I use Trend Vision One for Total XDR and endpoint protection as an all-in-one security solution.

One of the best decisions we made was choosing Trend Vision One. It has transformed our entire security and cybersecurity landscape, providing a one-stop solution to manage everything efficiently and effectively.

One of the most valuable features is Cyber Risk Exposure Management.

There is room for improvement in leveraging AI technology to protect against emerging AI-based threats.

I have been using the solution for two years.

We previously used an outdated and inefficient Trend Micro system, which caused high security risks.

This is not a competitive price — the costs are on the higher side. However, I don’t regret it, as it can help save significantly in other areas. The only disappointing aspect is that every time new features are adopted, additional credits are required, which could push the budget over. This practice should really be reconsidered by Trend.

I also evaluated CrowdStrike as an alternate solution.

Trend Vision One is a five-star product.

Our use cases for Trend Vision One are monitoring and alerts.

The biggest challenges we wanted to address with Trend Vision One were securing endpoints and enabling us to quickly respond to incidents or threats. This is the main goal for using this solution.

Trend Vision One has improved the way our organization functions by acting as both a monitoring tool and an antivirus, giving us insight on potential threats and enhancing our response time to security incidents. It is hard to measure the time savings but we save a significant amount of time in responding to potential threats. For example, we don't expect employees to respond to emails, chat, or calls outside of working hours. Trend Vision One has a feature where we can block all access to the laptop or endpoints. It allows us to take immediate action without waiting for the user to respond.

In terms of reducing noise from false positives, unfortunately, some behaviors can be mistaken for bad behaviors, but that isn't the fault of the software itself. It largely depends on how the developers of other applications implement their software and how it is run. We encountered an issue with another software called Rapid7, which periodically runs a command on MacBooks or Apple operating systems. This command, which is quite lengthy, searches for any unsecured credentials or API keys related to GitHub on the laptop. The way the application triggers is significant: it runs under root privileges, executing that command in the terminal for the user. Trend Vision One picks this up as a suspicious command, interpreting it as an attempt to find unsecured credentials. Despite having whitelisted the entire command in Rapid7, Trend Vision One still flagged it. We went back and forth on this issue, but ultimately we decided that it wasn't worth further troubleshooting to silence this alert due to the potential for actual malicious use of such commands. While we could whitelist it, we did not want to risk it being exploited maliciously. In the end, we chose to ignore the alert. They helped us reduce some other noise, but there was some noise that we weren't able to reduce.

Vision One AI has been very useful. All IT people stay up to date with security risks, exposures, alerts, or attacks. Vision One AI helps us explain or understand the alerts and what actions are recommended.

The workbench alerts are something we find very useful, as they help us stay informed about various activities. Not all alerts are positive, but they provide valuable insights into the detection methods and help us understand how certain issues arise. For example, if someone attempts to run a piece of software that encrypts a file, one of our tools, which is used for evidence gathering in surveillance systems, may encrypt the file too quickly. As a result, Trend Vision One may trigger an alert. Although this is a false positive, it still gives us insight into the behavior involved. This allows us to investigate the alert further and provide feedback to the user or development team, letting them know that similar triggers are likely to occur with other security systems or software.

Other useful features include intrusion and mailbox alerts, suspicious unauthorized access, tracing logs, website clicks, and email filtering for bad attachments.

The improvement I have been asking for is an easier way to create MDR requests. Not all alerts that come through Trend Vision One receive an investigation, and we would like the ability to easily request an investigation on lower-scored alerts without logging into the support portal to create a ticket.

I would like to see Trend Vision One and OfficeScan consolidated into one platform. Currently, it is the same space but two different layers. It would be nice to have both combined instead of having two clients.

There is room for improvement when it comes to support.

I've been working with Trend Vision One for three years.

Trend Vision One is stable enough. We don't see many performance impacts on our endpoints, except for when our weekly scheduled scans happen. Our developers express that it limits how freely they can develop, but I personally appreciate the insight it gives us and the actions that allow us to take on our devices.

I would rate their support a six out of ten. We encountered an issue with one of our tools—specifically, Visual Studio. One of our developers faced difficulties debugging code because Trend Vision One was blocking the debugging application or causing it to crash. This problem stemmed from a Windows update, and it took us a month and a half to identify the root cause. After we opened a ticket either at the end of March or early April, we waited several more weeks for a solution. Although the Windows update occurred back in February, we didn’t receive the fix until the end of May. The interaction between Windows and the application played a significant role in the issue, as the debugging application starts the code and injects itself into the running application, which Trend Micro flagged as problematic after the latest Windows update. Fortunately, this issue has now been resolved, but it was indeed a painful experience. Our developers were understandably frustrated that they couldn’t debug code for a month and a half, which impacted our project timelines.

The company previously had SentinelOne before my time, and I can say that SentinelOne was not effective.

