I mainly use it for the management console and threat investigation. It helps us understand what is going on in our environment. I also generate reports to see what is going on in the background in our environment and how our devices are. I can see whether they are getting timely virus definition updates or patches. I get information related to the vulnerabilities on our devices.

Trend Vision One provides centralized visibility and management across protection layers. It is pretty important to know data from different data sources. It helps to gather information about the environment and reduce the attack surface. The custom reports based on those data sources and different modules help me reduce the risk level of the environment.

Executive dashboards help to see the devices in the environment and Internet-facing assets. If any device has any vulnerability, then based on that data, I can go to the XDR threat detection and get more information about that particular vulnerability or alert. Based on that, I can communicate with the team and get it remediated. We only provide a risk assessment. Based on the information provided, the team remediates the issues.

It has definitely reduced the time to respond to threats, but I do not have the metrics.

The best part is the XDR threat investigation, which includes different modules like Observer Attack Techniques, Workbench, and Detection Model Manager. It provides patterns and we can see what is going on. We can act on them accordingly. We can make playbooks and automate processes to reduce the attack surface.

For XDR threat investigation, there is not enough documentation about how to search for different keywords. The documentation for keywords used in attack techniques is lacking, making it difficult to understand certain aspects. 

Providing more interaction options in sandbox analysis would also be helpful. They have not given us many options. 

I have been using Trend Vision One for more than one and a half years.

It is quite stable. They provide proper updates.

I have used different solutions, such as SentinelOne, Carbon Black, and Cylance, but Trend Vision One provides more comprehensive visibility across the environment. For environment-level visibility, I prefer Trend Vision One.

The initial setup was easy.

The pricing is fair and not on the higher side.

I would definitely recommend Trend Vision One to others. It offers high visibility into the environment, helps reduce the attack surface, and automates many processes, thus enhancing response time.

I would rate Trend Vision One a seven out of ten.

As a security architect, I design solutions for our end customers. In previous projects, we've successfully implemented Trend Vision One for customers with cloud-based assets and email servers, enabling them to extend security coverage to their remote clients.

The current market trend in email security solutions focuses on mitigating threats like phishing attacks. These widespread attacks occur across various points in the cyber kill chain process. Whether initiated from the perimeter or targeting cloud-based assets, monitoring all north-south and east-west traffic is challenging. Trend Vision One helps by providing a comprehensive analysis of these email phishing attacks, identifying the attack origin, parameters, and information extracted from attack patterns.

Trend Vision One offers centralized visibility and management across all protection layers. This comprehensive view provides valuable information for CISO/CIO presentations, including attack patterns, threat actors, and areas for predictive analysis. Such insights are crucial for informing policy changes and other security enhancements. The visibility also helps with efficiency.

We can summarize any technical information we receive using widgets and then present it to executives in a dashboard format.

Our customers adapt the risk index feature to align with the specific needs and conditions of their individual environments.

We have used Trend Vision One in several projects where our customers consolidated security across hybrid environments. The consolidation effort, particularly utilizing Vision One's AI-driven features, streamlined investigative analytics. Furthermore, merging multiple solutions into Vision One provided comprehensive insights, which proved invaluable for policy development.

The ability to manage risk and maintain visibility has improved by approximately 20 to 30 percent, significantly simplifying our tasks. Operationally, this has led to a 20 percent reduction in effort.

Trend Vision One has helped reduce detection and response times by 30 and 40 percent, respectively.

Trend Vision One has saved more than a week's worth of effort in investigating false positives.

Trend Vision One's automation capabilities have helped us save between 60 and 100 hours monthly. 

The most important features of Vision One include visibility, AI integration, attack pattern analysis, predictive analytics, and centralized visibility and management across protection layers. These features are very important to us. 

There should be improvements in risk quantification, where the risk is displayed in a quantified manner, showing the dollar value loss. The integration with third-party OEM solutions also needs enhancement, particularly in UEBA integration with Trend. Sometimes, there are blind spot discoveries that are not completely successful. Improving automation to avoid manual triaging and providing more insights on dashboards is desirable.

