Sold by: Trend Micro
Deployed on AWS
Free Trial
Vendor Insights
AWS Free Tier
Stop threats before they strike with Trend Vision One™ - the AI-powered enterprise cybersecurity platform built to predict, prevent, and respond to threats across AWS, hybrid, and multi-cloud environments. Gain unified visibility, streamline cloud risk management, accelerate cloud investigations, and empower your security teams with proactive, layered protection that works at cloud speed. Proactive security starts here.
4.6
Overview
Trend Vision One™ gives enterprises and security leaders the power to see, secure, and control their entire multi-cloud and hybrid environments from a single, unified platform. Gain complete visibility with real-time risk scoring, threat exposure mapping, and centralized monitoring all from one intuitive dashboard.
Backed by AI, machine learning, and predictive analytics, Trend Vision One empowers proactive cloud security by automating threat detection, risk mitigation, and response. Streamline operations, reduce security complexity, and offload the pressure on your teams with modern CNAPP capabilities so you can stay ahead of every attack.
Trusted by industry leaders and recognized as a 2024 Gartner Peer Insights™ Customers' Choice for CNAPP, Trend Vision One is proven to reduce operational costs by up to 79% and accelerate detection and response times by 70%. It's also a Leader in the 2025 Gartner® Magic Quadrant for Endpoint Protection Platforms, delivered a 100% detection rate in MITRE evaluations, and was named a Leader in the IDC MarketScape for Cloud-Native Application Protection Platforms 2025, solidifying its position as the most trusted platform for securing the cloud.
Confidently secure your cloud transformation with a platform built for the modern enterprise. From hybrid to multi-cloud, Trend Vision One delivers unmatched protection, visibility, and control - wherever your workloads live.
Trend provides custom pricing via Private Offer. Please contact us if you're interested in personalized pricing options.
Highlights
- Identify and eliminate hidden cloud risks with unified Cyber Risk Exposure Management - discover assets, prioritize vulnerabilities, and manage posture and attack surface all from one place.
- Stay steps ahead of threats with XDR for Cloud, which extends visibility into cloud environments and streamlines SOC investigations through powerful correlation and alerting.
- Secure every application and workflow - from containers and code to S3 files and cloud workloads - with holistic protection via the integrated stack: Container Security, File Security, Workload Security, and Code Security.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(4)
SOC2
ISO27001
GDPR
HIPAA
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Trend Vision One credits | Trend Vision One credits (1 Unit = 1 credit) | $1.05 |
Dimension | Description | Cost/unit |
|---|---|---|
Cyber Risk Exposure Management - Cloud Risk Management | Per 500 resources per cloud account per hour | $0.12 |
Container Security | Per Amazon ECS instance or Kubernetes node per hour | $0.168 |
Container Security | Per serverless container pod or task per hour | $0.017 |
File Security SDK | Per file scan | $0.013 |
File Security Storage | Per cloud storage per hour | $1.155 |
Endpoint Security - Essentials | Per workload (Anti-Malware, Web Reputation, and XDR only) per hour | $0.007 |
Endpoint Security - Small | Per EC2 instance (micro to medium), WorkSpace, or other cloud (1 vCPU) per hour | $0.011 |
Endpoint Security - Medium | Per EC2 instance (large), WorkSpace, or other cloud (2 vCPU) per hour | $0.032 |
Endpoint Security - Large | Per EC2 instance (XL), WorkSpace, or other cloud (4 vCPU) per hour | $0.047 |
Endpoint Security - Non-Cloud | Per data center or non-cloud instance per hour | $0.047 |
Dimensions summary
Trend Vision One's pricing dimensions on AWS Marketplace are structured across multiple security capabilities. The core offering includes Endpoint Security with tiered pricing based on instance sizes (from Essentials to Large) and deployment type (cloud vs. non-cloud). Additional components include Container Security priced per node/task, File Security charged per scan and storage hour, Cyber Risk Management billed per cloud resources, and XDR for Cloud billed by data ingestion volume. All services can be accessed through Trend Vision One credits under a 12-month contract model with additional usage options. Credits are for customers interested in annual comitments while the additional usage costs offers PAYG. Credits and PAYG can be combined to best fit the needs of the customer.