We currently use Rapid7 as our Managed Detection and Response (MDR) service. In my experience, both Rapid7 and Trend Vision One serve similar purposes, but they have distinct differences. There are times when Rapid7 provides us with more detailed information, while at other times, Trend Vision One offers greater insights. This is partly because Trend Vision One collects more data from the devices, allowing it to better identify the root causes of alerts compared to Rapid7.

Additionally, I find that the MDR team at Trend is generally more responsive than that of Rapid7. However, there are some disadvantages as well. For instance, we haven't yet set up cloud monitoring capabilities with Trend Vision One. Rapid7 currently handles our cloud infrastructure monitoring and manages services like Office and Okta. While Rapid7 is equipped to monitor these services, Trend Vision One is not yet at that level. We are exploring ways to enhance its capabilities, and if it can provide the same level of service as Rapid7, we might consider discontinuing our use of Rapid7 altogether.

We use the SaaS solution. I was not involved in the initial setup and deployment process, which occurred prior to my time here, but I have readjusted some policies.

Previously, it was difficult to understand some alerts. However, as time goes by, we differentiate better between them, and the AI feature is an extremely good tool that explains things that are gibberish to the regular user. The learning curve is quite steep.

It has helped us understand some of the alerts that we did not comprehend.

It is an all-around solution that includes various modules for comprehensive security monitoring and alerting. This solution is particularly effective when integrated with other hardware or on-premises solutions, such as Deep Discovery Inspector, which monitors your network.

The interface is adequate, but it is constantly changing. New features are being added, and items are being rearranged almost daily. We might have missed some announcements regarding these frequent updates. As it is an evolving solution, such changes are to be expected. However, there are still features that are buried within menus, which previously required extensive searching to locate. For instance, until last year, isolating endpoints was only possible through the search function. Now, they have added a feature within the endpoint inventory that allows you to select devices and isolate them immediately, rather than having to jump through multiple hoops to access that option.

The application has also become slightly more responsive. Regarding its functionality, the insights it provides are quite useful. The application displays various actions, and you can drill down into alerts to view the execution path associated with them. For example, if an application triggers an alert, you can right-click on that alert and select "Check Execution Profile." This feature shows you where the process started, what actions it took, and where it ended. This improvement is beneficial for understanding how tasks are executed.

I would rate Trend Vision One an eight out of ten.

My use case for the solution is primarily for EDR purposes, but we are also starting to use the CREM. This technology allows us to see our endpoints within seconds to ensure they are NIST 800-83 compliant. This technology is critical in today's world as there are many customers requiring this now.

We have used advanced threat intelligence, and we continue to do so. There is a way to run a threat query to find where a certain item is located. For example, Quick Assist from Microsoft was used a while back to gain access to our environment, and we didn't know it at the time. Of course, we've since locked that down. Now, we can also use that query we created to monitor if someone tries to use it again. I recently saw an attempt to use it, but they couldn't succeed because we have it blocked. It's really good to know these things, and without the available technology, we wouldn’t be able to do this.

Trend Vision One's automation capabilities have helped, for example, with atypical travel. We have a playbook set up. When Trend Vision One finds someone signed on in the United States and then catches them signed on in Africa, it will immediately run a playbook. This will disable that profile and prohibit that person from logging in. That is huge when you consider the possibilities of what could happen if we didn’t have that feature.

Our response time is greatly enhanced because of all the features that Trend Vision One offers. It simplifies things and makes it clear what’s going on inside our environment. With just a click of a button, we can get the information we need. We can mitigate issues very quickly using Trend Vision One. We can isolate endpoints, effectively removing them from the network while still accessing them through the Trend Vision One console. Additionally, we can run malware scans instantly on computers, and there are so many features available that it can be hard to keep track of them sometimes. Overall, Trend Vision One has really helped a lot. When it comes to time savings, I would estimate that our response time has improved by at least 40%.

Using this solution has benefited our business greatly. It keeps me informed of everything happening in our environment. We have site admins at every location with specific admin authority to do certain things. Trend Vision One monitors that, allowing me to validate actions taken by admins. Trend Vision One caught various incidents, and it gives me a clear understanding of our environment and its activities, with quick searches and deeper capabilities.

With Trend Vision One, my favorite feature is the app they provide. You can turn on different features and notifications. The other night I was sitting at supper when the app went off, and I got an alert that was very strange. It turned out to be an event, and we got our cyber team together to mitigate the issue with Trend's IR Teams help, preventing any major problems. That app is a lifesaver.

The dashboard provides extensive information. It gives detailed information regarding endpoints and servers, tracking everything. You can search for things and run threat analysis. There are many features within there, and it's difficult to pinpoint one because all the features work very effectively together.

The centralized management feature contributes to faster decision-making within our security operations, greatly enhancing our response time. With all the features that Trend Vision One offers, it simplifies things. It clarifies what's going on inside your environment; with a click of a button, you can see what's happening and mitigate very fast.

