realized the benefits of the solution pretty fast - within a couple of weeks. We knew the benefits beforehand which is why we chose Trend Micro. The possibility of having the solution monitored by the vendor itself was quite helpful. 

I'd rate the solution nine out of ten. 

I would advise others to prepare your needs beforehand. If you know those, you will know Trend Micros is the right fit for you. It's great. If there's a problem with central management or monitoring, Trend Micros is quite useful. 

We use Trend Micro XDR for endpoint detection, endpoint user protection, and virtual security.

We have deployed Trend Micro XDR across our entire environment, which is important for our organization's threat detection capabilities.

We use Trend Vision One to monitor our environment 24/7. Centralized visibility is very important to me and my management. In addition, management wants to see centralized dashboarding. This is very important.

The centralized visibility and management across our protection layers have improved our efficiency.

The executive dashboard is important to our organization. I use the dashboard each morning and evening.

Trend Micro XDR has helped our organization improve its defenses against external and internal threats.

The Managed XDR service has positively affected our team's workload by providing 24/7 monitoring. This has saved our team 20 percent of their time to focus on other tasks.

The time to detect is under one minute.

The proactive approach is the best feature. When Trend Micro XDR detects a virus in our system, it stops it and secures our branches.

The centralized dashboard has room for improvement.

I have been using Trend Micro XDR for almost two years.

Trend Micro XDR is stable.

Trend Micro XDR is scalable.

The technical support is good. We receive a response within ten minutes.

Positive

We switched to Trend Micro XDR from Kaspersky because it is a better product and we have not faced any issues.

The deployment took one week and required a few people to complete.

Trend Micro XDR is expensive.

I would rate Trend Micro XDR ten out of ten.

We have over 100 Trend Micro XDR users.

We had a SIEM in place, but we wanted to do some behavioral analysis of the files that are getting deployed. We wanted to check to ensure that it was nothing with the external registration side. We needed an EDR solution for checking and monitoring everything deployed on this target machine or our host machine site. It will check and detect if any malicious files are there or not. We are getting alerts related to that kind of thing. So we used to check those alerts on the XDR, and we used to, like, do the incident and response to that kind of thing there.

If you have a SIEM in place, you will only get the network logs. XDR gives you more control over what files are getting deployed, how they are being executed, and how they can potentially harm your system. XDR doesn't work like a normal antivirus solution, which uses signatures to detect and block threats. XDR detects based on behavioral analysis and blocks most things.

It reduces the investigation time because it gives you everything, including how the file was executed, which processes it called, the file name, the stemming, and the time. When we have the endpoint name, we can reach out directly to the endpoint owners and communicate with them regarding those alerts.

I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed.

It's a SaaS solution that covers endpoints, email, and cloud. We have agents installed wherever data is being pushed, so it used to give us a payload. Cloud functionality is one of the most critical things because we don't generally have visibility for cloud applications. Once we install the agents, we gain visibility into all the things integrated on the cloud or any SSH attempts.

XDR offers visibility across layers. This is critical when you want to implement some policies and apply exclusions for particular parts of the system that should not get scanned. It's easy to implement those things. Let's say you want to deploy policies for multiple systems. Using Apex Central, you can directly push the policy to various systems and cover the logs of several systems at a time. 

Sometimes, there are some false positives. For example, once a user had a file in their system named recovery.txt. The solution was flagging that as a ransom note, so we were confused. It isn't that serious, but it should be improved. 

Also, XDR should improve its coverage of the latest IOCs. Their suspicious object management works, but the coverage should be improved. It will take one or two months to get those things covered. XDR will detect on a behavioral basis, but these databases will not get updated daily like some other solutions. If you're dealing with new ransomware or malware, it may take around a month before it's covered by Trend Micro. 

I have used XDR for two years.

Trend Micro XDR is stable. We've never had downtime. 

Trend Micro XDR is scalable if you can pay more for licenses. 

I rate Trend Micro support seven out of 10. Their technical support is good. They reply regarding your cases. However, if you don't reply to them properly, they may close your case if you are not reviewing that kind of thing. 

Neutral

 I previously used Crowdstrike, which is an MDR, so it was totally managed by the Crowdstrike team. They were monitoring every alert that was generated, so it's hard to compare it to Trend Micro XDR. It was somewhat similar, but CrowdStrike is more proactive than Trend Micro, and it has greater coverage of IOCs. I have also used SentinelOne.

