Comprehensive Threat Protection, Seamless Integration
What do you like best about the product?
I like Trend Vision One's single unified console and XR capability, which provide real-time risk availability. It helps with quick response and strong protection against threats. I appreciate how it manages endpoint and email cloud servers, and enhances network security from the dashboard. I also value its capability to correct alerts across multiple security layers swiftly.
What do you dislike about the product?
rend Vision One is a cloud-native, extended detection and response (XDR) platform that provides unified threat detection, risk visibility, and coordinated response across endpoints, networks, cloud workloads, and email systems.
What problems is the product solving and how is that benefiting you?
I use Trend Vision One to detect and block malware and ransomware, respond to unknown threats, and identify multistage attacks. It compresses endpoints and secures high-risk laptops, providing real-time risk availability and strong protection across multiple security layers.
Virtual Patching Adds Essential Security for Legacy Systems
What do you like best about the product?
The Virtual Patching feature is especially valuable for critical production servers, as it can provide extra time before scheduled downtime. Additionally, it allows us to continue using legacy operating systems more securely.
What do you dislike about the product?
The real-time scanning feature sometimes conflicts with other tools.
What problems is the product solving and how is that benefiting you?
The Virtual Patching feature is especially valuable for critical production servers, as it can provide extra time before scheduled downtime.
XDR capabalites enhancing the security controle.
Unified Security Platform That Simplifies Protection
What do you like best about the product?
What I appreciate most about Trend Vision One is how it brings together various security layers into one centralized platform.
What do you dislike about the product?
At times, during a scheduled scan, the performance of the endpoint is impacted, causing it to become slow and unresponsive.
What problems is the product solving and how is that benefiting you?
Trendmicro Vision One addresses major security challenges by offering a unified detection system that correlates data across multiple platforms, helping to eliminate fragmented security approaches. It enhances threat detection and response with XDR, providing real-time alerts. Additionally, it improves visibility into the attack surface through cyber risk exposure management, allowing organizations to monitor digital assets and prioritize vulnerabilities more effectively.
Comprehensive Threat Detection with Impressive Dark Web Coverage
What do you like best about the product?
Sensors are present on the dark web as well, which helps in detecting account compromise cases through threat intelligence, even in these hidden areas.
What do you dislike about the product?
Synchonization issue between trend Micro vVsion One agent and the changes made in the on-prem Active directory where the agent is installed in the AD server also.
What problems is the product solving and how is that benefiting you?
I took a deep dive into the workbench alerts and XDR detection cases, which provided valuable insights. The AI adaptation within the portal has been helpful for automating processes. Additionally, I gained useful information about artifacts found on the dark web related to account compromise cases.
Platform has improved ransomware detection and now supports faster automated incident response
What is our primary use case?
TrendAI Vision One is our centralized platform for managing multiple security products, specifically on endpoint and workload security.
We have integrated TrendAI Vision One with Microsoft and AWS cloud accounts that we use. Our SOC team monitors TrendAI Vision One and the platform provides them with multiple views of data sets and detections that have occurred, helping them to quickly onboard with all the relevant data they should be aware of.
We are using TrendAI Vision One sensors across endpoint and workload security.
What is most valuable?
We were facing multiple cybersecurity incidents in our endpoint and workload security, including attacks such as ransomware and malware. TrendAI Vision One solves these problems by providing greater detection capabilities and automated response across all of these layers.
TrendAI Vision One helps with integration and correlation of multiple security solutions and provides us with better dashboard and reporting capabilities to showcase the data to our board.
We are seeing fewer threats and events across these security layers since we invested in TrendAI Vision One. The platform has been particularly useful in protecting against ransomware.
We are able to respond faster and quicker compared to earlier because of the automated response that TrendAI Vision One offers, which reduces our dependency on manual effort that was previously required.
What needs improvement?
TrendAI Vision One could bring in more data loss prevention capabilities specifically on the endpoints, as the current offering lacks some important capabilities.
They could also bring in data loss prevention capability and integrate with patch management solutions, which is overdue.
For how long have I used the solution?
We have been using TrendAI Vision One for the past three and a half years.
What other advice do I have?
It is extremely important to protect sensitive and critical data that resides on servers.