In Trend Vision One, there is always room for improvement. The console is well done, but there might be a bit of improvement needed with the app's capabilities. I know they are constantly working on it, and they have regular Webinars "What's New In Trend Vision One" to share updates and enhancements that are taking place.

Trend also allows its VIP customers to pretest new features or products and enables us to give feedback on those we test. This is an incredible benefit to Trend's VIP program. I do not know of any other product like Trend Micro.

I've been using this solution for quite a while. It was about eight years ago when our company had Trend implemented at every location. We have eleven locations overall. In my opinion, it wasn't managed properly; the situation was quite poor. There were many updates that were needed. I approached management and expressed my desire to take over the project. I said, "I want this. I will do it, fix it, and make it work." Management agreed and gave me the responsibility.

What I did next was take all the servers, fix and upgrade them, and prepare them for migration to one on-site server. After that, we decided to move to the cloud. I gathered everything together and worked with Trend to get all of our endpoints and servers transitioned to the cloud. It's been an ongoing process with Trend, as there is always something that needs to be done.

I rate the stability of Trend Vision One as a ten out of ten.

I would rate the scalability of Trend Vision One as nine out of ten.

It is really good. They even have a feedback system to report suggestions or problems, which are addressed promptly. We also benefit from 24/7 monitoring, and we have direct contacts for technical issues and ongoing weekly support calls.

I would rate them a nine out of ten. There's always room for improvement. Five years ago, I would rate it as a five, but support has significantly improved in availability, responsiveness, and keeping me updated.

We purchased the software through CDW, which used to be called Sirius. That's how we acquired it. I have several contacts at Trend that I can reach out to directly, as I have been working with them for about eight years. They have helped me implement the software directly. I worked with Trend through the entire process. They have a learning platform with videos that break down each product. They show you step-by-step how to implement or use each solution. Trend Micro Service One, monitors our corporation, 24/7/365 support service. We can contact a representative, and they’ll get back to us if we encounter any problems or technical issues in our environment. They’ll even join us on a conference call to help. We also have a weekly call with them, where we can ask questions, and they guide us to the right resources and documentation. It’s really an incredible support package.

It wasn’t complicated to deploy. Now they offer a product called Server and Workload Protection, which is tailored specifically for servers. We're in the process of upgrading our servers to use this product. It’s more focused on server-specific security and functionality. When I used it about five years ago, the process was quite complex. I had problems and issues. Over the years, we moved away from the product — about four years ago — and we’re only now starting to return to it. The changes made in those four years are incredible. It’s like night and day. What used to take me days to deploy to one server now takes about half an hour. Trend is constantly updating, enhancing, and improving how things are done. It’s a continually evolving package. They’re even integrating AI capabilities now, which will greatly enhance what Trend products can do.

The capability of Trend Vision One to be deployed both on-premises and in the cloud has been extremely beneficial to my organization in terms of flexibility and scalability. Being in the cloud eliminates the need for on-prem servers. With several divisions, managing all of those on-prem servers was a nightmare. It was not an option, so I migrated to the cloud, which is a one-stop shop. We have our entire corporation in the cloud, making it easy to see everything without logging onto multiple servers; this saves a lot of time.

The solution itself does require some maintenance. The updates are automatic, so we don't need to manually check. However, some endpoints have to be maintained more carefully, ensuring they are fully updated because missing MS updates can prevent Trend Vision One from working correctly. It's good practice to keep everything up to date, which is crucial for managing over 1,000 endpoints and 200 servers. Trend Vision One allows us to see all software on a person's computer, even outdated web browsers, and it flags potential threats, which is an incredible feature.

In my organization, approximately three people work with Trend Vision One.

In terms of return on investment, I've seen a 100% return. It has paid for itself. Our company went through a ransomware event, and if Trend Vision One's IR Team had not stopped it, that could've closed the company's doors.

Trend Vision One is definitely cost-efficient compared to other solutions. I have seen others that are double or triple the price. I'm surprised Trend Vision One hasn't raised their prices, considering everything offered. Depending on the features selected, cost varies, but overall, endpoint and server security is very reasonable.

Comparing Trend Vision One to other solutions, I've seen other vendors with complicated software requiring extensive training to understand. If software is that hard to learn, I don't find it to be a viable solution. Learning takes weeks or months, potentially creating holes in security instead of securing it.

I would absolutely recommend Trend Vision One to other users because it's cost-efficient and it just works. It tells you what you need to do, alerts you of threats, and informs you about software needing updates. They have an IR team that is exceptional and works on the mitigation and remediation until all issues have been resolved! Over time, it becomes easier to understand, especially moving from on-prem to cloud deployment; there's no comparison.

I would rate the solution overall as a ten out of ten.

My use cases for Trend Vision One are typically reactive, letting it scan and monitor our environment, and we typically respond quickly to any workbenches that come up.

We also try to adapt to the Cyber Risk Index or the security score, keeping that at the lowest amount possible on a weekly or bi-weekly basis as we push out updates and do maintenance.