While Trend Vision One's attack surface risk management helped identify some vulnerabilities in our environment, the feature needs improvement. Specifically, the blind spot discovery is unreliable; for example, a missed blind spot in one environment led to an attack and subsequent investigation.

Automation should be improved to eliminate the need for manual effort in initial L1 triaging. Additionally, dashboards should provide more insightful analysis, including various mappings to the MITRE ATT&CK framework and Tactics, Techniques, and Procedures.

I have been working with Vision One for almost almost two years.

The support in Trend Micro is good.

Positive

I have worked on Exchange servers, and we are using Palo Alto to a certain extent. These were not from the XDR or EDR point of view.

The analysis shows that Trend Vision One has improved our ROI by 30 percent.

Competitors offer comparable solutions at slightly lower prices, so Vision One has room to reduce its pricing by 15 percent, given that Trend Vision One charges approximately $10 per endpoint.

We evaluated other options but not to the same extent as Trend Micro because I was more familiar with Trend Micro solutions.

I would rate Trend Vision One nine out of ten.

I use Trend Vision One for banking, retail, and government clients. We sell it with other technologies. It provides more sources for alerts and visibility into threats and vulnerabilities. We have all Trend Micro's modules, including full asset protection, EPS, IDS, endpoint protection, and email security.

Vision One has reduced our detection time by approximately 30 percent, enabling us to use our human resources more effectively. The solution has allowed us to consolidate 90 percent of security tools across hybrid environments, improving our operational efficiency. We've reduced our administration and management tasks by half.  Vision One has also decreased our risk.

The most critical feature of Vision One is that it gives us a single console for threat management. The organizational view simplifies management and improves visibility, helping us identify areas for action. The solution is intuitive and easy to manage. 

The solution's ransomware protection with runtime machine-learning capabilities gives us peace of mind. We also get total protection and fewer false positives than in other solutions we sell. Vision One integrates well with our other security products.

Vision One could improve its area networking and email security.

I have been using the solution for around three years.

Trend Vision One is stable.

Positive

We have not previously used a tool like Trend Vision One, but we have used individual tools for various functions, such as EDR and EPS. For example, we used Vicarius and Ivanti for virtual patching and other tools by Palo Alto, CrowdStrike, Sophos, and Kaspersky. Trend Micro consolidates all these features into one platform, so that's one advantage it offers. 

Setting up Vision One was straightforward. 

I rate Trend Vision One nine out of 10. 

Our infrastructure utilizes Trend Vision One for endpoint and cloud-based security. While all our endpoints are cloud-based, allowing us to deploy Trend Vision One in the cloud, we also maintain endpoint-specific protection. Currently, our network infrastructure is not fully integrated with Trend Vision One. The platform primarily monitors our backend infrastructure and provides initial response capabilities.

I implemented Trend Vision One to consolidate log inspection, integrity monitoring, intrusion prevention, and application control into a single platform, eliminating the need to switch between multiple applications.

Trend Vision One provides centralized visibility and management across protection layers, which is crucial for compliance. It allows us to show audits of what’s going on and keep all evidence in one place. This centralized visibility has improved our efficiency, as it means just one login is needed to complete all necessary tasks, maintaining focus and reducing distractions resulting from multiple sources.

The Vision One executive dashboards effectively communicate our company's overall security posture by providing a clear risk overview. Executives appreciate the simple visual cues, with green indicating low risk and yellow signaling high risk, allowing for quick and easy understanding of our current security status.

I immediately recognized the benefits of Trend Vision One because, unlike our other security applications, it provides comprehensive visibility.

I utilize Vision One's risk index feature to assess our organization's risk level and benchmark it against our peers. This comprehensive evaluation allows us to understand our current risk profile, identify areas for mitigation, and determine acceptable risk thresholds. The risk index feature is essential to our business operations.

Attack surface risk management helped us identify blind spots in our environment and provided detailed remediation strategies. This works as a second pair of eyes that helps look for vulnerabilities, which in turn improves our security posture.

Trend Vision One improves our detection and response times by identifying vulnerabilities and summarizing mitigation strategies.

Trend Vision One helps reduce the amount of time we spend investigating false positive alerts by 80 percent.

