I have experience with TrendAI Vision One, specifically using endpoint security, email security, and all of the modules that are used most commonly.

We mostly install TrendAI Vision One endpoint security in all client organizations, configure everything covering endpoints, servers, emails, and then work on the alerts for them as the need arises.

We are using the sensors that are included in TrendAI Vision One.

TrendAI Vision One has helped me to consolidate my use of security vendors quite a lot. Many of my clients were using different brands of antivirus for the server security and endpoint security, and another product for email security. Because of TrendAI Vision One, they were able to combine all of them in the same console. This reduced a lot of siloed tools.

I am quite impressed by the speed with which the server policy gets deployed. While the endpoint policy takes about 15 minutes to get assigned to the system, server policy is quite quick in that regard.

The coverage of these sensors is quite vast. When compared to other antiviruses, we found that TrendAI Vision One does cover quite a lot of ground.

The endpoint security policy for standard endpoints with TrendAI Vision One takes a lot of time. It would be beneficial if there were DLP features in it, as many customers require that. While TrendAI Vision One's full suite is quite impressive, customers have to find another product for DLP and file monitoring. TrendAI Vision One does have a not fully-fledged DLP in the endpoint security part, and it sometimes hangs up the PC when we apply it.

The alerts could be better because when an alert comes for an email that has been compromised and found on the dark web, we cannot quite find where it got compromised from.

The network part is something that needs to be worked on because most of the time we have to look at the firewall to get the full scenario or coverage.

We have found a lot of performance issues with TrendAI Vision One agents. They are not lightweight. The first time I used TrendAI Vision One, the agent was 500 MB. Now that I am using them, the initial size is 800 MB. Sometimes the CPU utilization is so high that the computer crashes or lags behind. This is a really big concern for everyone using TrendAI Vision One.

TrendAI Vision One is quite a good tool because there are not any issues in scalability. We can easily add more licenses to it and increase our organization security. Scalability-wise, it is good.

I have contacted the technical support or customer support of TrendAI Vision One quite a lot.

The engineers are quite helpful when they respond, but I have found that sometimes the assigned engineer responds to the first query a bit too late. I can see in the portal that the engineer has been assigned to my case, but we have to prompt them to give us a reply because nobody is answering. We have to call TrendAI Vision One support sometimes. Once we start the case, the responses are quite helpful, though we have had to escalate some of the cases quite a lot when customers need it.

I have not basically used any alternatives to TrendAI Vision One. I have tried CrowdStrike and Symantec. Symantec is so far out of TrendAI Vision One's reach and CrowdStrike, I have not used it much, but it is a bit harder to configure than TrendAI Vision One. I find TrendAI Vision One's UI much easier.

The initial deployment of TrendAI Vision One is quite easy since it is basically a cloud-based app, and you just have to deploy the agent.

If integrating AD with TrendAI Vision One, I am sure only one person would be needed. If you have to deploy and install the agents directly into the systems, at least four to five people are needed if the size of the organization is for 1,000 to 2,000 employees.

It would take one or two months to deploy TrendAI Vision One for a client, but mostly because sometimes things get delayed on the client side.

No maintenance is required on our side for TrendAI Vision One.

I am not into sales, but we have lost a few customers because of the pricing of TrendAI Vision One. They seem to gravitate to Symantec and others because their pricing range is quite less than TrendAI Vision One, and we have lost them because of that.

My review rating for TrendAI Vision One is 9 out of 10.

My use case is to monitor my entire infrastructure, investigate the latest vulnerabilities, identify loopholes, and monitor live threat detections to mitigate these threats.

TrendAI Vision One's best features are the ESRM and its email gateways, along with its playbooks, which are useful for testing any threat or vulnerability.

It helps in identifying blind spots by providing comprehensive knowledge about risk assessment and a method to compare our organization with others, allowing us to understand our current stage in cybersecurity.

TrendAI Vision One needs to work on its logging system as the logging systems are very complex, and they need to reform their logs in a more informative way.

I have been using TrendAI Vision One for the last three years.

I would rate the stability an eight.

I would rate the scalability a nine.

Their response rate is approximately 80 to 90%, and they mitigate the issue.

I would rate the technical support a nine.

I compare TrendAI Vision One with Trellix and Kaspersky, and compared to both of these, TrendAI Vision One is very useful with one-window operation and is a market-gaining product.

The deployment is easy and very moderate, taking approximately one month.

It was a partner purchase.

The ROI is positive, and I see a reduction of 100%.

TrendAI Vision One is not so expensive; it is very moderate.

TrendAI Vision One is very effective and very market competitive, which is why we are using it.

I will definitely recommend this product because of its deep knowledge and deep features, such as ESRM, playbooks, and other email gateways.

We have approximately 50 users.

I do use TrendAI Vision One sensors, and they totally cover our network as we are using network sensors and service gateways to scan the whole network and gather information about our loopholes, mitigations, and vulnerabilities with respect to the latest CVEs.

