My use cases for Trend Vision One are typically reactive, letting it scan and monitor our environment, and we typically respond quickly to any workbenches that come up.

We also try to adapt to the Cyber Risk Index or the security score, keeping that at the lowest amount possible on a weekly or bi-weekly basis as we push out updates and do maintenance.

My favorite features in Trend Vision One include the Cyber Risk Index, which breaks down various pieces of info into one easily digestible score. I appreciate the workbenches. They provide a visual of how they operate for the most part, and I value the in-depth details they offer since we can mostly operate off of that, giving us enough info to crunch and figure out what's happening.

While it's not an actual feature of the application, I appreciate the clinics and seminars that Trend provides, as I went to one last year that got me from zero to beginner, and I hope to advance to intermediate with another seminar series this year.

Trend Vision One helps reduce my mean time to detect and respond to threats as without it, we would be scrambling and confused with not much information to go off of for threat hunting. I'm not sure what we were using previously. As long as I've been here, it's been Trend Vision One, and we're very happy with it. We're hesitant to shop around for any other provider since we think it's a very good product, and we appreciate the speed and breadth of data we receive from it.

I sometimes see noise from false positives with Trend Vision One. One clear instance involved the AI deep fake feature, which would throw up false positives whenever someone had a Teams meeting with a blurred background, leading us to turn it off as it activated for every meeting. Additionally, there were minor false positives throughout the year related to Microsoft update files and certain DLLs, however, they don't clutter Trend Vision One much and have essentially gone away in recent months.

I am very happy with Trend Vision One's platform ability to provide centralized visibility and management across protection layers. The platform extends into various categories, offering oversight over email and even flagging suspicious activities that occur on a server, despite not having a Trend Vision One agent on it. For instance, an admin setting up remote access on that server was flagged as suspicious, and I appreciate the reach that Trend Vision One has across different scattered categories it monitors.

In terms of improving Trend Vision One, it might sound silly, yet it seems notoriously uncooperative with middle clicks and opening sections in new tabs. I'm a big tab browser, and it feels hitting a brick wall when I have to refresh in a new tab or make a copy of a tab to move forward. If we can enable middle clicks to open sections in new tabs, it would greatly benefit me personally.

I've been using Trend Vision One for a few months, approximately eight to ten months at this point.

Regarding stability, I don't think Trend Vision One has ever caused any lagging, crashing, or downtime. There was one situation where we may have misconfigured something, forgetting a checkbox, and Trend Vision One's scheduled scans might have used some CPU resources, however, that's on our end. Besides that, Trend Vision One works exactly as intended and has never hindered our operations, feeling more a collaborator than a roadblock.

I don't think I've encountered any issues with scalability; we're growing steadily, and I believe Trend Vision One can keep up with our demand. Our company has about 200 employees in Canada, and I can foresee that if we doubled in size, Trend Vision One would accommodate that very easily.

I have contacted the technical support before. We're very happy with the technical support from Trend Vision One, feeling we have our own dedicated technician who knows the entire suite of applications. They are very intelligent and responsive, and as we submit feature requests, they seem to make it into the actual list of features in Trend Vision One, so we maintain a good relationship with their technical support and development teams.

I'm not sure what we were using previously. As long as I've been here, it's been Trend Vision One, and we're very happy with it. We're hesitant to shop around for any other provider as we consider it a very good product.

The experience of first using Trend Vision One is really difficult due to the steep learning curve. Thankfully, I attended a Trend Vision One seminar that got me from zero to beginner, as without that, it involves a lot of guesswork with little grounding to go off of. I really recommend their seminars and tutorials.

I do not know much about the pricing of Trend Vision One. My understanding is it's expensive. We pay for it anyway, and there's always sticker shock. Still, we feel it's necessary as this product covers all our needs.

We're hesitant to shop around for any other provider. Trend Vision One is a very good product, and we appreciate the speed and breadth of data we receive from it.

I'm not sure if I use the cyber risk exposure management capabilities. Trend Vision One requires very little maintenance on my end, mostly just keeping up with refreshing the license, which is about all I hear related to Trend Vision One maintenance.

Some top security challenges in my industry include securing anything exposed to the internet, especially since we were previously hit with ransomware. The ability of Trend Vision One to detect and cut off threats early, clean up files before they execute, and address phishing emails helps us significantly. We also have their email and collaborative security, which is crucial along with having zero-day protections to receive early warnings of threats, allowing us to act immediately outside our maintenance windows.