It's a SaaS solution deployed across multiple locations covering 20,000 endpoints. It doesn't require any maintenance aside from updates. 

I rate Trend Micro XDR seven out of 10. If you plan to implement XDR you should be aware of the IOC coverage and follow up with the Trend Micro team. Most things are covered, but it takes time to add and deploy all that stuff. 

Trend Micro XDR is utilized for security management, and we apply it to our email, network, and endpoints.

Trend Micro XDR is based on its proprietary cloud.

Trend Micro provides us with centralized visibility and management across protection layers, which are important to our organization.

The centralized visibility and management across both layers improve our efficiency by offering central security without the need for extensive management or fine-tuning. Trend Micro is also comprehensive and user-friendly. We have confidence in the results.

The risk index provides us with insights into potentially vulnerable areas or aspects that we may need to double-check to ensure everything is working as expected. In other words, it's a useful tool to obtain a quick overview of parts that could be more exposed to risks and other potential issues.

Trend Micro helps reduce our MTTD and MTTR.

Trend Micro presents results in a comprehensive and easy-to-read manner, which helps reduce the time we spend investigating false positive alerts.

We utilize Trend Micro's automation capabilities for alerting and categorizing emails into specific categories based on their risk level.

Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage. The security results have been quite good.

I would like to have more integration with mobile device management.

I have been using Trend Micro XDR for three years.

Trend Micro XDR is stable.

Trend Micro XDR is scalable. As a small company, the licenses we have are sufficient to meet our needs.

The technical support team is excellent, and they were able to answer our questions to our satisfaction.

Positive

The deployment did not appear to be complex, but it was managed by Pro-Axis, who utilized a large workforce to ensure the swift completion of the deployment.

We engaged an external partner named Pro-Axis to assist us with migrating from Trend Micro on-premises to Trend Micro XDR. Their services were excellent, and we did not encounter any unexpected issues. We were fully satisfied with the migration process as Pro-Axis promptly restored our services.

The pricing is competitive, and the cost aligns with the features we receive. The license fee covers all of our needs.

I give Trend Micro XDR a nine out of ten.

We were initially using Trend Micro on-premises and then expanded our usage by implementing XDR. We were satisfied with the solution and its features, so we made the decision to stick with Trend Micro.

A small team is required for maintenance, which will not impose a significant burden on our IT team.

Our entire organization uses the solution.

I suggest trying out the trial of Trend Micro XDR to assess its suitability for their environment. It can be a good solution for small or medium-sized organizations, but keep in mind that everyone has their own specific requirements.

I mainly use it for the management console and threat investigation. It helps us understand what is going on in our environment. I also generate reports to see what is going on in the background in our environment and how our devices are. I can see whether they are getting timely virus definition updates or patches. I get information related to the vulnerabilities on our devices.

Trend Vision One provides centralized visibility and management across protection layers. It is pretty important to know data from different data sources. It helps to gather information about the environment and reduce the attack surface. The custom reports based on those data sources and different modules help me reduce the risk level of the environment.

Executive dashboards help to see the devices in the environment and Internet-facing assets. If any device has any vulnerability, then based on that data, I can go to the XDR threat detection and get more information about that particular vulnerability or alert. Based on that, I can communicate with the team and get it remediated. We only provide a risk assessment. Based on the information provided, the team remediates the issues.

It has definitely reduced the time to respond to threats, but I do not have the metrics.

The best part is the XDR threat investigation, which includes different modules like Observer Attack Techniques, Workbench, and Detection Model Manager. It provides patterns and we can see what is going on. We can act on them accordingly. We can make playbooks and automate processes to reduce the attack surface.

For XDR threat investigation, there is not enough documentation about how to search for different keywords. The documentation for keywords used in attack techniques is lacking, making it difficult to understand certain aspects. 

Providing more interaction options in sandbox analysis would also be helpful. They have not given us many options. 

I have been using Trend Vision One for more than one and a half years.

It is quite stable. They provide proper updates.

I have used different solutions, such as SentinelOne, Carbon Black, and Cylance, but Trend Vision One provides more comprehensive visibility across the environment. For environment-level visibility, I prefer Trend Vision One.

The initial setup was easy.

The pricing is fair and not on the higher side.

I would definitely recommend Trend Vision One to others. It offers high visibility into the environment, helps reduce the attack surface, and automates many processes, thus enhancing response time.

I would rate Trend Vision One a seven out of ten.