I love Trend Vision One for its robustness, allowing us to deep dive into a lot of information. The Trend hunting feature is beneficial, providing the opportunity to investigate and see what's happening, using frameworks such as MITRE ATT&CK to analyze logs. Its risk index feature allows us to see risk status quickly and provides valuable insights into our security posture.

The only issue I have with Trend Vision One is the credit structure, which is confusing. An easier way to understand the credit structure would be helpful.

I have been using Trend Vision One for over five years.

Trend Vision One is stable and does not crash. In my experience, it has not shown any instability issues.

Trend Vision One is scalable. We can increase or decrease according to needs, although pricing changes when scaling.

Trend Micro's support response time can be slow. The quality of assistance varies depending on the issue. However, reaching qualified technical engineers can be challenging due to lengthy escalation processes.

Neutral

I've used many alternatives before, like Avast, SonicWall, and Mimecast. These alternatives don't have all the integrated features of Trend Vision One, particularly the server and workload capabilities.

The initial setup required deep diving and using resources such as help centers. Despite not being straightforward, it was manageable.

The deployment took three days.

I implemented Trend Vision One in-house with the support of team members, using resources like software guides and videos.

Trend Vision One is an expensive product.

I would rate Trend Vision One eight out of ten.

The most significant security challenge we face is zero-day attacks, which exploit vulnerabilities unknown to us. While Trend Vision One provides some protection, it cannot catch all zero-day threats, leaving us potentially exposed. This inherent vulnerability in our security poses the greatest risk.

Trend Micro handles most maintenance, but we are responsible for installing agent patches on our servers.

New users should understand that Trend Vision One is different from other solutions they might have used. Reading and fact-finding are crucial. They must ask the right questions.

The primary use of Trend Vision One is for its Endpoint Detection and Response and Extended Detection and Response solutions.

To address challenges with our attack surface management, we implemented Trend Vision One.

Trend Vision One's most valuable feature is its endpoint firewall rules.

The centralized visibility and management have been very important to us, as it allows for an effective EDR or XDR solution with central management. Without such solutions, I cannot imagine dealing with problems efficiently. The executive dashboards are used for main reporting and central management, improving readability.

Trend Vision One's attack surface management capabilities are a critical feature that we utilize.

Integration with other tools and deploying in hybrid environments need improvement. The deployment can be complex, and we'd like an easier process, especially when integrating with on-prem and cloud environments.

The high number of false positives in Trend Vision One presents a challenge. Reducing these requires extensive exclusion and allow lists, which are difficult to manage effectively.

I have been using Trend Micro Vision One for one year.

Trend Vision One is scalable.

The technical support is not good. We have to purchase support separately and the engineers are not readily available.

Neutral

We previously used Sophos and Microsoft Defender. For hybrid, we switched to Microsoft Defender due to easier integration with on-prem and cloud. I would recommend Trend Micro for Linux and mixed environments.

The standard deployment of Trend Vision One was straightforward and took approximately 24 hours to complete with two people involved.

Trend Vision One offers a competitive price-to-value ratio.

We evaluated Microsoft Defender and Sophos before switching. Microsoft offers more options for attack surface reduction rules compared to Trend Vision One.

I would rate Trend Vision One eight out of ten.

We have 400 users of Trend Vision One in our organization.

Two administrators are required to manage Vision One.

As a cybersecurity analyst at a managed security service provider, I use Trend Vision One for two of my clients. My primary use cases involve standard XDR functions, such as anomaly monitoring, alert analysis, and incident response. To streamline these processes, I've configured automated response playbooks within Trend Vision One. The insights provided by the platform, mainly through the Workbench and Observe Auto module, are invaluable for understanding my clients' environments and identifying vulnerabilities that need to be addressed.

I work with clients across various industries, including education and power. My education client utilizes Trend Vision One for specific security needs, while my power industry client, an electricity board, has a comprehensive Trend Micro solution in place, including Vision One, Apex One, and Deep Security Manager. With Vision One, I've successfully detected and addressed numerous web attacks, malware attacks, and unauthorized access attempts on production servers in the education sector. For the power client, the solution has effectively detected and blocked multiple ransomware attacks. These are common occurrences and demonstrate the value of Trend Micro's security solutions.