I give this product a rating of 9.

I work on TrendAI Vision One endpoint security in the XDR part. I have been working with TrendAI Vision One for approximately two years. We manage multiple endpoints, approximately 3,000 endpoints. We collect telemetric data from there and check all the servers in our inventory, whether they are online or offline. We troubleshoot whether there is unusual activity happening on the endpoint. TrendAI Vision One generates alerts for any suspicious activity, and then we mitigate accordingly. We are using TrendAI Vision One's sensors on endpoints and servers.

The versatility of TrendAI Vision One is what I like the most; we have a lot of options. The segregation is best, with endpoints divided into separate parts and servers into different parts. The policies are well-figured and well-maintained. We have the threat hunting part, the mitigation part, and the sandboxing capabilities. The areas to explore in TrendAI Vision One are fabulous. We can divide the endpoint on our own, and the server part is also great. It is very user-friendly, and we can segregate it on our basis. We can generate alerts on the basis of what we want. We have the option of playbooks, which makes it a more user-friendly and understandable environment that gives us exactly what we want.

TrendAI Vision One is very critical for us because we do not use an EDR tool; we use an XDR tool only, and we have integrated it with the SIM solution. If we did not have TrendAI Vision One, we would not be receiving the traffic or SIM data, and if there is any individual traffic or any individual behavior in the network, we would not be able to recognize it without it.

The biggest challenge is that users take care of their laptops approximately 80% of the time, but when there is an outbound connection, the user is not able to do anything. The user does not understand if he gets redirected from a legitimate site to another site through backtracking. At that time, the user is not itself involved in this, but TrendAI Vision One blocks the site on its own. It blocks the traffic on its own, which is the greatest thing and the live working thing with TrendAI Vision One that helps us.

We have the Cyber Risk Exposure Management capabilities in TrendAI Vision One. It shows us how much risk is in our environment based on the data it takes from the endpoints and the environment. We check that on a regular basis and develop a report every day on the basis of that. It is very great and gives us much more visualization. We do not need to go anywhere; we just need to open that and check where it is happening, and it gives us the best results.

In exposure management, we have multiple parts covering spyware and malware. Approximately six or seven months ago, one of the users was trying to access a website and it was getting linked to another website which was carrying grayware, which is a kind of spyware. Usually, the EDR solution does not track that because it is a web traffic issue, and EDR solutions are not able to track spyware much because it is only a bit suspicious without anything malicious in it. However, in the exposure management part, we received an alert of unusual traffic. We checked the telemetric data and all other things through our VTA and other tools. We did not find much that was malicious, but TrendAI Vision One was generating an alert again and again. We deep-dived into it and found that the website itself was not malicious, but it was carrying some spyware and was redirecting to something different. That was the best experience I had from the past two years.

When we started to use the product, the policies were not fitted properly. At that time, we used to receive a lot of false positive alerts. After doing some fine-tuning and adjusting some playbooks, the noise has been reduced to 80 to 90 percent. A lot of data has started coming in, and the data we get now is mostly true positive. We get to segregate it easily because the noise is reduced.

The AI of Trend Micro is really very good. If we are getting an alert and analyzing it, people sometimes ask to charge ChatGPT, but that is not good because that data is going to ChatGPT and that is not safe either. If we are asking the AI model of Trend Micro only, that is the best thing because our data is not going to anyone external, and Trend Micro already has that data. At that time, the threat gets less. However, the area where it should improve is that it gets stuck. It does not have that much amount of data. It does not understand easily, and we have to explain it more. I suggest that you make sure to train that model a bit more.

Apart from that, the rest of the things are really very fine. Only the AI part needs to be learned more. The AI should be given more data and should be made to understand more how to work. The rest of things are great, really great.

I have been working with TrendAI Vision One for approximately two years.

On Diwali, I do not remember the exact date, but it may have coincided with the AWS outage. We were not able to log into TrendAI Vision One due to a problem in the back end, which I believe was due to the AWS outage. We were not able to log in for approximately an hour or two. At that time, it caused us a lot of crisis because anything could have happened at that time. Fortunately, everything was on its case after we logged in. No attack happened during that one to two hours, and everything was fixed.

I found TrendAI Vision One to be very scalable because it is adaptive in nature. It takes care of vulnerabilities on its own. Its core services and AI-driven capabilities are also good. It has threat management on its own, and its effectiveness is also good; it is efficient.

I would rate customer service as 4 out of 10.

The setup process of TrendAI Vision One is pretty quite easy. We set up a path and keep the sensor there and then run it as an illustrator and perform some basic steps. We check the telnet of the URL and ping the IPs. If everything is working fine, then the connectivity is perfect and we are good to go.

I work in the Cybersecurity department. We do the deployment and take care of the security part end-to-end. I have not personally done the implementation myself, but I have done this work and I have knowledge about this all.