My favorite features in Trend Vision One include the Cyber Risk Index, which breaks down various pieces of info into one easily digestible score. I appreciate the workbenches. They provide a visual of how they operate for the most part, and I value the in-depth details they offer since we can mostly operate off of that, giving us enough info to crunch and figure out what's happening.

While it's not an actual feature of the application, I appreciate the clinics and seminars that Trend provides, as I went to one last year that got me from zero to beginner, and I hope to advance to intermediate with another seminar series this year.

Trend Vision One helps reduce my mean time to detect and respond to threats as without it, we would be scrambling and confused with not much information to go off of for threat hunting. I'm not sure what we were using previously. As long as I've been here, it's been Trend Vision One, and we're very happy with it. We're hesitant to shop around for any other provider since we think it's a very good product, and we appreciate the speed and breadth of data we receive from it.

I sometimes see noise from false positives with Trend Vision One. One clear instance involved the AI deep fake feature, which would throw up false positives whenever someone had a Teams meeting with a blurred background, leading us to turn it off as it activated for every meeting. Additionally, there were minor false positives throughout the year related to Microsoft update files and certain DLLs, however, they don't clutter Trend Vision One much and have essentially gone away in recent months.

I am very happy with Trend Vision One's platform ability to provide centralized visibility and management across protection layers. The platform extends into various categories, offering oversight over email and even flagging suspicious activities that occur on a server, despite not having a Trend Vision One agent on it. For instance, an admin setting up remote access on that server was flagged as suspicious, and I appreciate the reach that Trend Vision One has across different scattered categories it monitors.

In terms of improving Trend Vision One, it might sound silly, yet it seems notoriously uncooperative with middle clicks and opening sections in new tabs. I'm a big tab browser, and it feels hitting a brick wall when I have to refresh in a new tab or make a copy of a tab to move forward. If we can enable middle clicks to open sections in new tabs, it would greatly benefit me personally.

I've been using Trend Vision One for a few months, approximately eight to ten months at this point.

Regarding stability, I don't think Trend Vision One has ever caused any lagging, crashing, or downtime. There was one situation where we may have misconfigured something, forgetting a checkbox, and Trend Vision One's scheduled scans might have used some CPU resources, however, that's on our end. Besides that, Trend Vision One works exactly as intended and has never hindered our operations, feeling more a collaborator than a roadblock.

I don't think I've encountered any issues with scalability; we're growing steadily, and I believe Trend Vision One can keep up with our demand. Our company has about 200 employees in Canada, and I can foresee that if we doubled in size, Trend Vision One would accommodate that very easily.

I have contacted the technical support before. We're very happy with the technical support from Trend Vision One, feeling we have our own dedicated technician who knows the entire suite of applications. They are very intelligent and responsive, and as we submit feature requests, they seem to make it into the actual list of features in Trend Vision One, so we maintain a good relationship with their technical support and development teams.

I'm not sure what we were using previously. As long as I've been here, it's been Trend Vision One, and we're very happy with it. We're hesitant to shop around for any other provider as we consider it a very good product.

The experience of first using Trend Vision One is really difficult due to the steep learning curve. Thankfully, I attended a Trend Vision One seminar that got me from zero to beginner, as without that, it involves a lot of guesswork with little grounding to go off of. I really recommend their seminars and tutorials.

I do not know much about the pricing of Trend Vision One. My understanding is it's expensive. We pay for it anyway, and there's always sticker shock. Still, we feel it's necessary as this product covers all our needs.

We're hesitant to shop around for any other provider. Trend Vision One is a very good product, and we appreciate the speed and breadth of data we receive from it.

I'm not sure if I use the cyber risk exposure management capabilities. Trend Vision One requires very little maintenance on my end, mostly just keeping up with refreshing the license, which is about all I hear related to Trend Vision One maintenance.

Some top security challenges in my industry include securing anything exposed to the internet, especially since we were previously hit with ransomware. The ability of Trend Vision One to detect and cut off threats early, clean up files before they execute, and address phishing emails helps us significantly. We also have their email and collaborative security, which is crucial along with having zero-day protections to receive early warnings of threats, allowing us to act immediately outside our maintenance windows.

I'm not completely sure where we use the Trend Vision One sensors, as I didn't set them up. However, we do have a DDI that we paid a lot for, which is one of our biggest data sources and populates much of the information in Trend Vision One. We also have a network sensor at our different location in the United States, which is a temporary holdover until we can upgrade to something more robust.

It's not critical for my company that Trend Vision One has AI built into its platform in terms of needing a language model to explain things, however, AI is actually critical for threat detection and behavioral analysis. That aspect of behavior monitoring and action based on behavior is very important.

Trend Vision One has helped my organization reduce its cyber risk. For instance, even prior to acquiring the DDI, the DDI's presence on our network found a threat actively in progress, and we were able to act on it, demonstrating its effectiveness from day zero.