We use Trend Vision One on all endpoints in two scenarios. For one client with on-premises servers and endpoints, we use Trend Vision One as a comprehensive solution. For another client in the education sector, we use Trend Micro Deep Security Management alongside the Vision One XDR platform on their cloud-based Linux servers.

Trend Vision One provides centralized visibility and management across all protection layers. This is crucial for efficiently sharing data with management, both internally and client-side. The platform avoids technical jargon, offering executive summary dashboards and summarized incident reports that clearly communicate security status. This allows for concise and effective communication with non-technical stakeholders, assuring them of their security posture. Trend Vision One's automated dashboards streamline reporting, eliminating the need for extensive manual documentation, which is especially valuable for technical users.

I use executive dashboards to build on threat detection, check for vulnerabilities, and create appropriate responses for individuals or groups of endpoints.

We use the risk index to assess and enroll our risk score. We maintain a low-risk index, which helps both management and me understand our score in relation to global risk factors.

Although I inherited Vision One as a service provider from another team, I eventually began utilizing its full potential and reaping its benefits.

Trend Vision One offers a phishing simulation feature in its cyber risk assessment. I frequently use this tool with my clients to evaluate employee email awareness. It generates comprehensive reports and provides functionalities for easy management.

Attack surface risk management helps identify vulnerabilities and high-risk threats in an environment, but it may also generate some false positives.

Trend Vision One significantly reduces MTTD and MTTR by approximately 50 percent. Its automated playbooks enable an immediate response to detected threats, providing near-instantaneous protection. While manual analysis and reporting of critical errors typically take an analyst up to 15 minutes, Trend Vision One's configured playbooks can automatically complete the same task within two minutes.

I have configured some playbooks to take automated actions on Trend Vision One while detecting some specific alerts or while detecting some specific playbook alerts.

Trend Vision One offers several features that I appreciate. The workbench alerts provide valuable insights into attack chains and relevant information, while Observer techniques give a comprehensive overview of ongoing activities. The platform's automated playbooks streamline incident response, significantly reducing MTTD and MTTR. Additionally, the ability to integrate with various firewalls and data sources, including Trend Micro's suspicious object management, centralizes threat management and simplifies daily security operations and incident response tasks.

Trend Vision One requires several enhancements for optimal performance. The platform should allow users to create custom phishing templates directly within the console and improve logging capabilities to facilitate seamless integration with SIEM solutions. Additionally, it should provide a mechanism for configuring Office 365 Advanced Threat Protection alerts to be displayed within the Workbench for streamlined threat management.

I have been using Trend Vision One for about a year and a half.

Trend Vision One is a stable platform with no significant issues like lagging or crashing.

Trend Vision One is easy to scale up by adding new agents, although the credit system for feature usage is confusing and could be simplified.

I have experience with solutions like Sophos Central XDR and Wazuh, and while they have their strengths, I find Trend Vision One to be a competitive option with a comprehensive range of capabilities.

I would rate Trend Vision One nine out of ten.

The on-premises Trend Micro solutions may require updates.

After deploying Trend Vision One on pilot devices, I recommend exploring the entire portal to familiarize yourself with its features and capabilities.

We use Vision One XDR to provide managed security services to our clients by correlating logs from various Trend Micro products like Apex One, Cloud One, and Deep Security. Vision One acts as a central monitoring platform, providing a single pane of glass view of our clients' security posture. This simplifies monitoring and allows us to easily create playbooks and analyze alerts. While our EDR solutions, Apex One, Cloud One, and Deep Security provide robust security features like anti-malware, web reputation, and intrusion prevention, Vision One enhances this by correlating logs and leveraging threat intelligence to identify incidents missed by these individual products. Essentially, Vision One functions like a level three SOC analyst, providing an additional layer of protection and ensuring comprehensive security coverage.

Trend Vision One's centralized visibility and management are crucial for our managed security services because they reduce the overhead required for monitoring. As an XDR solution, it performs many of the tasks an analyst would typically handle, streamlining our workflow and allowing us to focus on in-depth analysis when needed. This reduction in workload is a significant benefit, enabling us to efficiently provide comprehensive security services to our clients.