I have used Centra one, which is a very small product compared to TrendAI Vision One. TrendAI Vision One has many things in it and takes care of many servers. In Centra one, we have global sites and endpoints, but all the policies are at one place with all the endpoints and servers at one place, which is a bit of a hurdle when we take care of compliance. In TrendAI Vision One, we have that at different places, which makes it help us a lot. Centra one is an EDR solution that takes care of endpoints only and does not take care of the network. TrendAI Vision One takes care of the network also. If we have ten laptops in the environment and only eight of them are integrated with the XDR, then the remaining two will sometimes generate an alert on the basis of network. In EDR, if the eight endpoints are integrated, we will get the data of those eight only. That is the plus point here. If there is anything in the network, we will get to know. I also use other India solutions like Sentinel One and CrowdStrike.

I gave my highest consideration to TrendAI Vision One based on its integration and its user-friendly nature. Everything is segregated properly. The servers we get on the different part, and the endpoints we get on the different part. The alerts for the servers we get on the different part and for the endpoints we get on the different part. One more thing that is great is the workbench part. We have OAT, we have EPR, we have other things, but the best thing about it is its workbench. If we get an alert anywhere in the EDR XDR part and if that is much critical and it is getting an alert again and again, then TrendAI Vision One on its own generates its workbench. What makes it easy is the check that this one is more critical, and we should go and check this one first and then move to another part. It helps us to reduce the time to check which one we should go first and which we should check second. As an incident responder, it is very good to segregate the criticality of the function. If TrendAI Vision One gives that on its own, it becomes really very helpful.

We do face vulnerabilities. I know of Zbot, which is one vulnerability. We were getting an OAT alert over that vulnerability, and we were getting many more alerts also. We got approximately 40 to 50 alerts in an hour. For an incident responder, it becomes hard to decide which one to pick first and which one to resolve first. The workbench came here and analyzed all of the data and generated one workbench indicating that we should first go for this host and check the details here because it is more crucial than the other one. Security is never complete, so we can go for the more critical one which will be affecting the business more, and then we should resolve that first and then move to the other part. That is the best thing ever.

Whenever TrendAI Vision One gets connected to any malicious IPs or URLs or anything, it blocks it first and then generates the alert. If it is not blocked, it generates the alert, and then we analyze the telemetric data and find the URL and IPs from it. We then make sure to block it from our end, not from the XDR only, but from the SIM and other firewalls and all the tools. We do threat hunting from it. We check the telemetric data on a regular basis and find some URLs and IPs, and then we block it from the firewall and our SIM, EDR, XDR, and another tool. What happens from it is we know that this IP is malicious. We get the advisory, we block it from our side, and we give these IPs and URLs to another security tool so they block it. In the future, if a user clicks that malicious IP or visits those malicious links, TrendAI Vision One will block it on its own.

I would also like to mention that we do isolate the machines from the back end when they are not compliant or when the version is older. After isolation, the network gets completely isolated, the user tends to work faster, and our compliance gets maintained much more easily. The data encryption and access controls across the isolated system for the non-compliance does not get much of the risk, and our data also gets out of the control. The inconsistency of security comes into the point, and then our compliance gets maintained properly, and it is all because of the silo performance. I know that Trend Micro works for the hybrid environment, but right now we do not use that. We have on-premises for all the things. We are thinking to shift over the cloud, but right now we have not shifted.

One thing I would like to suggest is the user login and log out time. If we have ten users integrated with the XDR solution, it should show us when the user was last logged in and when it was logged out. That time should reflect over the console. The blocking capability works most of the time, but it does not work every time, which is a bit problematic.

I rate this product 9 out of 10.

My use case for TrendAI Vision One is in a SOC, specifically for Security Operation Monitoring. I am a SOC analyst responsible for over 200 clients. TrendAI Vision One works effectively for us because it alerts us when suspicious activities occur, such as ransomware attacks. For example, if a possible spear-phishing attack happens where a phishing email comes into our organization, TrendAI Vision One monitors it as a SIEM tool. It captures logs from servers, desktops, and users, generating alerts for suspicious activities. If a malicious phishing email arrives, we investigate where it originated, such as if it came from external sources in London or Germany. We contact our clients to determine if they have any relationships with those regions, and if not, we block the malicious phishing email.

TrendAI Vision One is deployed on-premises and also in the cloud, depending on what clients prefer. Some clients use cloud workload security while others rely on on-premises setups. With more than 200 clients, I log into each client's TrendAI Vision One setup based on their environment.

The best features of TrendAI Vision One include its ability to provide virtual patching. Virtual patching protects an organization's systems. For instance, if a hacker attempts a ransomware attack, TrendAI Vision One detects vulnerabilities in the system, such as outdated Windows 10 versions. If ransomware is launched, TrendAI Vision One informs the hacker that the system is already patched, preventing the attack. Additionally, it alerts developers to update any outdated applications or network settings.