Top-of-mind questions for buyers like you
How do Trend Vision One credits work in the 12-month contract model?
Trend Vision One credits are the primary currency for purchasing and consuming Trend Vision One services under a 12-month commitment with additional usage options. Credits can be flexibly allocated across different security services including endpoint security, container security, and file security, allowing customers to adjust their security coverage based on changing needs throughout the contract period.
How do the additional usage costs differ from credits?
Additional usage costs offer flexible, monthly pay-as-you-go (PAYG) billing, while credits are for customers with annual commitments. Both can be used across services—for example, credits for File Security and PAYG for Endpoint Security. Monthly billing requires purchasing one credit for account registration, after which services can be enabled in the Credits & Billing app.
How is Endpoint Security pricing structured in Trend Vision One?
Endpoint Security follows a tiered pricing model based on the size and type of instances being protected. The tiers range from Essentials (basic anti-malware and XDR) to Large (XL instances with 4+ vCPUs), with separate pricing for non-cloud instances, ensuring customers only pay for the level of protection needed for each endpoint.
What determines the cost for Container and File Security services?
Container Security is priced per instance/node for Amazon ECS or Kubernetes, or per pod/task for serverless deployments. File Security combines two pricing components: a per-scan fee for the SDK and Virtual Appliance usage, and an hourly rate for cloud storage protection, making it scalable based on actual usage patterns.
Vendor refund policy
No refunds
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Your purchase also includes 24x7 support from Trend Micro. You can log a support ticket for any issues directly from your Trend Vision One console. If you experience any issues or have questions, please contact our AWS Security experts by email at aws.marketplace@trendmicro.com .
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Trend Micro
By Rapid7
Top
25
In Security
Top
10
In Vulnerability and Patch Management, Data Governance
Top
25
In Observability, Software Development
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Cloud Risk Management
Unified cyber risk exposure management with asset discovery, vulnerability prioritization, and attack surface management
Extended Detection and Response
Cross-cloud XDR capabilities with enhanced visibility, threat correlation, and streamlined security operations center investigations
Multi-Cloud Security Coverage
Comprehensive protection across containers, code, files, S3 storage, and cloud workloads through integrated security stack
Predictive Threat Intelligence
AI-powered and machine learning-driven threat detection, prevention, and response mechanisms
Real-Time Risk Monitoring
Centralized dashboard with real-time risk scoring, threat exposure mapping, and comprehensive environment monitoring
Attack Surface Management
Aggregates comprehensive attack surface visibility across hybrid environments with external attack surface scans to build a dynamic, 360-degree view
Cloud Security
Provides code-to-cloud protection for cloud-native applications with seamless CI/CD pipeline integration and real-time, agentless risk assessment
Threat Intelligence
Delivers high-fidelity, actionable threat intelligence sourced from proprietary threat and vulnerability research with community-driven tools
Vulnerability Management
Offers complete visibility across on-premise and remote endpoints to identify, communicate, and remediate vulnerabilities and misconfigurations
Security Automation
Enables acceleration and streamlining of time-intensive processes through customizable workflows and plugins without requiring coding expertise
Cloud Security Posture Management
Agentless CNAPP with comprehensive asset inventory, graph explorer, and security configuration scanning
Threat Detection Engine
AI-powered real-time protection for cloud workloads, servers, VMs, and containers across multi-cloud environments
Infrastructure as Code Scanning
Automated scanning of infrastructure configurations for security vulnerabilities and misconfigurations
Cloud Object Storage Protection
AI-powered malware detection for cloud storage platforms with millisecond scanning and automated remediation actions
AI Model Security
Security monitoring and protection for AI models and pipelines deployed on cloud AI services with advanced threat detection capabilities
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
No security profile
No security profile
Standard contract
No
No
No
Customer reviews
Jagadeesh P.
Comprehensive Security, Effortless Management
Reviewed on Dec 25, 2025
Review provided by G2
What do you like best about the product?
I like that Trend Vision One is an all-in-one platform that makes threat correlation easy to manage. The XDR integration with third-party applications helps in data collection and detection, which I find really valuable. It's particularly useful in prioritizing threats and taking action before they become active. I also appreciate how easy it is to find the root cause of issues and block them. The initial setup was super easy, taking just 5 to 6 weeks for a 10K user implementation, which was impressive. The platform excels in endpoint security, server security, cloud security, email security, and it significantly enhances our threat-hunting efforts with more detection logs than our existing SIEM.