I'm not completely sure where we use the Trend Vision One sensors, as I didn't set them up. However, we do have a DDI that we paid a lot for, which is one of our biggest data sources and populates much of the information in Trend Vision One. We also have a network sensor at our different location in the United States, which is a temporary holdover until we can upgrade to something more robust.

It's not critical for my company that Trend Vision One has AI built into its platform in terms of needing a language model to explain things, however, AI is actually critical for threat detection and behavioral analysis. That aspect of behavior monitoring and action based on behavior is very important.

Trend Vision One has helped my organization reduce its cyber risk. For instance, even prior to acquiring the DDI, the DDI's presence on our network found a threat actively in progress, and we were able to act on it, demonstrating its effectiveness from day zero.

On a scale from one to ten, I would rate Trend Vision One a nine overall.

Our use case for Trend Vision One is for our security platform. We use it for antivirus, XDR, and network telemetry purposes.

Trend Vision One helped us to consolidate our use of security vendors and reduce silos. We had three or four consoles from different products, and we consolidated them into one console with this product.

Trend Vision One helped reduce the time to detect and respond to threats by 70% to 80%.

Trend Vision One has helped us reduce noise from false positives.

We have been using cyber risk exposure management for 2 months since upgrading in April. It helps us identify blind spots by providing more visibility and insights into our environment, making it a valuable feature.

We use the network sensor, and its coverage is critical. With SIEM, we gain substantial insights into our environment, and having a complete 360 view is necessary in today's security world. It reduces the risk by 50%.

Having AI built into the Trend Vision One platform is important for our organization. It reduces many manual steps, resulting in more and quicker detections and advanced automation for remediation, improving efficiency by 60% to 70%. The solution aims to reduce risks and enhance detection.

I like how easy it is, and there is a single pane of glass. We have one console for everything.

Trend Vision One provides centralized visibility and management across protection layers. It has the functionality of different products and management of a single pane of glass. We have one console for everything. As a security engineer, it's easier to check the alerts and find everything. It consolidates a lot of consoles into one, and that's what we like most about it.

Vulnerability scanning could be improved. They need to see more CVEs and scan products for known vulnerabilities, allowing for better display and review of potentially exploitable servers by hackers or through configuration settings.

We have been using Trend Vision One for approximately 18 months.

We haven't experienced any stability issues. It has proven to be stable.

The scalability of Trend Vision One is good.

I have contacted technical support from Trend Micro. The quality and speed of support are good.

It was easy. It took us one day to fully deploy Trend Vision One.

Some maintenance is required for updating agents on the servers.

The deployment involved just one person working with the vendor in one day.

Trend Vision One has reduced risks by 50%. We have reduced the response time by approximately 70%-80%.

When we have a good product such as Trend Vision One, the price is fine.

We have used Trend Micro products for many years, and we upgraded to Trend Vision One. We didn't test any alternatives, staying with what we've used for years.

I would rate Trend Vision One an eight out of ten.

We're in the retail business, we sell bicycles in physical stores, and our branches are our biggest attack surface. These locations are covered by our overall solution, including sensors and other protection.

We have 49 branches, a headquarters, and a central warehouse. That's about 1,200 users and 1,000 computers. Trend Vision One is used primarily by our IT team. We also integrate with Office 365, Azure, and our on-prem data center.

We use Trend Vision One for consolidated security in hybrid environments. We have both on-premise and cloud data centers, particularly in Azure. The platform consolidates all of that into one view.

Since we started using Trend Vision One, we've been able to enhance our security posture significantly.

Trend Vision One has improved significantly over time in providing centralized visibility and control. It started as a set of individual products, but now it feels like one integrated solution. This reduces the need for interfaces or multiple analysis tools. That's why we pursued the one-platform strategy.

Trend Vision One has definitely helped consolidate our use of security vendors. We previously used standalone products for endpoint and email protection that weren't integrated. Now, we get the benefits of an integrated solution. I'd estimate we're 50–70% better in security now than we were two years ago.

The Cyber Risk Exposure Management (CREM)feature is absolutely essential. Even though we're not critical infrastructure, the NIS2 directive gives us security guidelines. CREM helps us meet these requirements.

It is very important to our organization that Trend Vision One integrates AI into the platform. Pattern recognition in forensic data is no longer manageable by humans due to the volume of events. Machine learning is essential to process these and filter what needs human attention.