The time to detect and respond to threats has been reduced significantly. For each alert, I typically need 30 minutes or even 15 minutes to investigate, prepare a report, and send it to clients, especially for high-priority cases. We categorize alerts into P1, P2, P3, and P4, where P1 is critical, and we prioritize those. We focus on critical alerts and can report back within 30 to 15 minutes. Overall, we have managed to reduce our resolution time by approximately 99% due to our multiple teams working 24/7.

We need to improve the reports generated in TrendAI Vision One. Currently, we prepare our own reports after alerts are triggered, which is time-consuming. It would be beneficial if TrendAI Vision One offered automated reports summarizing alerts over a specified period, such as one month, which would simplify reporting to clients.

I have been using TrendAI Vision One for approximately two years, and I have experience working with TrendAI Vision One.

TrendAI Vision One has a stability rating of ten out of ten.

I find the scalability of TrendAI Vision One to be ten out of ten. As a partner, Trend Micro provides educational resources that allow users to learn through various templates and videos available on their portal.

I rate the technical support from Trend Micro as a nine out of ten.

The initial setup process for TrendAI Vision One typically takes about two to three days but can vary. It depends on the client's infrastructure and whether they require support from their network team or need cloud integration. Smaller organizations might complete deployment in one or two days, while larger organizations could take about 10 to 15 days.

TrendAI Vision One is expensive. While it provides extensive services for clients, including integration capabilities, the overall cost is high. It is an XDR, and while some other products such as Trend Micro Deep Security and Apex Central are somewhat cheaper, the comprehensive nature of TrendAI Vision One contributes to its higher pricing.

Compared to other products in the market such as CrowdStrike or Azure Sentinel, TrendAI Vision One excels. While Azure Sentinel relies on complex KQL for deeper analysis, TrendAI Vision One provides accessible insights for both junior and experienced analysts, making it comprehensible even to those new to cybersecurity.

The false positives have been reduced by about 60 to 70%. Many clients experience low-category alerts. For instance, if someone such as Olga logs into her laptop and enters the wrong password multiple times, TrendAI Vision One triggers an alert for suspicious login attempts. We hold all related logs and investigate but often find these to be legitimate activities, which we confirm before closing them as false positives.

The ease of use is quite significant. TrendAI Vision One simplifies processes for junior analysts, offering clear diagrams of data analysis and providing sandbox analysis. It features a user-friendly design that aids learning for those less familiar with cybersecurity.

There are about 200 clients, and 30 employees monitor TrendAI Vision One. We maintain a 24/7 operation, with eight people scheduled for morning, afternoon, and night shifts.

TrendAI Vision One sensors are not critical but are quite easy to use. The sensors collect logs from desktops, laptops, servers, and cloud services, storing them in an encrypted database, making the gathering of data seamless.

I am a partner with Trend Micro and utilize their partner portal. TrendAI Vision One was purchased through Trend Micro's website and partner portal. If a client intends to create a SOC environment or work with many clients, they can consult with Trend Micro's team to establish a proper SOC setup to serve their clients effectively.

My overall rating for this review is 9.5 out of 10.

A few use cases for TrendAI Vision One include end user installation by my company distributor company. We sell Trend Micro products, focusing on dealers rather than end user sales. My role is in technical engineering, particularly in Turkey, where I handle all Trend Micro product installation and training.

TrendAI Vision One allows us to monitor attacks in real time, which is a significant benefit. We can quickly see where the attack is coming from. TrendAI Vision One enables us to use different products with a flexible license. For example, if a customer is using endpoint security and wants to switch to another solution, they can instantly use a different Trend Micro product, such as email.

TrendAI Vision One has helped to reduce the time to detect and respond to different threats, as it can respond to attacks very quickly. With playbook templates, in cases of recurring attacks, responses can be made quickly using predefined playbooks.

TrendAI Vision One has helped to reduce noise from false positives. There have been false positives before, but it was due to the customer not telling us which app they were using. Best practice configurations must be applied properly to avoid such issues.

TrendAI Vision One helps customers consolidate the use of security vendors and reduce silos by offering one platform for all product management.

In comparison to Trellix, one disadvantage of Trend Micro is the DLP feature. Trend Micro has a light DLP, while Trellix offers a perfect DLP. Trend Micro's DLP is busy and does not use OCR.

In the future, I would like to see TrendAI Vision One improved by making it easier if the endpoint had a single agent. Currently, there are two agents for different antivirus and EDR solutions, making it seem advantageous to have just one.

DLP can be developed further, and the platform could benefit from additional IPS products.

I have been working with TrendAI Vision One for three years.

TrendAI Vision One is stable, and there has been a problem once so far, which was quickly resolved with very fast problem-solving capabilities.

When needing to scale TrendAI Vision One, I find it very easy to do so.

Local support for Trend Micro is available in Turkey, including both local and global support teams.

I would rate the technical support of Trend Micro as an eight on a scale of one to ten.