What do you dislike about the product?
I don't see anything that doesn't work for us apart from few things of the ZTSA of Trend Vision One, which I rate an 8.
What problems is the product solving and how is that benefiting you?
I use Trend Vision One for server, email, and endpoint security with XDR. It solves cybersecurity incidents, phishing, spam, ransomware, and unknown threats by providing an all-in-one platform, easy threat correlation, root cause identification, and action prioritization.
reviewer2378070
Ransomware playbooks have strengthened protection and improve threat detection and response
Reviewed on Dec 17, 2025
Review from a verified AWS customer
What is our primary use case?
My main use case for Trend Vision One is for ransomware protection, user behavior analysis, and protection. I use Trend Vision One for threat detection and response, which helps me with investigation and response. It helps to integrate with the existing infrastructure as my main use case for Trend Vision One. Data loss prevention has been a valuable use case with the endpoint security as a feature that stands out to me. The top security challenges in my industry include improving the cyber risk posture and ransomware protection, and Trend Vision One is helping me address them, especially for ransomware protection.
What is most valuable?
I find threat detection and response and remediation using playbooks the most useful features Trend Vision One offers me.
In a case of a ransomware incident, the playbook in Trend Vision One immediately contained the infection by isolating the endpoint, demonstrating how those playbooks and the detection and response features help me in my day-to-day work.
Trend Vision One has positively impacted my organization by specifically helping improve security posture and response time for threat handling, as well as improving our cyber risk score.
Trend Vision One has made managing security easier for me compared to earlier by providing centralized visibility and management across protection layers.
What needs improvement?
The area where I think Trend Vision One can improve is the technical support. Trend Vision One should speed up the response time for the support tickets that have been opened regarding needed improvements.
For how long have I used the solution?
I have been using Trend Vision One for almost one year now.
What other advice do I have?
Trend Vision One should speed up the response time for the support tickets that have been opened regarding needed improvements. I rate Trend Vision One a nine out of ten because Trend Vision One can improve the technical support. I am using Trend Vision One sensors on the endpoint, as well as on the endpoint and workloads. Covering the endpoint is very critical for my organization's network because the endpoint is one of the most important areas to be protected. Trend Vision One has helped reduce my time to detect and respond to threats; in my previous studies, I found the detection and response has come down from weeks to only days. My overall review rating for Trend Vision One is nine.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
MalayKumar Das
Centralized threat hunting has improved endpoint visibility and allows silent remote remediation
Reviewed on Dec 15, 2025
Review from a verified AWS customer
What is our primary use case?
Trend Vision One use cases are mostly related to endpoints, such as detecting registry modifications or new software being added, as well as monitoring for malicious activities including PowerShell scripts, double extension files, ransomware, and crypto miners. Since I work for the financial sector, it is crucial to ensure there are no remote software programs running, especially regarding banking security.
What is most valuable?
Trend Vision One has two types of alerts that help reduce the time to detect and respond to threats. The first is based on alerts and workbench ID, while the second is host-based detections, allowing me to see all different threats on particular endpoints over a selected time frame. I can check for various endpoints affected by different alerts and customize this for specific time frames. Monitoring critical assets, threat hunting, and running queries are feasible tasks, providing a comprehensive overview of endpoint security and the ability to remove malicious files quickly.
One of the best features of Trend Vision One is its ability to let me remediate endpoints without disturbing branch users, as long as the endpoint is online and connected. I can delete files or take control through the console by informing the bank's security team to get approval. Another great feature is viewing alerts, segregating them by type and host, which makes it easier to fine-tune security and monitor critical resources. Additionally, the ability to create reference sets for known malicious hashes enhances detection capabilities across endpoints.
Trend Vision One saves resources and time. It provides better visibility of endpoints compared to other security management tools, which makes it invaluable. For smaller organizations that may not afford multiple tools, an XDR solution can handle their security needs effectively.
Trend Vision One allows mitigation of threats without interrupting branch users' regular work, which is its unique selling point.
What needs improvement?