Trend Vision One has improved our organization significantly. Security tasks used to be manual. Now, technology prevents issues or supports staff in detecting them. This shift from manual to technical solutions greatly increased our security.

Trend Vision One has reduced the time we spend detecting and responding to threats. I'd say we're 80% faster than before. The platform gives us consolidated data upfront, so we don't have to search for event clues manually.

Trend Vision One has helped reduce false alarms. I'd estimate a 50–60% time saving. We have more alerts now than years ago, but also better systems to handle them, making the whole process more efficient. Trend Vision One has helped reduce our cyber risk overall. We now know where gaps are before they become problems, whereas in the past we had to guess. That's a massive improvement.

When it comes to operations, the CREM solution helps us identify vulnerabilities in systems. If we patch them, they disappear from the reports—this gives us actionable insights, which is incredibly helpful.

It took about half a year to realize the benefits of Trend Vision One after implementation.

The features of Trend Vision One are fine—it's the integration that needs work. Especially at the endpoint level, we still feel like we're using an older product that just got plugged into Trend Vision One. A fully integrated endpoint client is the next step.

My impression of the solution's stability is an eight out of ten.

I'd rate the scalability of Trend Vision One a nine.

The platform scales well. Our growth over the past three years has never caused performance or expansion issues.

The service support for Trend Vision One works well. The service desk and escalations function smoothly.

We used Kaspersky before Trend Vision One and switched due to BSI recommendations.

It took about half a year to realize the benefits of Trend Vision One after implementation. Migration processes took some time, but we quickly started seeing positive results.

A return on investment wasn't our goal with Trend Vision One. The goal was to achieve a high level of security at acceptable costs, not ROI calculation.

The pricing and licensing model for Trend Vision One is fair overall, especially with the good discounts we got. Currently, no extra costs—though we pay a monthly fee that gets converted into credits. I find the credit model non-transparent—you can't always tell how many licenses apply to which product. Trend Micro is working on improving this. We'll renegotiate pricing in 2026.

I joined the company in 2022 and brought knowledge of Trend Vision One with me. Our partner also recommended it, and the pricing and offers were so good that we didn't seriously consider alternatives.

We cover all areas of security with Trend Vision One, except for edge security—we use other firewalls there.

We deploy Trend Vision One sensors at the endpoint and for email, including Office 365, and we're expanding this further. We believe that having all data in one central system gives us better insight than using isolated solutions. That's why we initially looked for a one-platform solution.

In 2025, we can finally recognize risks effectively, especially in Azure, where we previously had to rely solely on Microsoft. With Trend Vision One's support, we can now detect and mitigate risks, especially with our core ERP system running in Azure starting this November.

My advice to others evaluating Trend Vision One is to understand the full value across all modules. Just using endpoint protection doesn't show the platform's real strength. The full benefits come when multiple modules are used together.

My overall rating for Trend Vision One is 8 out of 10.

Our usual use cases for Trend Vision One involve the detection of any kind of threat. We are getting alerts from the workbench on Trend Vision One and we perform threat hunting. If there are false positives, we close them, and in the case of true positives, we take action toward remediation and closure. Predominantly, we use it for threat management.

Trend Vision One is an integrated platform where I can get all the information about all the endpoints, whether it be a server, laptop, or desktop. Everything is integrated, allowing me to see everything within one console; that is one of the greatest advantages of Trend Vision One.

In terms of centralized visibility and management across protection layers, Trend Vision One provides protection across all attack vectors. It allows us to manage threats in all phases. We can even perform forensics where we can collect suspicious files remotely to submit to Trend Micro.

Trend Vision One helps reduce the time to detect and respond to threats. We get alerts in real-time. We receive notifications as email alerts, as well as alerts in the console. Through the workbench, we can monitor the console 24/7 with real-time information; there is not much delay.

Trend Vision One has helped us reduce noise from false positives, thanks to the SOAR functionality. We are able to configure automatic responses, and in case any false positives are identified, the Vision One console takes care of them automatically. This helps us reduce a lot of false positives.

Trend Vision One has indeed helped consolidate our use of security vendors and reduce silos. We sometimes get threat notifications from other vendor products, such as Microsoft Cloud App Security, which identifies threats, and we can trace similar traffic from the endpoints in Vision One. This correlation adds more value for our clients.