The executive dashboard is a valuable tool for analyzing the threat level of specific assets, particularly for generating end-of-month reports that detail threat and alert volumes, and highlight high-security risks. This comprehensive analysis helps customers understand their security posture and take appropriate action to strengthen their defenses. However, it's important to note that the dashboard's usefulness may vary depending on the individual customer's needs and priorities.

The risk index is a useful tool that provides benefits, but its value depends on the specific needs of the customer. Some customers may utilize the risk index to identify assets with high-security risks, allowing them to address vulnerabilities and implement necessary patching. However, other customers may rely on alternative sources for vulnerability visibility and, therefore, may not prioritize the risk index. While not always a primary focus, the risk index remains a valuable resource.

Trend Vision One provides immediate benefits upon deployment. Its built-in XDR, which includes EDR functionality and integrates with existing security models like Apex One, Cloud One, or Workload Security, allows for seamless provisioning of endpoints and workloads. Rigorous testing confirms that Vision One effectively identifies and correlates alerts, including those missed by other EDR solutions. This enhanced detection capability is evident during post-deployment testing, as Vision One Workbench alerts are generated immediately.

We use Trend Vision One to consolidate security across hybrid environments.

We use attack surface risk management and often customize it in our reports to meet client needs. This service helps identify vulnerabilities and blind spots in their environments. For instance, we assisted a customer experiencing recurring attacks due to unknown vulnerabilities. Our attack surface management analysis provided the data to identify and patch these critical vulnerabilities, ultimately enhancing their security posture.

Vision One XDR significantly reduces threat detection and response time by automating the analysis typically done by a level two or three analyst. It provides a comprehensive view of the environment, incorporating behavioral analysis and intelligence sources to quickly identify unusual activity. This eliminates the need for manual investigation of logs and data, allowing analysts to focus on addressing actual threats. The XDR's automated workbench triggers alerts with a high degree of accuracy, minimizing false positives and further streamlining the security process.

We use security playbooks for certain low-level security alerts because many of these alerts, despite the large volume of data they represent, do not require significant time or attention. Playbooks are particularly useful in these situations as they automate the process of blocking the source or IP address associated with the alert.

Vision One offers several features I value. 

The threat intelligence sources enable it to automatically block domains known for command-and-control callbacks, effectively preventing attacks from those sources. 

Additionally, the security playbooks provide templates to block URLs or scripts, enhancing endpoint protection. 

Finally, the console allows for remote connection to endpoints, enabling direct investigation and remediation within the customer's environment. This flexibility and comprehensive functionality make Vision One a valuable tool.

Trend Micro is making many improvements, including addressing some of our feature requests. However, their reporting functionality needs improvement. The reports lack detail and customization options, particularly for XDR, which hinders our ability to provide tailored reports to clients. For example, we cannot generate reports on threat intelligence data from XDR, making it difficult to assess the protection received from external sources. This limitation also prevents clients from seeing the total value of XDR, including external factors contributing to their security posture. Threat intelligence is crucial, and clients want to understand its impact. Therefore, enhancing report customization, especially for XDR, would be a significant improvement.

I have been using Trend Vision One XDR for one and a half years.

Lagging does happen in Trend Vision One but it is infrequent and does not significantly disrupt operations. This is typical for many SaaS platforms and not a major issue.

Trend Vision One is scalable, allowing for flexibility from four licenses to a hundred or more, depending on how much or how fast scaling is needed.

The experience with customer service can vary depending on the case. Simple issues might involve referring to KB articles for resolution, while more complex issues might need backend support, which can take time. Overall, my experience has been positive.

Neutral

Trend Vision One is easy to set up and can potentially be handled by one person. However, teamwork is preferred to ensure accuracy, catch potential errors, and maintain a high standard of service.

Trend Micro's licensing is outsourced to third-party vendors, resulting in price variations depending on the vendor. Since Trend Micro doesn't directly handle pricing, I cannot provide specific cost details.