The area for improvement is to provide more clarity on the query part, including examples for creating reference sets and documenting capabilities thoroughly so future users can benefit without needing to experiment.
Documenting the capabilities of endpoint consoles would also be beneficial for new users understanding what can be done effectively.
For how long have I used the solution?
I initially used the first EDR approximately two years ago, and now I have been using Trend Vision One for eight to nine months.
What do I think about the stability of the solution?
The stability of Trend Vision One is good; I would rate it an eight.
What do I think about the scalability of the solution?
I would rate the scalability at eight and a half.
How are customer service and support?
I have not worked with technical support yet, so I cannot rate it.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I have not worked with other solutions yet, so I can only speak to my experience with Trend Vision One XDR , which I find to be good for handling threats across endpoints.
How was the initial setup?
I am not aware of the deployment process since I have not been involved with it.
What about the implementation team?
Only a few of us are using the solution currently—my manager and I. Due to my background in threat hunting, I have admin access to monitor various alerts and create reference sets for potential threats effectively.
Only three or four users have access to Trend Vision One, including my manager and me from the vendor side, and two from the bank end.
I am a vendor hired for SOC security and threat hunting, working for IBM clients.
What was our ROI?
I cannot estimate the return on investment accurately, as I do not have insight into the financials. However, I can say that the tool is good, particularly the basic subscription which provides me with necessary tools and knowledge to protect security.
What's my experience with pricing, setup cost, and licensing?
I do not have any information regarding the pricing, so I cannot comment on that.
Which other solutions did I evaluate?
Every organization typically installs antivirus agents on their endpoints and servers.
What other advice do I have?
My false positives have decreased, but reducing them requires thorough investigation. For example, each endpoint has its own scanning device, such as Windows Defender.
Apex Central is attempting to stop the services of Windows Defender, leading to alerts when malicious behavior is detected. Through thorough investigation, I have identified that while Apex Central might not directly stop processes, it does so using CMDlets. Hence, I decided to whitelist that.
Trend Vision One reduces endpoint risk by approximately 60 to 70 percent; the remaining 30 percent can be due to other factors such as phishing and web interactions.
For small organizations, implementing Trend Vision One is a wise choice because it delivers great visibility and clarity on endpoint threats, enabling effective monitoring and quarantining regardless of the environment.
Trend Vision One sensors are being used on the endpoints.
I do not know if Cyber Risk Exposure Management comes under the basic subscription, as I mostly focus on threat hunting and do not recall using it.
If the suggested improvements are implemented, it will be even more flexible and feasible.
I give this review an overall rating of 9 out of 10, and I definitely recommend Trend Vision One to other users because it provides solid security for endpoint protection.
reviewer2787369
Consolidated security tools into one console and manage endpoints, servers, and emails efficiently
Reviewed on Dec 11, 2025
Review provided by PeerSpot
What is our primary use case?
I have experience with Trend Vision One , specifically using endpoint security, email security, and all of the modules that are used most commonly.
We mostly install Trend Vision One endpoint security in all client organizations, configure everything covering endpoints, servers, emails, and then work on the alerts for them as the need arises.
We are using the sensors that are included in Trend Vision One.
What is most valuable?
Trend Vision One has helped me to consolidate my use of security vendors quite a lot. Many of my clients were using different brands of antivirus for the server security and endpoint security, and another product for email security. Because of Trend Vision One, they were able to combine all of them in the same console. This reduced a lot of siloed tools.
I am quite impressed by the speed with which the server policy gets deployed. While the endpoint policy takes about 15 minutes to get assigned to the system, server policy is quite quick in that regard.
The coverage of these sensors is quite vast. When compared to other antiviruses, we found that Trend Vision One does cover quite a lot of ground.
What needs improvement?
The endpoint security policy for standard endpoints with Trend Vision One takes a lot of time. It would be beneficial if there were DLP features in it, as many customers require that. While Trend Vision One's full suite is quite impressive, customers have to find another product for DLP and file monitoring. Trend Vision One does have a not fully-fledged DLP in the endpoint security part, and it sometimes hangs up the PC when we apply it.
The alerts could be better because when an alert comes for an email that has been compromised and found on the dark web, we cannot quite find where it got compromised from.
The network part is something that needs to be worked on because most of the time we have to look at the firewall to get the full scenario or coverage.