On a scale from one to ten, I would rate Trend Vision One a nine overall.

Our use case for Trend Vision One is for our security platform. We use it for antivirus, XDR, and network telemetry purposes.

Trend Vision One helped us to consolidate our use of security vendors and reduce silos. We had three or four consoles from different products, and we consolidated them into one console with this product.

Trend Vision One helped reduce the time to detect and respond to threats by 70% to 80%.

Trend Vision One has helped us reduce noise from false positives.

We have been using cyber risk exposure management for 2 months since upgrading in April. It helps us identify blind spots by providing more visibility and insights into our environment, making it a valuable feature.

We use the network sensor, and its coverage is critical. With SIEM, we gain substantial insights into our environment, and having a complete 360 view is necessary in today's security world. It reduces the risk by 50%.

Having AI built into the Trend Vision One platform is important for our organization. It reduces many manual steps, resulting in more and quicker detections and advanced automation for remediation, improving efficiency by 60% to 70%. The solution aims to reduce risks and enhance detection.

I like how easy it is, and there is a single pane of glass. We have one console for everything.

Trend Vision One provides centralized visibility and management across protection layers. It has the functionality of different products and management of a single pane of glass. We have one console for everything. As a security engineer, it's easier to check the alerts and find everything. It consolidates a lot of consoles into one, and that's what we like most about it.

Vulnerability scanning could be improved. They need to see more CVEs and scan products for known vulnerabilities, allowing for better display and review of potentially exploitable servers by hackers or through configuration settings.

We have been using Trend Vision One for approximately 18 months.

We haven't experienced any stability issues. It has proven to be stable.

The scalability of Trend Vision One is good.

I have contacted technical support from Trend Micro. The quality and speed of support are good.

It was easy. It took us one day to fully deploy Trend Vision One.

Some maintenance is required for updating agents on the servers.

The deployment involved just one person working with the vendor in one day.

Trend Vision One has reduced risks by 50%. We have reduced the response time by approximately 70%-80%.

When we have a good product such as Trend Vision One, the price is fine.

We have used Trend Micro products for many years, and we upgraded to Trend Vision One. We didn't test any alternatives, staying with what we've used for years.

I would rate Trend Vision One an eight out of ten.

We're in the retail business, we sell bicycles in physical stores, and our branches are our biggest attack surface. These locations are covered by our overall solution, including sensors and other protection.

We have 49 branches, a headquarters, and a central warehouse. That's about 1,200 users and 1,000 computers. Trend Vision One is used primarily by our IT team. We also integrate with Office 365, Azure, and our on-prem data center.

We use Trend Vision One for consolidated security in hybrid environments. We have both on-premise and cloud data centers, particularly in Azure. The platform consolidates all of that into one view.

Since we started using Trend Vision One, we've been able to enhance our security posture significantly.

Trend Vision One has improved significantly over time in providing centralized visibility and control. It started as a set of individual products, but now it feels like one integrated solution. This reduces the need for interfaces or multiple analysis tools. That's why we pursued the one-platform strategy.

Trend Vision One has definitely helped consolidate our use of security vendors. We previously used standalone products for endpoint and email protection that weren't integrated. Now, we get the benefits of an integrated solution. I'd estimate we're 50–70% better in security now than we were two years ago.

The Cyber Risk Exposure Management (CREM)feature is absolutely essential. Even though we're not critical infrastructure, the NIS2 directive gives us security guidelines. CREM helps us meet these requirements.

It is very important to our organization that Trend Vision One integrates AI into the platform. Pattern recognition in forensic data is no longer manageable by humans due to the volume of events. Machine learning is essential to process these and filter what needs human attention.

Trend Vision One has improved our organization significantly. Security tasks used to be manual. Now, technology prevents issues or supports staff in detecting them. This shift from manual to technical solutions greatly increased our security.

Trend Vision One has reduced the time we spend detecting and responding to threats. I'd say we're 80% faster than before. The platform gives us consolidated data upfront, so we don't have to search for event clues manually.

Trend Vision One has helped reduce false alarms. I'd estimate a 50–60% time saving. We have more alerts now than years ago, but also better systems to handle them, making the whole process more efficient. Trend Vision One has helped reduce our cyber risk overall. We now know where gaps are before they become problems, whereas in the past we had to guess. That's a massive improvement.

When it comes to operations, the CREM solution helps us identify vulnerabilities in systems. If we patch them, they disappear from the reports—this gives us actionable insights, which is incredibly helpful.

It took about half a year to realize the benefits of Trend Vision One after implementation.

The features of Trend Vision One are fine—it's the integration that needs work. Especially at the endpoint level, we still feel like we're using an older product that just got plugged into Trend Vision One. A fully integrated endpoint client is the next step.

My impression of the solution's stability is an eight out of ten.

I'd rate the scalability of Trend Vision One a nine.

The platform scales well. Our growth over the past three years has never caused performance or expansion issues.