The most valuable feature of Trend Vision One is response management; when there is a malware issue, we need to isolate the endpoint, which I can do through response management. I can isolate an endpoint, restore the endpoint, and run manual malware scans, which will be very useful when performing malware remediation actions.

In future releases of Trend Vision One, I would like to see improvements regarding role-based access control, as it is important to ensure that when granting admin access to a person, their visibility is limited to only their respective markets. For example, while creating roles for countries like France, Germany, and Italy, they should only manage their own endpoints to maintain privacy and security.

I have been working with Trend Vision One for more than 2 years.

I have not encountered any issues with the stability of Trend Vision One. There have been no problems at all.

Stability is critically important for us with Trend Vision One; it is very stable, providing continuous 24/7 support, and we do not face challenges in accessing services from Trend Micro.

Regarding scalability, Trend Vision One accommodates many endpoints without any challenges, allowing easy expansion of our portfolio.

I would rate the technical support for Trend Vision One a perfect 10 out of 10, as Trend Micro supported us throughout the transition from on-prem servers or other vendors, providing top-notch service at all times.

Before using Trend Vision One, we were utilizing McAfee, and some of our clients were using Symantec. Currently, most clients have transitioned to Trend Micro.

The decision to switch from McAfee was driven by factors such as high costs and the global presence of organizations. Trend Micro has a more robust global reach and its pricing is very competitive compared to McAfee.

The initial setup of Trend Vision One is not complex; it is straightforward. We had the options in the Trend Vision One console, and we received training from Trend Micro-certified administrators. We had knowledge transfer sessions, and later, we successfully migrated our products from on-prem servers to the cloud.

We have been using the product for more than 7 to 8 years, and we did not face any challenges during this migration.

We have seen a return on investment with Trend Vision One, primarily in terms of having more confidence in addressing any kind of suspicious activities. Any such activities will be notified to us, allowing us to take action. The return on investment is apparent in managing the endpoints and addressing suspicious activity that might otherwise go unnoticed.

It has saved about 25% to 30% of our time. The risk has been reduced by more than 25% after switching to Trend Vision One.

Its price is very decent. It suits our requirements.

I did evaluate other options, including Microsoft Sentinel, but ultimately, most vendors choose Trend Vision One.

The factors that led us to choose Trend Vision One over Microsoft or other options include costs, and since we already have Microsoft for other protections (like M365 security protection), we opted for protection with a different vendor, rather than the same vendor.

I would rate Trend Vision One a nine out of ten.

We have been in contact with Trend Micro for a very long time. We have a Domino server, which is the alternative to an Exchange server, and we have implemented their virus scanner there. Because of that, we decided to stick with the company and integrate Email Gateway Protection as well. It is important for us because we host our own mail server, and we receive a huge amount of spam. The goal was to reduce that. So far, we have reduced our email traffic by almost 50%—thanks to email filtering. This means our employees do not have to handle those emails anymore.

We receive around 1,000,000 emails per year and 500,000 of those are junk. That was a key factor in saving work time. Every email that lands in an inbox has to be handled—either deleted or responded to. We tested this with different employees and found that deciding whether an email is relevant or junk takes about 10 to 15 seconds per email. With 500,000 unnecessary emails, you can imagine how much time we are saving company-wide.

Another major reason we implemented this solution is phishing emails. This is a huge issue. Trend Micro offers phishing awareness training, but ideally, these phishing emails should not even reach our company, as they are highly dangerous. So far, Trend Micro has filtered out around 3,700 phishing emails for us.

There is another extremely dangerous issue—malicious software hidden in attachments. If an employee clicks on such an attachment, files could get encrypted. In the past year, Trend Micro has intercepted 60 such cases, meaning 60 incidents where our files did not get encrypted.

This is why we use this solution. Of course, there are other providers, but we find Trend Vision One's interface very user-friendly. We also have a dashboard where we can track everything and pull these statistics.

In Germany, such a security solution is very important. Due to a change in the law, company management is now obligated to ensure that IT security is based on best practices. If they fail to do so or are unaware of their security status and neglect it, they are now personally liable with their private assets. I also need a tool that allows my management and board to monitor our security status. One of the reasons why we chose Trend Vision One was that it provides the option for the board to check the dashboards. This means that every morning while having coffee, they can see the security status of the company on their phones. They can also ask, "Hey, why is our security score high? Is our IT department not working properly? Or do we have a real problem that requires additional software or other measures?" Additionally, negotiations become easier for the IT department, for management, and for us. If security gaps arise, we can say, "Hey, we need software or an investment of a certain amount." We now have a solid foundation for our case.