Before Trend Micro, I worked with other solutions such as Trellix and McAfee. Trellix had performance problems, but with Trend Micro, there are no issues, and it offers the best performance compared to other products such as Trellix's EDR and proxy.

Setting up TrendAI Vision One is straightforward, but someone with IT knowledge should handle it since it requires technical know-how.

Switching to TrendAI Vision One reduced our risk by 90 percent.

TrendAI Vision One is a price performance product compared to competitors. On-premises solutions are more expensive than local solutions, and it is more affordable than leading competitors.

Sensor coverage is critical for my customers' networks because we can see instant attacks on the network and computers.

It is very important that TrendAI Vision One has AI built into its platform as we currently use it, and it provides great convenience in understanding events.

My organization uses TrendAI Vision One for consolidated security across hybrid environments, as a single screen simplifies management, making it very easy to understand with one platform for all products.

For other organizations considering TrendAI Vision One, I suggest that using NDR for visibility is nice and easy.

I would rate this review a nine out of ten.

TrendAI Vision One is deployed for endpoint security on both clients and servers. Integration with Microsoft Azure , local Active Directory, Email Security , and Cloud Collaboration has been implemented, with efforts to integrate as many modules and interfaces as possible into the platform.

Centralized collection and evaluation of security-related information at a single point is essential for the company's network. Operating in the construction planning industry with clients that are mostly public authorities, the constant exchange of files and collaboration with other companies across various platforms presents significant challenges. Communication occurs via email and Teams, making endpoint protection critical. TrendAI Vision One ensures endpoints and users are well-protected, detects threats quickly, and provides strong security assurance.

Attack Surface Risk Management features are utilized, and its ability to identify blind spots is highly valued. The platform categorizes the biggest risks with a score, allowing specific risk management.

TrendAI Vision One has consolidated the use of security vendors and reduced multiple vendors. The solution offers far more than initially used, with usage expanding gradually. The Managed Detect and Response Service is utilized, where Trend Micro checks critical cases, providing confidence that data is protected.

Centralizing everything in one cloud platform has improved the company significantly. Integration with third-party products provides additional security and helps the IT team remain calm and confident during incidents. Incidents can be reviewed quickly with clear traceability of events, which reduces stress across the company.

Risk management has been positively affected by the ability to generate reports and gain detailed insight into access attempts, helping reassess risks and identify patterns.

Threat detection and response time has been reduced by 70–90%. Risks are now identified within minutes instead of half an hour. False positives have decreased significantly because alerts can be quickly validated, especially with the new app. Overall cyber risk has been reduced substantially, and the company now feels very secure.

AI integration is very important for the organization. Trend Micro's AI is well-developed and continues to improve, providing faster recognition of threats and specific security support.

The sensors and their visual representation provide a quick and clear overview of the situation and are the most valuable features. The mobile app is highly useful, allowing immediate isolation of a client and instant assessment of alarms without logging into the system. This evolution makes the platform more powerful with every update.

Centralized visibility and management across all protection layers are excellent. TrendAI Vision One helps identify sources of problems quickly and offers great support contact with Trend Micro. The centralization of data collection and evaluation gives significant control over the security landscape.

AI integration within TrendAI Vision One enhances detection and analysis, enabling quick recognition of security issues and strengthening trust in the platform. The Managed Detect and Response service further adds value by providing expert monitoring of critical cases.

Integration capabilities and automation, particularly compatibility with local and cloud systems, have significantly improved operational efficiency and reduced manual workload.

The platform's development is satisfactory. There are no specific missing features at the moment, although improvement is always possible in making things more intuitive and easier to use. TrendAI Vision One continues evolving in the right direction and has become very stable recently.

TrendAI Vision One has been used since November 2023.

TrendAI Vision One is very stable, and no issues have been experienced with the solution. Microsoft systems cause more concern than Vision One. The platform runs smoothly and reliably.

TrendAI Vision One's scalability is good. The goal is to integrate as much as possible and collect all security-relevant information. The platform's scalability supports expansion and additional integrations with AI-driven analysis.

Service and technical support are excellent. Direct contact is available with Trend Micro employees, including local representatives from Switzerland. When MDR tickets are opened, the service team responds quickly with clear instructions. The overall experience is very positive, and customer service and technical support are rated at the highest level.

Before using TrendAI Vision One, a local Trend Micro solution was used. The move to Vision One occurred when a setup renewal was needed and more security and centralized management options were sought. Trend Micro was recommended and proved to be the right choice.

The initial setup was very simple due to the existing Trend Micro solution. Migration was smooth and supported by a partner, allowing devices to be moved seamlessly to the new platform. The onboarding process was completed within one week, with optimization occurring gradually afterwards.

The implementation was handled by the in-house IT team and UniQconsulting, a long-time partner. Only two people were needed for deployment. Approximately one week was required, with a half-day workshop for introduction and several nights spent migrating and optimizing devices. Support from UniQconsulting and Trend Micro ensured a smooth process.

