TrendAI Vision One is our centralized platform for managing multiple security products, specifically on endpoint and workload security.

We have integrated TrendAI Vision One with Microsoft and AWS cloud accounts that we use. Our SOC team monitors TrendAI Vision One and the platform provides them with multiple views of data sets and detections that have occurred, helping them to quickly onboard with all the relevant data they should be aware of.

We are using TrendAI Vision One sensors across endpoint and workload security.

We were facing multiple cybersecurity incidents in our endpoint and workload security, including attacks such as ransomware and malware. TrendAI Vision One solves these problems by providing greater detection capabilities and automated response across all of these layers.

TrendAI Vision One helps with integration and correlation of multiple security solutions and provides us with better dashboard and reporting capabilities to showcase the data to our board.

We are seeing fewer threats and events across these security layers since we invested in TrendAI Vision One. The platform has been particularly useful in protecting against ransomware.

We are able to respond faster and quicker compared to earlier because of the automated response that TrendAI Vision One offers, which reduces our dependency on manual effort that was previously required.

TrendAI Vision One could bring in more data loss prevention capabilities specifically on the endpoints, as the current offering lacks some important capabilities.

They could also bring in data loss prevention capability and integrate with patch management solutions, which is overdue.

We have been using TrendAI Vision One for the past three and a half years.

It is extremely important to protect sensitive and critical data that resides on servers.

I would say TrendAI Vision One is a really good platform overall, and we found it fitting into our budget compared to competitive solutions. I would rate this product highly.

TrendAI Vision One use cases are mostly related to endpoints, such as detecting registry modifications or new software being added, as well as monitoring for malicious activities including PowerShell scripts, double extension files, ransomware, and crypto miners. Since I work for the financial sector, it is crucial to ensure there are no remote software programs running, especially regarding banking security.

TrendAI Vision One has two types of alerts that help reduce the time to detect and respond to threats. The first is based on alerts and workbench ID, while the second is host-based detections, allowing me to see all different threats on particular endpoints over a selected time frame. I can check for various endpoints affected by different alerts and customize this for specific time frames. Monitoring critical assets, threat hunting, and running queries are feasible tasks, providing a comprehensive overview of endpoint security and the ability to remove malicious files quickly.

One of the best features of TrendAI Vision One is its ability to let me remediate endpoints without disturbing branch users, as long as the endpoint is online and connected. I can delete files or take control through the console by informing the bank's security team to get approval. Another great feature is viewing alerts, segregating them by type and host, which makes it easier to fine-tune security and monitor critical resources. Additionally, the ability to create reference sets for known malicious hashes enhances detection capabilities across endpoints.

TrendAI Vision One saves resources and time. It provides better visibility of endpoints compared to other security management tools, which makes it invaluable. For smaller organizations that may not afford multiple tools, an XDR solution can handle their security needs effectively.

TrendAI Vision One allows mitigation of threats without interrupting branch users' regular work, which is its unique selling point.

The area for improvement is to provide more clarity on the query part, including examples for creating reference sets and documenting capabilities thoroughly so future users can benefit without needing to experiment.

Documenting the capabilities of endpoint consoles would also be beneficial for new users understanding what can be done effectively.

I initially used the first EDR approximately two years ago, and now I have been using TrendAI Vision One for eight to nine months.

The stability of TrendAI Vision One is good; I would rate it an eight.

I would rate the scalability at eight and a half.

I have not worked with technical support yet, so I cannot rate it.

I have not worked with other solutions yet, so I can only speak to my experience with TrendAI Vision One XDR, which I find to be good for handling threats across endpoints.

I am not aware of the deployment process since I have not been involved with it.

Only a few of us are using the solution currently—my manager and I. Due to my background in threat hunting, I have admin access to monitor various alerts and create reference sets for potential threats effectively.

Only three or four users have access to TrendAI Vision One, including my manager and me from the vendor side, and two from the bank end.

I am a vendor hired for SOC security and threat hunting, working for IBM clients.

I cannot estimate the return on investment accurately, as I do not have insight into the financials. However, I can say that the tool is good, particularly the basic subscription which provides me with necessary tools and knowledge to protect security.

I do not have any information regarding the pricing, so I cannot comment on that.

Every organization typically installs antivirus agents on their endpoints and servers.

My false positives have decreased, but reducing them requires thorough investigation. For example, each endpoint has its own scanning device, such as Windows Defender.

Apex Central is attempting to stop the services of Windows Defender, leading to alerts when malicious behavior is detected. Through thorough investigation, I have identified that while Apex Central might not directly stop processes, it does so using CMDlets. Hence, I decided to whitelist that.

TrendAI Vision One reduces endpoint risk by approximately 60 to 70 percent; the remaining 30 percent can be due to other factors such as phishing and web interactions.

For small organizations, implementing TrendAI Vision One is a wise choice because it delivers great visibility and clarity on endpoint threats, enabling effective monitoring and quarantining regardless of the environment.

TrendAI Vision One sensors are being used on the endpoints.

I do not know if Cyber Risk Exposure Management comes under the basic subscription, as I mostly focus on threat hunting and do not recall using it.

