Senior Security Architect at a tech services company with 5,001-10,000 employees
Real User
Top 20
2024-02-15T09:25:00Z
Feb 15, 2024
I like the workbench. It is a view of all the alerts or problems in your estate. The visibility that it provides to engineers is very useful. It is one thing having lots of alerts. It is another thing to have something to correlate all your alerts into a workbench for you so that you can see what is going on.
Cloud Security Engineer at a healthcare company with 5,001-10,000 employees
Real User
Top 10
2024-02-15T08:35:00Z
Feb 15, 2024
For our day-to-day use cases, the correlation and attribution of different alerts are valuable. It is sort of an SIEM, but it is intelligent enough to run the queries and intentionally detect and prioritize attacks for you. At the end of the day, it is different data that you see. It correlates data for you and makes it meaningful. You can see that someone got an email and clicked a link. That link downloaded, for example, malware into the memory of the machine. From there, you can see that they started moving laterally to your environment. I quite like it because it gives visibility, so Workbench is what we use every day
Operations Manager, Global Information Security at a hospitality company with 10,001+ employees
Real User
Top 20
2023-10-30T15:49:00Z
Oct 30, 2023
We had previously deployed on-premises, and all we had to do was access the designated console and click a button to migrate all on-premises agents to cloud agents.
Security Consultant at a tech services company with 10,001+ employees
Real User
Top 20
2023-10-17T17:20:00Z
Oct 17, 2023
I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed.
One of the features I like in Trend Micro XDR is that you can drill down on the root-cause analysis for anything you find on the solution. I also like that it works for detection purposes. Behavior analytics is also what I like most about Trend Micro XDR. I love that it has features such as behavior detection, program detection, and memory scanning. By default, the solution protects against spyware, apart from the normal virus scan. Smart Scan and DLP are also available in Trend Micro XDR which I like as well.
I like that it is a comprehensive security solution with a lot of features. You can say XDR is an end-to-end security solution with endpoint security. It includes all your servers, networks, and other devices. The endpoint security solution does not cover this. Plus, machine learning and features like that are the main things in XDR solutions.
Consultant at a computer software company with 51-200 employees
MSP
2022-03-02T12:01:27Z
Mar 2, 2022
What I like the most about Trend Micro XDR is that the detection and response domain extends to the network. It goes beyond the endpoint and includes data about the network which lets you pinpoint patient zero as well as the root cause of the attack.
Its detection rate is valuable. It is really an easy product to install and manage. It is quite effective at what it does, and if needed, it can also be co-managed, which means 24 hours and seven days a week monitoring through a SOC.
Sr.Customer Engineer- Projects at a tech services company with 201-500 employees
Real User
2021-09-18T02:41:56Z
Sep 18, 2021
It has the feature to track an attack back. If there is an incident or an attack occurs, you can get a bird's eye view of that attack. You can see how the attackers came in and how they managed the attack. You can trace an attack. If you are giving a presentation to the management, you can easily show it to them in a live environment how the attackers came, which is amazing.
The Trend Micro Vision One platform is designed to extend threat detection and response across an organization's digital landscape. It is crafted to deliver advanced threat intelligence, using a layered approach to protect against a wide range of cyber threats.
Trend Micro Vision One excels in integrating multiple security layers into a unified platform. It provides real-time visibility into an organization’s security posture, facilitating rapid detection, investigation, and response to...
I appreciate the value of real-time activity monitoring.
I like the workbench. It is a view of all the alerts or problems in your estate. The visibility that it provides to engineers is very useful. It is one thing having lots of alerts. It is another thing to have something to correlate all your alerts into a workbench for you so that you can see what is going on.
For our day-to-day use cases, the correlation and attribution of different alerts are valuable. It is sort of an SIEM, but it is intelligent enough to run the queries and intentionally detect and prioritize attacks for you. At the end of the day, it is different data that you see. It correlates data for you and makes it meaningful. You can see that someone got an email and clicked a link. That link downloaded, for example, malware into the memory of the machine. From there, you can see that they started moving laterally to your environment. I quite like it because it gives visibility, so Workbench is what we use every day
I can prevent my environment from different types of attacks based on what I see in the Vision One console.
The automatic EDR system that notifies us when something is wrong is valuable.
The zero-day vulnerability is valuable.
The centralized visibility is good.
It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera.
We had previously deployed on-premises, and all we had to do was access the designated console and click a button to migrate all on-premises agents to cloud agents.
I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed.
The proactive approach is the best feature.
We are very impressed with the single pane of glass visibility that Trend Micro XDR provides.
The search features help us try to correlate information and identify any suspicious activity.
Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage.
For scalability, I would give a rating of ten out of ten.
Scaling is not a problem at all.
It has good vulnerability protection.
The solution is very easy to use.
The setup is fairly simple.
We can scale the product as needed.
The solution is stable.
XDR provided a much more deep view into what is actually happening.
One of the features I like in Trend Micro XDR is that you can drill down on the root-cause analysis for anything you find on the solution. I also like that it works for detection purposes. Behavior analytics is also what I like most about Trend Micro XDR. I love that it has features such as behavior detection, program detection, and memory scanning. By default, the solution protects against spyware, apart from the normal virus scan. Smart Scan and DLP are also available in Trend Micro XDR which I like as well.
The telemetric report is the most valuable feature.
I like that it is a comprehensive security solution with a lot of features. You can say XDR is an end-to-end security solution with endpoint security. It includes all your servers, networks, and other devices. The endpoint security solution does not cover this. Plus, machine learning and features like that are the main things in XDR solutions.
What I like the most about Trend Micro XDR is that the detection and response domain extends to the network. It goes beyond the endpoint and includes data about the network which lets you pinpoint patient zero as well as the root cause of the attack.
Trend Micro XDR is stable, scalable, and reasonably priced.
Its detection rate is valuable. It is really an easy product to install and manage. It is quite effective at what it does, and if needed, it can also be co-managed, which means 24 hours and seven days a week monitoring through a SOC.
It has the feature to track an attack back. If there is an incident or an attack occurs, you can get a bird's eye view of that attack. You can see how the attackers came in and how they managed the attack. You can trace an attack. If you are giving a presentation to the management, you can easily show it to them in a live environment how the attackers came, which is amazing.
We've found the pricing to be reasonable.