I would say TrendAI Vision One is a really good platform overall, and we found it fitting into our budget compared to competitive solutions. I would rate this product highly.
Easy Setup, Centralized Management with Trend Vision One
What do you like best about the product?
I like the inventory part as well as the DLP part of Trend Vision One. It's valuable because it's centralized and managed, which I find to be a fantastic feature. The initial setup was very easy, and it's conveniently updated in one click.
What do you dislike about the product?
The options and all need to be more easy. It looks like there are fewer main menu items and a lot of sub-menus on Trend Vision One compared to Apex One Max.
What problems is the product solving and how is that benefiting you?
Benefits by addressing the lack of Centralized Visibility Across Environments and faster Threat Detection and Response
Outstanding Security and Device Control
What do you like best about the product?
best thing are the security part to control the device
What do you dislike about the product?
We would like to understand the aspects of security incident detection
What problems is the product solving and how is that benefiting you?
Major part is to control the web attacks by blocking it from ZTSA and detection of device control, anti virus features which are scanned regularly
Centralized Threat Monitoring with Seamless Setup
What do you like best about the product?
I like Trend Vision One because it has a single dashboard for all security needs, covering machine-level, user account-level, and asset graph data. I appreciate the recommendations for threats or vulnerabilities it offers. It also has playbooks to automate actions, which is very convenient. In the CREM dashboard, I can see detailed information about machine, user, application, cloud asset risks, as well as public-facing domain and IP address risk management. The asset graph provides detailed information about user login accounts. I love that the playbooks include options to isolate specific infected machines from the network, restrict internet access, and take user-account-level actions like disabling or locking an account. The initial setup was very straightforward.
What do you dislike about the product?
I find the reporting part lacking. Currently, in Trend Vision One, reports cannot be scheduled with attachments; they only include links to view the report, which is a limitation. Trend micro does not having DLP features for MAC OS
What problems is the product solving and how is that benefiting you?
Trend Vision One helps monitor system and application vulnerabilities, prevents password leaks, and identifies threats. Its single dashboard consolidates security data, asset graphs detail user logins, and playbooks automate threat responses, making it easier to manage network security.
Ransomware playbooks have strengthened protection and improve threat detection and response
What is our primary use case?
My main use case for TrendAI Vision One is for ransomware protection, user behavior analysis, and protection. I use TrendAI Vision One for threat detection and response, which helps me with investigation and response. It helps to integrate with the existing infrastructure as my main use case for TrendAI Vision One. Data loss prevention has been a valuable use case with the endpoint security as a feature that stands out to me. The top security challenges in my industry include improving the cyber risk posture and ransomware protection, and TrendAI Vision One is helping me address them, especially for ransomware protection.
What is most valuable?
I find threat detection and response and remediation using playbooks the most useful features TrendAI Vision One offers me.
In a case of a ransomware incident, the playbook in TrendAI Vision One immediately contained the infection by isolating the endpoint, demonstrating how those playbooks and the detection and response features help me in my day-to-day work.
TrendAI Vision One has positively impacted my organization by specifically helping improve security posture and response time for threat handling, as well as improving our cyber risk score.
TrendAI Vision One has made managing security easier for me compared to earlier by providing centralized visibility and management across protection layers.
What needs improvement?
The area where I think TrendAI Vision One can improve is the technical support. TrendAI Vision One should speed up the response time for the support tickets that have been opened regarding needed improvements.
For how long have I used the solution?
I have been using TrendAI Vision One for almost one year now.
What other advice do I have?
TrendAI Vision One should speed up the response time for the support tickets that have been opened regarding needed improvements. I rate TrendAI Vision One a nine out of ten because TrendAI Vision One can improve the technical support. I am using TrendAI Vision One sensors on the endpoint, as well as on the endpoint and workloads. Covering the endpoint is very critical for my organization's network because the endpoint is one of the most important areas to be protected. TrendAI Vision One has helped reduce my time to detect and respond to threats; in my previous studies, I found the detection and response has come down from weeks to only days. My overall review rating for TrendAI Vision One is nine.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Centralized threat hunting has improved endpoint visibility and allows silent remote remediation
What is our primary use case?