If the suggested improvements are implemented, it will be even more flexible and feasible.

I give this review an overall rating of 9 out of 10, and I definitely recommend TrendAI Vision One to other users because it provides solid security for endpoint protection.

I have experience with TrendAI Vision One, specifically using endpoint security, email security, and all of the modules that are used most commonly.

We mostly install TrendAI Vision One endpoint security in all client organizations, configure everything covering endpoints, servers, emails, and then work on the alerts for them as the need arises.

We are using the sensors that are included in TrendAI Vision One.

TrendAI Vision One has helped me to consolidate my use of security vendors quite a lot. Many of my clients were using different brands of antivirus for the server security and endpoint security, and another product for email security. Because of TrendAI Vision One, they were able to combine all of them in the same console. This reduced a lot of siloed tools.

I am quite impressed by the speed with which the server policy gets deployed. While the endpoint policy takes about 15 minutes to get assigned to the system, server policy is quite quick in that regard.

The coverage of these sensors is quite vast. When compared to other antiviruses, we found that TrendAI Vision One does cover quite a lot of ground.

The endpoint security policy for standard endpoints with TrendAI Vision One takes a lot of time. It would be beneficial if there were DLP features in it, as many customers require that. While TrendAI Vision One's full suite is quite impressive, customers have to find another product for DLP and file monitoring. TrendAI Vision One does have a not fully-fledged DLP in the endpoint security part, and it sometimes hangs up the PC when we apply it.

The alerts could be better because when an alert comes for an email that has been compromised and found on the dark web, we cannot quite find where it got compromised from.

The network part is something that needs to be worked on because most of the time we have to look at the firewall to get the full scenario or coverage.

We have found a lot of performance issues with TrendAI Vision One agents. They are not lightweight. The first time I used TrendAI Vision One, the agent was 500 MB. Now that I am using them, the initial size is 800 MB. Sometimes the CPU utilization is so high that the computer crashes or lags behind. This is a really big concern for everyone using TrendAI Vision One.

TrendAI Vision One is quite a good tool because there are not any issues in scalability. We can easily add more licenses to it and increase our organization security. Scalability-wise, it is good.

I have contacted the technical support or customer support of TrendAI Vision One quite a lot.

The engineers are quite helpful when they respond, but I have found that sometimes the assigned engineer responds to the first query a bit too late. I can see in the portal that the engineer has been assigned to my case, but we have to prompt them to give us a reply because nobody is answering. We have to call TrendAI Vision One support sometimes. Once we start the case, the responses are quite helpful, though we have had to escalate some of the cases quite a lot when customers need it.

I have not basically used any alternatives to TrendAI Vision One. I have tried CrowdStrike and Symantec. Symantec is so far out of TrendAI Vision One's reach and CrowdStrike, I have not used it much, but it is a bit harder to configure than TrendAI Vision One. I find TrendAI Vision One's UI much easier.

The initial deployment of TrendAI Vision One is quite easy since it is basically a cloud-based app, and you just have to deploy the agent.

If integrating AD with TrendAI Vision One, I am sure only one person would be needed. If you have to deploy and install the agents directly into the systems, at least four to five people are needed if the size of the organization is for 1,000 to 2,000 employees.

It would take one or two months to deploy TrendAI Vision One for a client, but mostly because sometimes things get delayed on the client side.

No maintenance is required on our side for TrendAI Vision One.

I am not into sales, but we have lost a few customers because of the pricing of TrendAI Vision One. They seem to gravitate to Symantec and others because their pricing range is quite less than TrendAI Vision One, and we have lost them because of that.

My review rating for TrendAI Vision One is 9 out of 10.

My use case is to monitor my entire infrastructure, investigate the latest vulnerabilities, identify loopholes, and monitor live threat detections to mitigate these threats.

TrendAI Vision One's best features are the ESRM and its email gateways, along with its playbooks, which are useful for testing any threat or vulnerability.

It helps in identifying blind spots by providing comprehensive knowledge about risk assessment and a method to compare our organization with others, allowing us to understand our current stage in cybersecurity.

TrendAI Vision One needs to work on its logging system as the logging systems are very complex, and they need to reform their logs in a more informative way.

I have been using TrendAI Vision One for the last three years.

I would rate the stability an eight.

I would rate the scalability a nine.

Their response rate is approximately 80 to 90%, and they mitigate the issue.

I would rate the technical support a nine.

I compare TrendAI Vision One with Trellix and Kaspersky, and compared to both of these, TrendAI Vision One is very useful with one-window operation and is a market-gaining product.

The deployment is easy and very moderate, taking approximately one month.

It was a partner purchase.

The ROI is positive, and I see a reduction of 100%.

TrendAI Vision One is not so expensive; it is very moderate.

TrendAI Vision One is very effective and very market competitive, which is why we are using it.

I will definitely recommend this product because of its deep knowledge and deep features, such as ESRM, playbooks, and other email gateways.

We have approximately 50 users.

I do use TrendAI Vision One sensors, and they totally cover our network as we are using network sensors and service gateways to scan the whole network and gather information about our loopholes, mitigations, and vulnerabilities with respect to the latest CVEs.

I give this product a rating of 9.