ROI was achieved primarily through reduced IT workload and cost savings from avoiding external managed security providers. The Managed Detect and Response Service allows security to be maintained internally without outsourcing, which significantly reduces expenses.

Some time was required to realize the benefits after implementation. As a small team, the endpoint migration began slowly. By the end of the first year, everything desired had been integrated, including the local Active Directory and firewall. The platform's evolution and AI chatbot have made usage easier over time.

A credits-based licensing model is used. Each function costs credits per device or user. Credits can be reallocated flexibly, and even minor negative balances are tolerated. The model is fair and adaptable to organizational needs. Overall costs are reasonable for the value provided

Foreign Language: (German)

Eine einheitliche und KI-gestützte Sicherheitsplattform zur Stärkung des Endpunktschutzes und Risikomanagements

Was ist unser primärer Anwendungsfall?

TrendAI Vision One wird eingesetzt, um Endpunkte sowohl in Client- als auch in Serverumgebungen abzusichern. Die Lösung integriert sich nahtlos mit Microsoft Azure, dem lokalen Active Directory, der E-Mail-Sicherheit und der Cloud Collaboration, wobei fortlaufend daran gearbeitet wird, so viele Module und Oberflächen wie möglich innerhalb der Plattform zu vereinheitlichen.

Die zentrale Sammlung und Auswertung sicherheitsrelevanter Informationen an einem einzigen Punkt ist für das Unternehmensnetzwerk unerlässlich. Als Unternehmen in der Bauplanungsbranche, in der man hauptsächlich mit öffentlichen Auftraggebern arbeitet, steht die Organisation vor erheblichen Herausforderungen durch den ständigen Dateiaustausch und die Zusammenarbeit mit vielen Firmen über unterschiedliche Plattformen hinweg. Die Kommunikation erfolgt hauptsächlich per E-Mail und Teams, weshalb Endpointschutz von entscheidender Bedeutung ist. TrendAI Vision One sorgt dafür, dass Endpunkte und Benutzer gut geschützt sind, Bedrohungen schnell erkannt werden und ein hohes Maß an Sicherheit gewährleistet wird.

Die Cyber Risk Exposure Management (CREM) Funktionen werden sehr geschätzt, unter anderem, weil sie Blind Spots identifizieren. Die Plattform priorisiert die größten Risiken anhand eines Scores, was ein gezieltes Risikomanagement ermöglicht.

Wie hat die Lösung unserem Unternehmen geholfen?

TrendAI Vision One hat die Sicherheitsabläufe optimiert, indem mehrere Anbieter auf einer einzigen Plattform konsolidiert wurden. Das Deployment wurde schrittweise erweitert, wodurch weit mehr Funktionen als ursprünglich geplant war freigeschaltet wurden. Der Managed Detection and Response (MDR)-Service sorgt für zusätzliche Sicherheit, da Trend Micro kritische Fälle überwacht und so den Schutz der Daten gewährleistet.

Die Zentralisierung aller Systeme auf einer Cloud-Plattform hat die Leistungsfähigkeit des Unternehmens erheblich gesteigert. Die Integration mit Drittanbieterprodukten bietet zusätzliche Sicherheit und hilft dem IT-Team, bei Vorfällen ruhig und selbstbewusst zu bleiben. Durch die klare Nachvollziehbarkeit können Incidents schnell überprüft werden, was den Stress für die gesamten Organisation reduziert.

Durch die Möglichkeit, Berichte zu erstellen und detaillierte Einblicke in Zugriffsversuche zu erhalten, hat sich das Risikomanagement deutlich verbessert. So können Risiken neu bewertet und Muster erkannt werden.

Die Erkennungs- und Reaktionszeit auf Bedrohungen wurde um 70–90 % reduziert. Risiken werden nun innerhalb von Minuten statt in einer halben Stunde erkannt. False positives sind deutlich zurückgegangen, da Warnungen – insbesondere mit Hilfe der neuen App – schnell überprüft werden können. Das allgemeine Cyberrisiko wurde erheblich reduziert, und das Unternehmen fühlt sich nun viel sicherer.

Die Integration von KI ist ein weiterer entscheidender Vorteil. Die KI von Trend Micro wird kontinuierlich weiterentwickelt und ermöglicht eine schnellere Erkennung von Bedrohungen sowie gezielte Sicherheitsunterstützung.

Was ist am wertvollsten?

Die Sensoren und ihre visuelle Darstellung bieten einen schnellen und klaren Überblick über die Situation und gehören zu den wertvollsten Funktionen. Die mobile App ist äußerst hilfreich, da sie die sofortige Isolierung eines Clients und die schnelle Bewertung von Alarmen ermöglicht, ohne sich ins System einloggen zu müssen. Jedes Update stärkt die Plattform und macht sie mit der Zeit noch leistungsfähiger.