The service support for Trend Vision One works well. The service desk and escalations function smoothly.

We used Kaspersky before Trend Vision One and switched due to BSI recommendations.

It took about half a year to realize the benefits of Trend Vision One after implementation. Migration processes took some time, but we quickly started seeing positive results.

A return on investment wasn't our goal with Trend Vision One. The goal was to achieve a high level of security at acceptable costs, not ROI calculation.

The pricing and licensing model for Trend Vision One is fair overall, especially with the good discounts we got. Currently, no extra costs—though we pay a monthly fee that gets converted into credits. I find the credit model non-transparent—you can't always tell how many licenses apply to which product. Trend Micro is working on improving this. We'll renegotiate pricing in 2026.

I joined the company in 2022 and brought knowledge of Trend Vision One with me. Our partner also recommended it, and the pricing and offers were so good that we didn't seriously consider alternatives.

We cover all areas of security with Trend Vision One, except for edge security—we use other firewalls there.

We deploy Trend Vision One sensors at the endpoint and for email, including Office 365, and we're expanding this further. We believe that having all data in one central system gives us better insight than using isolated solutions. That's why we initially looked for a one-platform solution.

In 2025, we can finally recognize risks effectively, especially in Azure, where we previously had to rely solely on Microsoft. With Trend Vision One's support, we can now detect and mitigate risks, especially with our core ERP system running in Azure starting this November.

My advice to others evaluating Trend Vision One is to understand the full value across all modules. Just using endpoint protection doesn't show the platform's real strength. The full benefits come when multiple modules are used together.

My overall rating for Trend Vision One is 8 out of 10.

Our usual use cases for Trend Vision One involve the detection of any kind of threat. We are getting alerts from the workbench on Trend Vision One and we perform threat hunting. If there are false positives, we close them, and in the case of true positives, we take action toward remediation and closure. Predominantly, we use it for threat management.

Trend Vision One is an integrated platform where I can get all the information about all the endpoints, whether it be a server, laptop, or desktop. Everything is integrated, allowing me to see everything within one console; that is one of the greatest advantages of Trend Vision One.

In terms of centralized visibility and management across protection layers, Trend Vision One provides protection across all attack vectors. It allows us to manage threats in all phases. We can even perform forensics where we can collect suspicious files remotely to submit to Trend Micro.

Trend Vision One helps reduce the time to detect and respond to threats. We get alerts in real-time. We receive notifications as email alerts, as well as alerts in the console. Through the workbench, we can monitor the console 24/7 with real-time information; there is not much delay.

Trend Vision One has helped us reduce noise from false positives, thanks to the SOAR functionality. We are able to configure automatic responses, and in case any false positives are identified, the Vision One console takes care of them automatically. This helps us reduce a lot of false positives.

Trend Vision One has indeed helped consolidate our use of security vendors and reduce silos. We sometimes get threat notifications from other vendor products, such as Microsoft Cloud App Security, which identifies threats, and we can trace similar traffic from the endpoints in Vision One. This correlation adds more value for our clients.

The most valuable feature of Trend Vision One is response management; when there is a malware issue, we need to isolate the endpoint, which I can do through response management. I can isolate an endpoint, restore the endpoint, and run manual malware scans, which will be very useful when performing malware remediation actions.

In future releases of Trend Vision One, I would like to see improvements regarding role-based access control, as it is important to ensure that when granting admin access to a person, their visibility is limited to only their respective markets. For example, while creating roles for countries like France, Germany, and Italy, they should only manage their own endpoints to maintain privacy and security.

I have been working with Trend Vision One for more than 2 years.

I have not encountered any issues with the stability of Trend Vision One. There have been no problems at all.

Stability is critically important for us with Trend Vision One; it is very stable, providing continuous 24/7 support, and we do not face challenges in accessing services from Trend Micro.

Regarding scalability, Trend Vision One accommodates many endpoints without any challenges, allowing easy expansion of our portfolio.

I would rate the technical support for Trend Vision One a perfect 10 out of 10, as Trend Micro supported us throughout the transition from on-prem servers or other vendors, providing top-notch service at all times.

Before using Trend Vision One, we were utilizing McAfee, and some of our clients were using Symantec. Currently, most clients have transitioned to Trend Micro.

The decision to switch from McAfee was driven by factors such as high costs and the global presence of organizations. Trend Micro has a more robust global reach and its pricing is very competitive compared to McAfee.

The initial setup of Trend Vision One is not complex; it is straightforward. We had the options in the Trend Vision One console, and we received training from Trend Micro-certified administrators. We had knowledge transfer sessions, and later, we successfully migrated our products from on-prem servers to the cloud.

We have been using the product for more than 7 to 8 years, and we did not face any challenges during this migration.

We have seen a return on investment with Trend Vision One, primarily in terms of having more confidence in addressing any kind of suspicious activities. Any such activities will be notified to us, allowing us to take action. The return on investment is apparent in managing the endpoints and addressing suspicious activity that might otherwise go unnoticed.