We use Trend Vision One for real-time analysis and monitoring to identify the root cause of security incidents. This includes finding details like how the attack unfolded, user names involved, IP addresses associated with the attack, and the affected systems and devices. By analyzing this information, we can map out the entire attack flow chart.

The network coverage provided by Trend Vision One is important.

Trend Vision One is an XDR tool so it is important for us that it provides centralized visibility and management across protection layers.

Centralized visibility and management across protection layers enable real-time monitoring, which improves our efficiency.

While the Trend Micro Vision One executive dashboard provides a valuable overview, the ability to drill down from that level into the XDR detections is crucial. During a real-time attack, this drill-down functionality is essential for identifying the root cause, prioritizing the threat type, and ultimately finding an effective solution.

Trend Micro Vision One's greatest strength lies in its real-time monitoring and analysis capabilities. This allows for the seamless blocking of malicious URLs and attacks.

The managed XDR has saved us time allowing us to focus on other tasks.

The managed XDR helps us detect and respond to threats in under five minutes. It will display all the details in a single, unified view, including any alerts, trends, usernames, and everything else relevant. By simply looking at the tag data, we can get a complete analysis. This eliminates the need to switch between different screens and saves us significant time. For example, if we see a flag, we can immediately understand its meaning and the associated location without having to search for it elsewhere. Having all this information on a single page is a huge time saver.

Trend Vision One helps reduce the time we spend investigating false positives. The more we familiarize ourselves with the tool the easier it becomes identifying false positives. The time saved by identifying false positives depends on the type of alert. In some cases, we only deal with simple attacks, such as brute-force password attempts, followed by alerts for unusual login failures. These are common attack methods. We can then determine if the user was trying a different password, mistyped their password, or there's a mismatch. In such cases, identifying a false positive can be relatively quick, taking only one to two minutes. 

I appreciate the value of real-time activity monitoring. It provides accurate data, giving us a clear picture of what's happening, including who attempted an attack, their location, and any other details we need to mitigate the threat.

While blocking an IP address restricts access for 30 days, it eventually becomes accessible again. For true permanence, blocked IPs need to be transferred to a dedicated storage solution. However, this storage has limited capacity. To accommodate new blocked IPs, we must remove existing ones, creating a disadvantage that has room for improvement.

I have been using Trend Vision One for over 1 year.

Trend Vision One is stable.

Trend Vision One is scalable.

We previously used Palo Alto's Cortex XDR. However, we switched to Trend Micro Vision One because it's more user-friendly. Trend Micro's interface allows us to better understand the features and processes, enabling us to achieve the desired results more easily. Cortex XDR, on the other hand, was more complex to navigate.

The solution has delivered a return on investment through time savings.

I would rate Trend Vision One 9 out of 10.

Maintenance is required but it is easy to do.

I would recommend Trend Vision One to others. I suggest completing training before using the solution.

I did a POC with Trend Micro on our servers. We were testing for detection capabilities. We wanted to use it for security protection.

Once we deployed the solution into our organization, we were able to view logs. From there, we could handle detection. 

The detection was very good. It helps with threat hunting. 

Its interface is good. We were able to find logs easily.

It's been working well on our organization's network. I'm satisfied with the level of coverage. The policies have been very useful and detailed. 

We use the solution's executive dashboard. We actually have two or three dashboards. It helps us spot vulnerabilities. 

It's helped us reduce workloads. By getting logs, we could reduce detection time. The threat hunting became easier. We're still working through a POC, so I can't speak to if it will enable us to work on other tasks. We're still testing. 

The solution has helped us to decrease our time to detect and respond to threats. We can respond to threats in half an hour to an hour.

When an incident occurs, it will detect the incident within half an hour to an hour. I'd like to see alert time reduction so that they show up on the dashboard faster. 

I've been using the solution since 2021. 

The solution is stable. 

I've never tried to scale the solution. For my purposes, it's fine. I can't speak to how scaling would go. Likely, it can scale. 

I've been satisfied with the technical support. They are very good. 

Positive

To deploy the POC takes less than one week. Implementing the cloud is fast. It's not complex to set up. 

The pricing is expensive. Most organizations cannot afford XDR. 

I don't deal with the licensing directly. 

I've looked into other solutions, like Cortex. Trend Micro offers good visibility. I prefer Trend Micro. It's good. I like the useability. 

I'm an end-user.

We have yet to use the attack surface risk management capabilities. I only downloaded the sensors and installed them on the current phones and servers. We've only done this in the last week. 

I'd rate the solution nine out of ten.