Die zentrale Sichtbarkeit und Verwaltung über alle Schutzebenen hinweg sind ausgezeichnet. TrendAI Vision One hilft, Problemquellen schnell zu identifizieren, und bietet hervorragenden Support durch den direkten Kontakt zu Trend Micro.

Die Zentralisierung der Datensammlung und -auswertung ermöglicht eine signifikante Kontrolle über die Sicherheitslandschaft. Die KI-Integration in TrendAI Vision One verbessert die Erkennung und Analyse, ermöglicht eine schnelle Identifizierung von Sicherheitsproblemen und stärkt das Vertrauen in die Plattform.

Der Managed Detect and Response Service bietet zusätzlichen Mehrwert durch die professionelle Überwachung kritischer Fälle. Die Integrationsfähigkeit und Automatisierung, insbesondere die Kompatibilität mit lokalen und Cloud-Systemen, haben die betriebliche Effizienz erheblich verbessert und die manuelle Arbeitsbelastung reduziert.

Was könnte verbessert werden?

Insgesamt ist die Entwicklung der Plattform zufriedenstellend. Derzeit fehlen keine bestimmten Funktionen, allerdings wären Verbesserungen hinsichtlich Benutzerfreundlichkeit wünschenswert. TrendAI Vision One entwickelt sich weiterhin in die richtige Richtung und ist in letzter Zeit sehr stabil geworden.

Wie lange wird die Lösung bereits verwendet?

TrendAI Vision One wird seit November 2023 eingesetzt.

Wie beurteile ich die Stabilität der Lösung?

TrendAI Vision One ist sehr stabil, und es sind bisher keine Probleme aufgetreten. Die Plattform läuft reibungslos und zuverlässig. Tatsächlich geben Microsoft-Systeme mehr Anlass zur Sorge als TrendAI Vision One.

Wie beurteile ich die Skalierbarkeit der Lösung?

TrendAI Vision One bietet eine hohe Skalierbarkeit. Ziel ist es, so viele sicherheitsrelevante Informationen wie möglich zu integrieren und zu konsolidieren. Die Skalierbarkeit der Plattform unterstützt die Erweiterungen und zusätzliche Integrationen mit KI-gestützten Analysen.

Wie sind Kundenservice und Support?

Service und technischer Support sind ausgezeichnet. Es besteht ein direkter Kontakt zu Mitarbeitern von Trend Micro, einschließlich lokaler Vertreter aus der Schweiz. Bei geöffneten MDR-Tickets reagiert das Serviceteam schnell mit klaren Anweisungen. Die Gesamterfahrung ist sehr positiv, und Kundenservice sowie technischer Support werden auf höchstem Niveau bewertet.

Wie würde ich den Kundenservice und Support bewerten?

Negativ doesn’t make sense when you read what they said about the Customer service and Support in the question before.

Welche Lösung wurde zuvor verwendet und warum wurde gewechselt?

Vor der Einführung von TrendAI Vision One wurde eine lokale Lösung von Trend Micro verwendet. Der Wechsel erfolgte, weil eine Erneuerung der Infrastruktur anstand und mehr Sicherheit sowie zentralisiertes Management gesucht wurden. Trend Micro wurde empfohlen.

Wie verlief die Ersteinrichtung?

Die Ersteinrichtung war aufgrund der bestehenden Trend Micro-Lösung sehr einfach. Die Migration verlief reibungslos und wurde von einem Partner unterstützt, wodurch Geräte problemlos auf die neue Plattform transferiert werden konnten. Der Onboarding-Prozess war innerhalb einer Woche abgeschlossen, die Optimierung erfolgte anschließend schrittweise.

Wie war das Implementierungsteam aufgestellt?

Die Implementierung wurde vom internen IT-Team und Uni Consulting, einem langjährigen Partner, durchgeführt. Für das Deployment waren nur zwei Personen erforderlich. Der Prozess dauerte etwa eine Woche, einschließlich eines halbtägigen Einführungsworkshops und mehrerer Nächte für die Migration und Optimierung der Geräte. Die Unterstützung durch Uni Consulting und Trend Micro sorgte für einen reibungslosen Ablauf.

Wie sieht unser ROI aus?

Der ROI wurde hauptsächlich durch die Reduzierung der IT-Arbeitsbelastung und Kosteneinsparungen, da man auf externe Managed Security Provider verzichten konnte. Der Managed Detection and Response Service ermöglicht es, die Sicherheit intern aufrechtzuerhalten, ohne auszulagern, was die Kosten erheblich reduziert.

Es dauerte einige Zeit, bis die Vorteile nach der Implementierung vollständig sichtbar wurden. Als kleines Team begann die Migration der Endpunkte langsam. Am Ende des ersten Jahres waren alle gewünschten Integrationen abgeschlossen, einschließlich des lokalen Active Directory und der Firewall. Die Weiterentwicklung der Plattform und der KI-Chatbot haben die Nutzung im Laufe der Zeit weiter vereinfacht.