We use email security and endpoint protection. Endpoint protection is installed on every computer and server, with enhanced sensors on the servers. These security tools are crucial for us—without them, we would be blind in IT. They allow us to monitor the health of each system and user activity, including preventing access to inappropriate websites.

We have a lot of remote work, and we used to struggle because we could not properly monitor devices outside our network or firewall. Now, we can control things like applications, websites, USB sticks, and external hard drives, which was previously impossible. A key feature of our endpoint protection is that if a computer reaches a certain security risk score, it is automatically blocked by the software. This means that if an attack occurs, the affected computer is isolated from the network, preventing further spread.

Our biggest challenge is not direct hacking attacks—our company is not a high-priority target. Instead, phishing emails are the main issue. These emails attempt to trick employees into making fraudulent payments or providing access to our systems, allowing ransomware installation. Email security is our biggest focus area.

It has significantly reduced email volume, which is crucial, especially for our security team, as they do not have time to review every message. IT also receives fewer inquiries about whether emails are legitimate. Additionally, phishing training has helped—our employees recognize phishing attempts better, and our click rate on phishing simulations has dropped to zero. Previously, conducting a phishing simulation would have cost €2,500 per test, but now, we can run one or two tests per month at no additional cost. This provides great value.

It is important for us that Trend Vision One has AI built into its platform. It is essential for detecting abnormalities quickly. Humans may not notice certain threats, but AI can. However, AI is not perfect and sometimes lets suspicious emails through, which we then manually review in quarantine. AI is constantly learning, and the more it improves, the less manual intervention is needed, which is beneficial for us.

We now have visibility. Previously, we were blind and could not assess our security status.

Trend Vision One helped reduce our time to detect and respond to threats. Previously, we relied on reading security forums and websites to identify vulnerabilities. Now, we get real-time alerts and can take immediate action.

Our speed has increased significantly. We can update and patch security threats daily, whereas before, it took weeks or even months.

Trend Vision One has helped our organization reduce its cyber risk, especially through endpoint protection. For example, our field employees used to connect unknown external hard drives, which posed a risk. That is no longer possible, eliminating a major threat vector.

Trend Vision One has helped consolidate our use of security vendors. Previously, we only had basic endpoint protection from another provider, which we replaced with Trend Vision. We now have more security software, not less, because our company has grown significantly—from a small business to a mid-sized enterprise. The IT department was lagging behind, and security was not a priority. Now, we manage everything with one provider, rather than multiple vendors.

The dashboard is valuable. It provides a comprehensive view of our security status and allows us to compare ourselves with other companies using Trend Vision. We can immediately see if we need to take action when updates are released with high CVE scores, without having to check multiple websites. This saves time and enables faster decision-making.

The platform provides not only visibility but also intervention capabilities, such as blocking threats. We are operating at a high level in this regard. I would rate Trend’s Vision One platform very high in providing centralized visibility and management across protection layers.

Improving the user interface would be helpful—it can be confusing, especially if you do not use it daily.

We do not see a need for additional features. The tool has so many capabilities that it can be overwhelming at first, which is why we implemented it step by step to avoid overwhelming our administrators.

We started with the Email Gateway Protection solution in December.

Its stability is very good. We have not had any failures so far.

Its scalability is very good as we can work with it flexibly.

We have an environment with 160 users and about 15 servers, all virtualized and running entirely on-premise.

It is very good. If we have a problem, we call Mr. Weckwert or send him an email and receive a response.

We used SonicWall’s endpoint protection before, but it had issues. For example, the endpoint protection conflicted with VPN installations, requiring us to uninstall security features before updating VPN settings—an unacceptable security risk. With Trend Vision, we feel much better protected.

SonicWall is just a basic antivirus tool, whereas Trend Vision One provides more advanced features like software firewalls and the ability to block specific applications and websites, such as preventing employees from using Telegram or WhatsApp on work computers.

A downside is that Trend Vision One requires more system resources, so we had to upgrade some computers with additional RAM. However, that is not just due to Trend Vision One but also Windows 11’s increased demands.

We use a hybrid model—Trend Vision’s cloud solution with local installations on our devices. We operate entirely on-premise.