TrendAI Vision One use cases are mostly related to endpoints, such as detecting registry modifications or new software being added, as well as monitoring for malicious activities including PowerShell scripts, double extension files, ransomware, and crypto miners. Since I work for the financial sector, it is crucial to ensure there are no remote software programs running, especially regarding banking security.
What is most valuable?
TrendAI Vision One has two types of alerts that help reduce the time to detect and respond to threats. The first is based on alerts and workbench ID, while the second is host-based detections, allowing me to see all different threats on particular endpoints over a selected time frame. I can check for various endpoints affected by different alerts and customize this for specific time frames. Monitoring critical assets, threat hunting, and running queries are feasible tasks, providing a comprehensive overview of endpoint security and the ability to remove malicious files quickly.
One of the best features of TrendAI Vision One is its ability to let me remediate endpoints without disturbing branch users, as long as the endpoint is online and connected. I can delete files or take control through the console by informing the bank's security team to get approval. Another great feature is viewing alerts, segregating them by type and host, which makes it easier to fine-tune security and monitor critical resources. Additionally, the ability to create reference sets for known malicious hashes enhances detection capabilities across endpoints.
TrendAI Vision One saves resources and time. It provides better visibility of endpoints compared to other security management tools, which makes it invaluable. For smaller organizations that may not afford multiple tools, an XDR solution can handle their security needs effectively.
TrendAI Vision One allows mitigation of threats without interrupting branch users' regular work, which is its unique selling point.
What needs improvement?
The area for improvement is to provide more clarity on the query part, including examples for creating reference sets and documenting capabilities thoroughly so future users can benefit without needing to experiment.
Documenting the capabilities of endpoint consoles would also be beneficial for new users understanding what can be done effectively.
For how long have I used the solution?
I initially used the first EDR approximately two years ago, and now I have been using TrendAI Vision One for eight to nine months.
What do I think about the stability of the solution?
The stability of TrendAI Vision One is good; I would rate it an eight.
What do I think about the scalability of the solution?
I would rate the scalability at eight and a half.
How are customer service and support?
I have not worked with technical support yet, so I cannot rate it.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I have not worked with other solutions yet, so I can only speak to my experience with TrendAI Vision One XDR, which I find to be good for handling threats across endpoints.
How was the initial setup?
I am not aware of the deployment process since I have not been involved with it.
What about the implementation team?
Only a few of us are using the solution currently—my manager and I. Due to my background in threat hunting, I have admin access to monitor various alerts and create reference sets for potential threats effectively.
Only three or four users have access to TrendAI Vision One, including my manager and me from the vendor side, and two from the bank end.
I am a vendor hired for SOC security and threat hunting, working for IBM clients.
What was our ROI?
I cannot estimate the return on investment accurately, as I do not have insight into the financials. However, I can say that the tool is good, particularly the basic subscription which provides me with necessary tools and knowledge to protect security.
What's my experience with pricing, setup cost, and licensing?
I do not have any information regarding the pricing, so I cannot comment on that.
Which other solutions did I evaluate?
Every organization typically installs antivirus agents on their endpoints and servers.
What other advice do I have?
My false positives have decreased, but reducing them requires thorough investigation. For example, each endpoint has its own scanning device, such as Windows Defender.
Apex Central is attempting to stop the services of Windows Defender, leading to alerts when malicious behavior is detected. Through thorough investigation, I have identified that while Apex Central might not directly stop processes, it does so using CMDlets. Hence, I decided to whitelist that.
TrendAI Vision One reduces endpoint risk by approximately 60 to 70 percent; the remaining 30 percent can be due to other factors such as phishing and web interactions.
For small organizations, implementing TrendAI Vision One is a wise choice because it delivers great visibility and clarity on endpoint threats, enabling effective monitoring and quarantining regardless of the environment.
TrendAI Vision One sensors are being used on the endpoints.
I do not know if Cyber Risk Exposure Management comes under the basic subscription, as I mostly focus on threat hunting and do not recall using it.
If the suggested improvements are implemented, it will be even more flexible and feasible.
I give this review an overall rating of 9 out of 10, and I definitely recommend TrendAI Vision One to other users because it provides solid security for endpoint protection.