Wie sind meine Erfahrungen mit Preisgestaltung, Setup-Kosten und Lizenzierung?

Es wird ein kreditbasiertes Lizenzmodell verwendet, bei dem jede Funktion Credits pro Gerät oder Benutzer kostet. Die Credits können flexibel umverteilt werden, und kleine negative Salden werden toleriert. Das Modell ist fair und an die Bedürfnisse der Organisation anpassbar. Die Gesamtkosten sind im Verhältnis zum gebotenen Wert angemessen.

Welches Bereitstellungsmodell wird für diese Lösung verwendet?

Hybrid Cloud Wenn Public Cloud, Private Cloud oder Hybrid Cloud – welcher

Cloud-Anbieter wird genutzt?

Microsoft Azure

TrendAI Vision One sensors are used at the endpoint to gather information from endpoints, which has proven to be very useful. The coverage provided by TrendAI Vision One is critical for our organization's network because it's a comprehensive way to get all the relevant data from the endpoints regarding antivirus security and similar security settings.

Some basic features of the Cyber Risk Exposure Management capabilities in TrendAI Vision One are being used. Plans exist to expand the usage, but currently the overview of the cyber risk settings is checked, though it hasn't been used much in the last few months.

TrendAI Vision One has helped consolidate the use of security vendors and reduce silos, but other vendors have not been replaced. TrendAI Vision One alone is sufficient for current needs, so other vendors for such solutions do not need to be used, at least not for now.

TrendAI Vision One is used for consolidated security across hybrid environments.

The comprehensive overview of the security status is the most valuable feature of TrendAI Vision One. TrendAI Vision One platform's ability to provide centralized visibility and management is quite good because all the relevant data are present, providing everything needed. The interface is quite simple to use and all the relevant data can be seen there.

TrendAI Vision One has helped reduce the time to detect and respond to threats because information is gathered more quickly and all the relevant points are visible. If there's any problem, it can be seen much easier and quicker.

TrendAI Vision One has also helped reduce cyber risks because it decreases cyber risks as there is more control over the environment.

There are currently no particular suggestions on how TrendAI Vision One can be improved because improvements have been seen in nearly every version, and satisfaction with what can be seen and used is high.

Additional features are not desired to be seen in the next release of TrendAI Vision One because not all the features that are available now are being used. For current needs, everything is already there. Perhaps in the future something else will be needed, but everything that is currently needed is already included.

TrendAI Vision One has improved its integration with other products, with other vendors, or with mobile device management. The mobile device management solution has improved over the years and was pretty basic when it started, but now it has much more options. Some improvements could be made, but all the possibilities of the platform are not being fully utilized, so some features that could be discussed may not have been explored yet, though they may already be available.

TrendAI Vision One has been used for a couple of years.

There have been no problems with scaling TrendAI Vision One. The organization is not large, so there were no problems in scaling. TrendAI Vision One appears to be tailored for much bigger organizations, so no scaling problems were encountered.

There has not been much contact with technical support, though some checks and presentations were conducted, which were quite good. The response was very quick and all the information needed was received, resulting in high satisfaction.

Technical support would be rated nine out of ten. Regarding local technical support, it is also quite good through the partner network and directly. If something is escalated directly to Trend Micro, responses are received. There is high satisfaction with the current support level.

The initial setup of TrendAI Vision One was seamless because it was a migration from an on-premises Trend Micro service to a cloud-based one, so there were no particular problems.

External partners were used for the implementation of TrendAI Vision One, though the process was overseen. There was a transfer of knowledge during the implementation.

Return on investment from TrendAI Vision One has not been calculated in the traditional sense, but price-wise, it's a better solution than some others that have been looked at or researched. TrendAI Vision One is quite convenient for the organization.

Before TrendAI Vision One, a broader marketplace was evaluated. A granular possibility to purchase only needed options without purchasing unnecessary components was not observed in other solutions. The licensing model of TrendAI Vision One is the best among other solutions that have been seen.

For integrations with third-party solutions, integration was done for log management. Logs are downloaded or shipped from Trend Micro solutions to internal log management solutions, and there were no particular problems in integrations. Many other integrations specifically with Trend Micro were not conducted.

TrendAI Vision One is considered the best option on the market at the moment for this organization. TrendAI Vision One appears to be quite popular in the region, with many companies using it, both bigger and smaller organizations. A community provides information and support, making TrendAI Vision One popular in the area.

TrendAI Vision One has been using AI technologies already for some time, which shows awareness of the landscape. It is believed that TrendAI Vision One will tailor the solution accordingly, as AI is already being used in some solutions within the platform, indicating good direction for the product.

TrendAI Vision One provides learning courses, and events from partners sometimes offer opportunities to gather new information on the products. Additionally, a community is available, creating a good landscape for learning and support in the region.

The partnership program is not well known because collaboration is through partners, but it is believed that partner satisfaction is high.

TrendAI Vision One received an overall rating of eight out of ten.