We worked with a partner and now manage everything internally.

For the implementation, all admins were present to understand how it works. It was like a training session for us.

Fundamentally, there is one colleague responsible for it, and they spend about an hour to an hour and a half on it daily.

In terms of maintenance, it only requires updates.

We have seen an ROI through time savings. The email filtering system paid for itself within a year.

It is very good. The flexibility to temporarily exceed license limits when setting up new devices is helpful, as it allows us to ensure security before purchasing additional licenses.

Try it out. Ultimately, everyone has to decide for themselves if it fits their admin team. What I always say is that this tool monitors you and provides insights—it exposes weaknesses in an IT department. If IT management cannot handle that level of transparency, they should avoid it. If they see value in having more insights, it is a very valuable tool.

I would rate Trend Vision One an eight out of ten.

We use it for analytics. We check all the maps and communications when there is an incident or an issue. It is very helpful for analytics.

Trend Vision gives a lot of visibility. If you have a big environment, you can use it to see logs or events. It gives more visibility into what is going on in your infrastructure.

Last year, we experienced an attack attempt, and it gave us a lot of visibility. We were able to track the source and all the processes that were involved during the attack. For security, it is very good.

Trend Vision One has helped reduce our time to detect and respond to threats by 30% to 40%.

I find the maps particularly helpful. The object list, specifically the suspicious object list, is also quite valuable. You can simply add one object to that list to manage it from another solution.

It gives comprehensive visibility. It is very good. It gives a lot of visibility into all layers such as layer three or layer seven. It helps with monitoring the endpoints, including all the desktops and processes or communication between servers.

I believe that the interface could be more user-friendly. At times, it is challenging to locate certain features, and they need to reorganize the user interfaces.

I have been using the solution for one year.

I would rate their customer support a five out of ten. They sometimes do not give enough attention to the tickets. Even when I update a ticket or a case, they ask the same questions that I have already answered. I explain my problem, and they respond as if not paying enough attention.

Previously, we used another solution. We observed that Trend is trying to move all the solutions to Vision One. That is why we decided to transition, and it is working very well.

It gives more visibility. The other solution was focused only on the server or endpoint protection. It did not provide any tracks, just the basics. With Vision One, we can see all the information correlated in one place, which I find very helpful.

The initial setup is very easy. It is not very complicated. Sometimes, the documentation is not updated, but the processes are very intuitive, so it is not that hard.

In terms of the implementation strategy, we first focus on non-critical servers or appliances, and then we move on to critical ones.

It is being used in an enterprise environment at a data center.

The implementation may require two people, depending on the infrastructure and scale. You might need an engineer or an administrator.

For maintenance, there are two people. One person scans and reviews all the information and the other one is from the backup. It requires minimal maintenance.

Overall, the visibility and security that it provides are our returns on the investments.

I feel that Vision One is a bit expensive. As for the pricing or licensing, I would rate it a seven out of ten.

I would rate Vision One an eight out of ten.

Our primary use case is to secure our endpoints and servers via Managed Detection. We secure them using XDA and Trend Micro’s SOC. We secure it based on behavior so that we have someone to respond if there are unusual issues with PCs, even on weekends and holidays when we’re not onsite, and then they inform us. That’s why we chose Trend Vision One.

We have it deployed on all of our PCs, both Windows and Linux laptops.

The security coverage is very important for my company's network. It is a requirement under the NIS2 directive, which is now coming into effect in the EU. The coverage is also important for us because we operate 24/7, but our IT staff is not available around the clock. To fill this gap, we opted for Trend Micro’s XDR solution. Trend Micro’s SOC team can respond even when no one from our team is available.

They also make sure we are properly notified because if an email comes in at 3 AM on a Sunday, no one will read it but if Trend Micro's SOC team calls, someone will check immediately. That’s why we chose this solution.

The security coverage is also particularly important for us because, as a hospital running 24/7, we must ensure the security of patient data and maintain the IT infrastructure's operational capability. If our systems go down, it could directly impact patient treatment. Around 10 years ago, before we had Trend Micro, we experienced an attack and our IT systems were down for an entire week. That was incredibly difficult.

With increasing digitalization and more medical processes relying on computers, doctors need easy access to X-rays, prior medical examinations, and other records. Since all of this data is stored digitally, solutions like Trend Vision One become even more essential. Availability must be guaranteed, and we cannot afford a situation where a system gets attacked and taken down. That’s why it is crucial for us to have this protection in place.