What do I think about the stability of the solution?
We have found a lot of performance issues with Trend Vision One agents. They are not lightweight. The first time I used Trend Vision One, the agent was 500 MB. Now that I am using them, the initial size is 800 MB. Sometimes the CPU utilization is so high that the computer crashes or lags behind. This is a really big concern for everyone using Trend Vision One.
What do I think about the scalability of the solution?
Trend Vision One is quite a good tool because there are not any issues in scalability. We can easily add more licenses to it and increase our organization security. Scalability-wise, it is good.
How are customer service and support?
I have contacted the technical support or customer support of Trend Vision One quite a lot.
The engineers are quite helpful when they respond, but I have found that sometimes the assigned engineer responds to the first query a bit too late. I can see in the portal that the engineer has been assigned to my case, but we have to prompt them to give us a reply because nobody is answering. We have to call Trend Vision One support sometimes. Once we start the case, the responses are quite helpful, though we have had to escalate some of the cases quite a lot when customers need it.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I have not basically used any alternatives to Trend Vision One. I have tried CrowdStrike and Symantec. Symantec is so far out of Trend Vision One's reach and CrowdStrike, I have not used it much, but it is a bit harder to configure than Trend Vision One. I find Trend Vision One's UI much easier.
How was the initial setup?
The initial deployment of Trend Vision One is quite easy since it is basically a cloud-based app, and you just have to deploy the agent.
What about the implementation team?
If integrating AD with Trend Vision One, I am sure only one person would be needed. If you have to deploy and install the agents directly into the systems, at least four to five people are needed if the size of the organization is for 1,000 to 2,000 employees.
What was our ROI?
It would take one or two months to deploy Trend Vision One for a client, but mostly because sometimes things get delayed on the client side.
What's my experience with pricing, setup cost, and licensing?
No maintenance is required on our side for Trend Vision One.
Which other solutions did I evaluate?
I am not into sales, but we have lost a few customers because of the pricing of Trend Vision One. They seem to gravitate to Symantec and others because their pricing range is quite less than Trend Vision One, and we have lost them because of that.
What other advice do I have?
My review rating for Trend Vision One is 9 out of 10.
Nauman Ahmed Shakeel
Integrated threat monitoring has strengthened risk visibility and improved vulnerability response
Reviewed on Dec 09, 2025
Review from a verified AWS customer
What is our primary use case?
My use case is to monitor my entire infrastructure, investigate the latest vulnerabilities, identify loopholes, and monitor live threat detections to mitigate these threats.
What is most valuable?
Trend Vision One 's best features are the ESRM and its email gateways, along with its playbooks, which are useful for testing any threat or vulnerability.
It helps in identifying blind spots by providing comprehensive knowledge about risk assessment and a method to compare our organization with others, allowing us to understand our current stage in cybersecurity.
What needs improvement?
Trend Vision One needs to work on its logging system as the logging systems are very complex, and they need to reform their logs in a more informative way.
For how long have I used the solution?
I have been using Trend Vision One for the last three years.
What do I think about the stability of the solution?
I would rate the stability an eight.
What do I think about the scalability of the solution?
I would rate the scalability a nine.
How are customer service and support?
Their response rate is approximately 80 to 90%, and they mitigate the issue.
I would rate the technical support a nine.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I compare Trend Vision One with Trellix and Kaspersky, and compared to both of these, Trend Vision One is very useful with one-window operation and is a market-gaining product.
How was the initial setup?
The deployment is easy and very moderate, taking approximately one month.
What about the implementation team?
It was a partner purchase.
What was our ROI?
The ROI is positive, and I see a reduction of 100%.
What's my experience with pricing, setup cost, and licensing?
Trend Vision One is not so expensive; it is very moderate.
Which other solutions did I evaluate?
Trend Vision One is very effective and very market competitive, which is why we are using it.
What other advice do I have?
I will definitely recommend this product because of its deep knowledge and deep features, such as ESRM, playbooks, and other email gateways.
We have approximately 50 users.
I do use Trend Vision One sensors, and they totally cover our network as we are using network sensors and service gateways to scan the whole network and gather information about our loopholes, mitigations, and vulnerabilities with respect to the latest CVEs.
I give this product a rating of 9.