Trend Vision One XDR is an excellent security product that deserves a ten out of ten rating. It's surprising that more companies haven't adopted XDR, given its advantages over traditional SIEM solutions. XDR automates tasks like configuration, signature creation, and rule implementation, significantly reducing the manual workload required with SIEM. While I expect a shift towards XDR, many companies still rely on SIEM, which seems inefficient in comparison.

I use the solution primarily for EDR. The top challenges in our industry are the accuracy of the detections and the visibility of alerts and events.

We are accessing it via the cloud, and we are monitoring the endpoints and cloud servers. 

Vision One provides centralized visibility and management across protection layers, which is critical for tracking threats, viewing vulnerable assets, and understanding the overall security posture of the organization.

Vision One helps me a lot when it comes to reporting. The reports are very detailed and informative. There are recommendations and analyses of how to mitigate threats. We have comprehensive visibility.

The executive dashboards are very helpful for us in assessing our security posture. We can see what needs to be prioritized and mitigated first.

The risk index feature helps us make security improvements and implement security policies. It helps to have robust security.

Vision One helps to harden security controls and policy implementations.

Vision One improves our organization's security posture by allowing us to apply more robust security controls, implement security policies, and improve the security culture. The centralized visibility enables more efficient security operations.

Vision One makes it convenient to assess and mitigate or block threats across the organization. The XDR is collecting data from more than one client or company and correlating it. The XDR detects the loopholes or vulnerabilities of the system. It uses MITRE ATT&CK techniques to identify and respond to cyber threats or vulnerabilities.

Vision One improves our security posture because we can patch any vulnerable machines that are prone to risks and attacks.

Vision One has decreased our time to detect and respond to threats by 50%.

We use automation capabilities, especially when there is a breach or a risk activity with the user or the endpoint. It helps us by isolating devices automatically. This automation saves us about 20% of the time.

I love everything about the solution, especially the XDR features, the attack surface management, and the workbench alerts. It oversees vulnerabilities among the system and devices, prioritizing areas that need patching.

When I started working with it, I knew nothing about this solution. I found it very user-friendly and easy to understand.

There are limitations in terms of threat response actions. 

I have been using Vision One since December 2022. It has been about two years.

There are some errors with the solution. I would rate the stability a seven out of ten.

It is scalable. I would rate the scalability of the solution as eight out of ten.

We have clients of various sizes. Our clients are small, medium, and large organizations.

The customer service or technology is responsive, but they take a minimum of one day, and up to three days, which is too long.

Positive

I previously used Azure Sentinel. Vision One is an advanced solution compared to Azure Sentinel. I prefer Vision One because of the convenience and easy correlation.

The initial setup is complex due to the various cloud resources that we have. We have workstations, servers, etc. Its implementation can be simplified.

It did not take us very long. We migrated from Apex One to Vision One. It did not take long.

It provides returns on investment by saving about 50% of time, money, and resources.

I find it to be a cost-efficient platform.

I would recommend this solution. It helps a lot when it comes to security. It covers endpoint security, email security, web security, and data leak prevention. It has everything.

I would rate Vision One a nine out of ten.

Our primary use case is protecting our environment from malicious threats with antivirus protection. Additionally, we utilize Trend Vision One for its integrated solution, providing comprehensive visibility across the entire environment.

The organization implemented Trend Vision One to support best practices.

Trend Vision One is essential to our organization because it provides comprehensive security coverage across our entire environment, including email, network, and endpoints.

Trend Vision One offers centralized visibility and management across all protection layers, which is crucial for comprehensive environmental protection. This holistic approach empowers the SOC team to perform their duties effectively.

The executive dashboard is handy.

The risk index feature helps us identify issues and where to improve our environment.

The solution has improved our quality by enhancing the visibility into our estate and our ability to manage risk.

The consolidated security features of Trend Vision One improved the efficiency of our SecOps team by simplifying their workflows.

Improved asset visibility and enhanced risk management capabilities have raised our overall quality.

Trend Vision One offers centralized visibility and management across all protection layers, providing a holistic view of our environment and enhancing visibility across the entire infrastructure.

Trend Vision One would be enhanced by incorporating an SIEM solution as a built-in feature. This integration would streamline functionality and eliminate the need for us to acquire and manage separate SIEM solutions.

I have used Trend Vision One for over ten years.