The biggest security challenges in my organization are:

1. Preventing unauthorized external access.

2. Reducing the risk of employees unknowingly giving attackers access to the network due to inexperience.

That’s why we use these solutions, in combination with Apex One and Deep Security, to prevent such incidents. If a user mistakenly clicks on something they shouldn’t, the system can respond immediately and prevent damage before it occurs.

With Trend Micro Vision One we now have a comprehensive overview of our entire network of all of our endpoints and Active Directory. We also have an industry comparison feature that allows us to gauge our security status.

For example, our advisor recently reviewed our security score and confirmed that we are in a good position. That gives us peace of mind.

The SOC team is the most valuable feature for us. Having experts who monitor global threat landscapes and can respond accordingly is incredibly helpful. They keep an eye on our system and can intervene if necessary to prevent significant damage. That is the most important aspect for us.

That’s a bit tricky to answer. Trend Vision One is a powerful tool that provides a vast amount of information. It requires some practice to filter out the most relevant insights and respond accordingly like investigating specific endpoints when necessary.

Since we are still relatively new to the platform and have a small IT team, we haven’t been able to fully explore all of Vision One’s capabilities. However, the data we do utilize helps us react appropriately and address potential threats before they escalate.

A major advantage is that we can integrate Active Directory into Vision One. This means we get alerts if something unusual happens in AD, and these notifications appear directly in Vision One. I believe firewalls can also be integrated, though we haven’t done that yet as we are currently upgrading our firewall infrastructure.

Having a centralized platform where logs and security alerts from multiple systems converge is a huge benefit, as it allows us to react efficiently from a single interface.

AI is beneficial because it can operate independently of predefined patterns, reacting based on behavior rather than fixed rules. It continuously learns and can detect threats that might not yet be covered by existing security protocols. This is a major step forward in cybersecurity.

We realized Trend Vision One's benefits quite quickly. Within one to two weeks, we already saw improvements. We really noticed the full impact after receiving our first report. That allowed us to analyze incidents, track past threats, and understand what was happening within our network. After about four weeks, we fully realized the platform's value.

It does save time when searching for an incident because you can simply display the incidents in the Vision One console. You can drill down to the task level and see which file was affected on which endpoint.

That makes things much easier when tracking a specific incident. It saves more than fifty percent of the time because, as mentioned, you can drill down directly from the endpoint in the console, down to the task, down to the file, the DLL, or whatever it is. And you also get a display of what it is without having to access the computer and search on Google. As mentioned, everything is displayed clearly and neatly in the Vision One console, sometimes even with suggestions on what to do.

My organization has reduced its cybersecurity risk. We have a centralized view of where the risks are, you can specifically access individual endpoints, and as mentioned, the SOC in the background immediately reports unusual behavior even when you’re not around. If it’s high-risk, we get a call.

In this regard, cybersecurity has improved significantly because a lot of things that previously went unnoticed are now detected.

Trend Vision One is already very powerful. The clarity and usability could be improved a bit. Sometimes it’s difficult to find your way around.

It’s such an important tool, and you can do a lot with it. With some practice and proper training, you can manage quite well.

We are currently implementing, as a pilot hospital, an ICAP virus scanner through the Service Gateway via Vision One, which scans our KIM emails. This was an important feature and Trend Micro has now implemented it.

I have been using Trend Vision One for about six months.

I would rate the stability a nine out of ten.

We are currently working on scaling. We are integrating with ICAP functionality.

The scalability is very good. You can integrate almost everything you need, including mail security, etc. I’d give scalability a 10 because nearly everything is integrated.

The staff we have dealt with were always very competent. What I find a bit difficult is that there is no German support. Since my English isn’t the best, we usually go through our consultant, as he knows the Trend Micro support team well and handles these things daily. So, we rely on our partner for that.

In terms of knowledge, the support is competent. The language barrier is just a bit challenging because when they speak fast in English and I don’t understand much.

The initial setup was done by a consultant from SoftwareOne. He did a really good job, and everything went smoothly except for the hybrid installation with Deep Security.

That went quite smoothly. Apex One had some issues, and we had to keep a support case open for a long time before it worked properly. But now, everything works fine.

We are only four people in IT here, and everyone does a bit of everything for the setup.

We install the agents ourselves, meaning we have to manually set them up on each computer or server.