It has saved about 25% to 30% of our time. The risk has been reduced by more than 25% after switching to Trend Vision One.

Its price is very decent. It suits our requirements.

I did evaluate other options, including Microsoft Sentinel, but ultimately, most vendors choose Trend Vision One.

The factors that led us to choose Trend Vision One over Microsoft or other options include costs, and since we already have Microsoft for other protections (like M365 security protection), we opted for protection with a different vendor, rather than the same vendor.

I would rate Trend Vision One a nine out of ten.

We have been in contact with Trend Micro for a very long time. We have a Domino server, which is the alternative to an Exchange server, and we have implemented their virus scanner there. Because of that, we decided to stick with the company and integrate Email Gateway Protection as well. It is important for us because we host our own mail server, and we receive a huge amount of spam. The goal was to reduce that. So far, we have reduced our email traffic by almost 50%—thanks to email filtering. This means our employees do not have to handle those emails anymore.

We receive around 1,000,000 emails per year and 500,000 of those are junk. That was a key factor in saving work time. Every email that lands in an inbox has to be handled—either deleted or responded to. We tested this with different employees and found that deciding whether an email is relevant or junk takes about 10 to 15 seconds per email. With 500,000 unnecessary emails, you can imagine how much time we are saving company-wide.

Another major reason we implemented this solution is phishing emails. This is a huge issue. Trend Micro offers phishing awareness training, but ideally, these phishing emails should not even reach our company, as they are highly dangerous. So far, Trend Micro has filtered out around 3,700 phishing emails for us.

There is another extremely dangerous issue—malicious software hidden in attachments. If an employee clicks on such an attachment, files could get encrypted. In the past year, Trend Micro has intercepted 60 such cases, meaning 60 incidents where our files did not get encrypted.

This is why we use this solution. Of course, there are other providers, but we find Trend Vision One's interface very user-friendly. We also have a dashboard where we can track everything and pull these statistics.

In Germany, such a security solution is very important. Due to a change in the law, company management is now obligated to ensure that IT security is based on best practices. If they fail to do so or are unaware of their security status and neglect it, they are now personally liable with their private assets. I also need a tool that allows my management and board to monitor our security status. One of the reasons why we chose Trend Vision One was that it provides the option for the board to check the dashboards. This means that every morning while having coffee, they can see the security status of the company on their phones. They can also ask, "Hey, why is our security score high? Is our IT department not working properly? Or do we have a real problem that requires additional software or other measures?" Additionally, negotiations become easier for the IT department, for management, and for us. If security gaps arise, we can say, "Hey, we need software or an investment of a certain amount." We now have a solid foundation for our case.

We use email security and endpoint protection. Endpoint protection is installed on every computer and server, with enhanced sensors on the servers. These security tools are crucial for us—without them, we would be blind in IT. They allow us to monitor the health of each system and user activity, including preventing access to inappropriate websites.

We have a lot of remote work, and we used to struggle because we could not properly monitor devices outside our network or firewall. Now, we can control things like applications, websites, USB sticks, and external hard drives, which was previously impossible. A key feature of our endpoint protection is that if a computer reaches a certain security risk score, it is automatically blocked by the software. This means that if an attack occurs, the affected computer is isolated from the network, preventing further spread.

Our biggest challenge is not direct hacking attacks—our company is not a high-priority target. Instead, phishing emails are the main issue. These emails attempt to trick employees into making fraudulent payments or providing access to our systems, allowing ransomware installation. Email security is our biggest focus area.

It has significantly reduced email volume, which is crucial, especially for our security team, as they do not have time to review every message. IT also receives fewer inquiries about whether emails are legitimate. Additionally, phishing training has helped—our employees recognize phishing attempts better, and our click rate on phishing simulations has dropped to zero. Previously, conducting a phishing simulation would have cost €2,500 per test, but now, we can run one or two tests per month at no additional cost. This provides great value.

It is important for us that Trend Vision One has AI built into its platform. It is essential for detecting abnormalities quickly. Humans may not notice certain threats, but AI can. However, AI is not perfect and sometimes lets suspicious emails through, which we then manually review in quarantine. AI is constantly learning, and the more it improves, the less manual intervention is needed, which is beneficial for us.

We now have visibility. Previously, we were blind and could not assess our security status.

Trend Vision One helped reduce our time to detect and respond to threats. Previously, we relied on reading security forums and websites to identify vulnerabilities. Now, we get real-time alerts and can take immediate action.

Our speed has increased significantly. We can update and patch security threats daily, whereas before, it took weeks or even months.

Trend Vision One has helped our organization reduce its cyber risk, especially through endpoint protection. For example, our field employees used to connect unknown external hard drives, which posed a risk. That is no longer possible, eliminating a major threat vector.