Trend Vision One's stability is rated a six out of ten due to compatibility issues with other solutions and endpoint security interference.

The solution is scalable and there have been no issues with scalability.

I would rate Trend Micro's customer service an eight out of ten. While I experienced some minor issues, these are common with any technical solution.

Positive

We have not really seen a return on investment from this solution.

While the pricing and licensing for Trend Vision One are generally acceptable, the need to purchase additional features separately adds complexity. A single, comprehensive price for the entire solution is not available.

I would rate Trend Vision One seven out of ten.

Trend Vision One is deployed across multiple departments in our organization.

Trend Vision One requires maintenance.

Vision One access supports multiple modules, including endpoint protection, the XDR module, and the Cloud One module, which are the ones that particularly caught our interest.

We have been doing a proof of concept for Trend Vision One to assess its capabilities as a cybersecurity solution. Vodafone is partnering with Trend Micro to offer security services and products to our customers to secure their environments, similar to a SaaS solution. We are exploring it as a partnership opportunity to provide enhanced security solutions to our customers.

We conducted a POC and tested multiple use cases by downloading malicious files and observing their behavior. Trend Vision One successfully detected and blocked all threats, including malicious files, scripts, and even dormant scripts that later became active. All these threats were stopped at the endpoint level, demonstrating that Trend Vision One effectively defends against malware, ransomware, and malicious scripts.

Trend Vision One incorporates a machine learning agent designed to defend against advanced threats, such as zero-day attacks. This agent monitors endpoints for malicious activity and, if detected, automatically quarantines the affected machine to conduct further analysis.

It employs machine learning to quarantine devices during ransomware attacks, however, this functionality has not yet been tested.

Trend Vision One provides a single console with a unified dashboard that consolidates information from our entire environment.

The single console provides end-to-end visibility into our IT security environment. We tested the endpoint security, and the SDR performed exceptionally well, providing a clear topology and metrics of our environment. This allows us to monitor the status of each node within our network.

The Trend Vision One platform was integrated with a Linux-based Service Engine to facilitate integration with third-party IT security solutions.

Learning to use Trend Vision One was straightforward, thanks to the helpful courses available on their portal and the excellent support provided during product introduction.

Administering Vision One endpoint security is easy through the single console.

We successfully tested Trend Vision One in a hybrid environment, with components deployed both on-premises and in the cloud.

Trend Vision One offers virtual patching to protect against vulnerabilities while vendors develop permanent patches. This is crucial because vendor patches can be delayed, leaving systems exposed. Virtual patching provides immediate protection, acting as a temporary shield until the official fix is released.

Since we are still in the testing phase, we have not yet seen a reduction in viruses or malware. However, we anticipate potential improvements in security operations across hybrid environments if implemented fully.

Trend Vision One's greatest assets are its cloud-based platform and credit-based purchasing system, which eliminate the need for traditional licensing and procurement processes, enabling quick product acquisition within one or two days. Trend Micro's strong reputation and excellent threat intelligence further enhance the platform's value. The analytics are also good, particularly the XDR and cloud assessment tools, which correlate logs and information to consolidate alerts for the SOC team.

One area that requires improvement is the installation process of the agents, as it is not seamless. The installation sometimes requires multiple troubleshooting steps and is not straightforward.

We have been conducting the POC of Trend Vision One for approximately three to four months.

There were no major issues with stability, no bugs, glitches, or errors, except for the challenges faced with agent installation. I rate the stability of Trend Vision One eight out of ten.

I rate the scalability of Trend Vision One ten out of ten.

We did not engage with customer support during the POC phase, so we cannot provide feedback on that aspect at this time.

Positive

For endpoint protection, we have used Microsoft Defender and Cortex XDR. We encountered issues with those solutions, but Trend Vision One seemed to address these concerns effectively.

The initial setup was not complex. The prerequisites were set first, allowing integration to be completed in about a week.

The pricing is mid-range, neither cheap nor overly expensive. The cost is considered fairly priced.

I would rate Trend Vision One nine out of ten.

Our team from our organization includes three members involved in the POC testing.

I recommend Trend Vision One to other users based on our experience during the POC phase.