Trend Vision One has helped consolidate our use of security vendors. Previously, we only had basic endpoint protection from another provider, which we replaced with Trend Vision. We now have more security software, not less, because our company has grown significantly—from a small business to a mid-sized enterprise. The IT department was lagging behind, and security was not a priority. Now, we manage everything with one provider, rather than multiple vendors.

The dashboard is valuable. It provides a comprehensive view of our security status and allows us to compare ourselves with other companies using Trend Vision. We can immediately see if we need to take action when updates are released with high CVE scores, without having to check multiple websites. This saves time and enables faster decision-making.

The platform provides not only visibility but also intervention capabilities, such as blocking threats. We are operating at a high level in this regard. I would rate Trend’s Vision One platform very high in providing centralized visibility and management across protection layers.

Improving the user interface would be helpful—it can be confusing, especially if you do not use it daily.

We do not see a need for additional features. The tool has so many capabilities that it can be overwhelming at first, which is why we implemented it step by step to avoid overwhelming our administrators.

We started with the Email Gateway Protection solution in December.

Its stability is very good. We have not had any failures so far.

Its scalability is very good as we can work with it flexibly.

We have an environment with 160 users and about 15 servers, all virtualized and running entirely on-premise.

It is very good. If we have a problem, we call Mr. Weckwert or send him an email and receive a response.

We used SonicWall’s endpoint protection before, but it had issues. For example, the endpoint protection conflicted with VPN installations, requiring us to uninstall security features before updating VPN settings—an unacceptable security risk. With Trend Vision, we feel much better protected.

SonicWall is just a basic antivirus tool, whereas Trend Vision One provides more advanced features like software firewalls and the ability to block specific applications and websites, such as preventing employees from using Telegram or WhatsApp on work computers.

A downside is that Trend Vision One requires more system resources, so we had to upgrade some computers with additional RAM. However, that is not just due to Trend Vision One but also Windows 11’s increased demands.

We use a hybrid model—Trend Vision’s cloud solution with local installations on our devices. We operate entirely on-premise.

We worked with a partner and now manage everything internally.

For the implementation, all admins were present to understand how it works. It was like a training session for us.

Fundamentally, there is one colleague responsible for it, and they spend about an hour to an hour and a half on it daily.

In terms of maintenance, it only requires updates.

We have seen an ROI through time savings. The email filtering system paid for itself within a year.

It is very good. The flexibility to temporarily exceed license limits when setting up new devices is helpful, as it allows us to ensure security before purchasing additional licenses.

Try it out. Ultimately, everyone has to decide for themselves if it fits their admin team. What I always say is that this tool monitors you and provides insights—it exposes weaknesses in an IT department. If IT management cannot handle that level of transparency, they should avoid it. If they see value in having more insights, it is a very valuable tool.

I would rate Trend Vision One an eight out of ten.

We use it for analytics. We check all the maps and communications when there is an incident or an issue. It is very helpful for analytics.

Trend Vision gives a lot of visibility. If you have a big environment, you can use it to see logs or events. It gives more visibility into what is going on in your infrastructure.

Last year, we experienced an attack attempt, and it gave us a lot of visibility. We were able to track the source and all the processes that were involved during the attack. For security, it is very good.

Trend Vision One has helped reduce our time to detect and respond to threats by 30% to 40%.

I find the maps particularly helpful. The object list, specifically the suspicious object list, is also quite valuable. You can simply add one object to that list to manage it from another solution.

It gives comprehensive visibility. It is very good. It gives a lot of visibility into all layers such as layer three or layer seven. It helps with monitoring the endpoints, including all the desktops and processes or communication between servers.

I believe that the interface could be more user-friendly. At times, it is challenging to locate certain features, and they need to reorganize the user interfaces.

I have been using the solution for one year.

I would rate their customer support a five out of ten. They sometimes do not give enough attention to the tickets. Even when I update a ticket or a case, they ask the same questions that I have already answered. I explain my problem, and they respond as if not paying enough attention.

Previously, we used another solution. We observed that Trend is trying to move all the solutions to Vision One. That is why we decided to transition, and it is working very well.

It gives more visibility. The other solution was focused only on the server or endpoint protection. It did not provide any tracks, just the basics. With Vision One, we can see all the information correlated in one place, which I find very helpful.

The initial setup is very easy. It is not very complicated. Sometimes, the documentation is not updated, but the processes are very intuitive, so it is not that hard.

In terms of the implementation strategy, we first focus on non-critical servers or appliances, and then we move on to critical ones.

It is being used in an enterprise environment at a data center.

The implementation may require two people, depending on the infrastructure and scale. You might need an engineer or an administrator.

For maintenance, there are two people. One person scans and reviews all the information and the other one is from the backup. It requires minimal maintenance.

Overall, the visibility and security that it provides are our returns on the investments.

I feel that Vision One is a bit expensive. As for the pricing or licensing, I would rate it a seven out of ten.

I would rate Vision One an eight out of ten.