The clients are already rolled out, and everyone contributes when needed like whenever we work on something, another sensor gets installed, etc.

We have around 400 endpoints and approximately 600 users with a Windows environment and a virtualized setup using VMware.

Our server environment also includes VMware View in some areas.

In terms of maintenance, I have to regularly check reports and see what needs to be done. Otherwise, everything updates itself in Vision One.

Since Vision One is cloud-based, the console updates itself, as do the agents. Once everything is installed, there’s little to do.

There are additional costs.

Overall, the price-performance ratio is okay.

We looked at Sophos beforehand because we use it as a firewall. Since Vision One integrates well with existing solutions like Deep Security and Apex One, we chose an integrated solution and decided to go with Trend Vision One.

We also deliberately opted against a purely web-based solution. We run a hybrid installation, meaning that Apex One and Deep Security are still managed locally and connected to Vision One.

This is because we have been hacked before, and if I cut off internet access to our firewall, I wouldn’t be able to administer my security suite. With this setup, I can still manage and configure it before reconnecting to the internet.

I would rate Trend Vision One a nine out of ten.

My advice to anybody considering Trend Vision One is that the most important aspect is the integration with existing solutions like Apex One and Deep Security.

It’s stable and provides a lot of information. The only downside is that it can be a bit complex to navigate.

My primary use case for Trend Vision One is for application device control, web reputation services, and malware scanning, as well as providing a remote malware scan option. I also use it for log inspection and endpoint identification.

Trend Vision One helps save us time.

I am satisfied with the security Trend Vision One provides for our cloud environment. It effectively identifies threats by regularly inspecting logs to establish a baseline of normal operations and reports any detected anomalies on the console.

Trend Vision One offers good visibility and control over our environment, providing valuable telemetry into network traffic.

Trend Vision One offers comprehensive insights into our infrastructure, allowing me to identify unmonitored endpoints, such as those without the software installed, which I can then verify through the console.

Trend Vision One allowed us to consolidate the Apex One and Deep Security consoles, which were previously used separately in our on-premises environment.

Trend Vision One offers superior integrations, enhanced tool capabilities, and expanded solutions for network security, firewalls, and remote malware scanning. Its ability to identify unmonitored endpoints and perform log inspection, which establishes operational baselines and detects anomalies, proves invaluable for threat identification. The platform's comprehensive reporting capabilities further enhance its value in maintaining a secure environment.

Trend Micro could improve its support for non-third-party products and product integrations. Technical support in our region needs improvement.

I have been using Trend Vision One for approximately one year.

Trend Vision One effectively scales to accommodate our workloads.

Trend Micro's support is suboptimal in my region, likely due to proximity to their resources, favouring areas closer to the company. Consequently, we utilize local support providers who offer better service.

The deployment usually takes an hour, more or less. Trend Vision One was easier to deploy than other tools when integrating with the cloud environment.

We have a local vendor that provides support.

Trend Vision One is cost-effective because it offers detailed reporting and environment control features.

I would rate Trend Vision One eight out of ten because every tool needs improvement. Trend Micro has some low-cost services and minor areas for improvement.

Trend Vision One provides regular updates according to customer needs.

I would recommend Trend Vision One. There is flexibility, and their credit system is quite effective.

Our use cases are essentially all the classic defense mechanisms that are used to protect devices, secure emails, and ensure that we don’t pull in anything harmful. We also monitor Internet and Intranet traffic to detect abnormal behavior and address it. This has helped us in many situations where we’ve faced external attacks, which then usually try to go back out. I always say that they try to drill through the wall and get back out, and in that way, we’ve been able to recognize when someone has gained access to our devices.

We operate in 60 countries with 4,000 to 4,500 employees, of which nearly 2,000 are based in Frankfurt. All of the end devices of our colleagues are under IT security monitoring. The Deep Discovery Inspector is implemented at three global locations: one in Europe, one in Asia, and one in the USA. This allows us to detect any issues early on, and with network segmentation, we can minimize potential damage in case of an incident.

The biggest security concerns in our industry are not really industry-specific but are intrusions. Identity theft is a challenge and then there are issues where people are manipulated into making money transfers to what seem like customer accounts that don’t actually exist.

Another is the classic attack, where ransomware is used to infiltrate systems and gain access through encryption and similar methods.

Additionally, we also have the issue of IP protection.

Trend Vision One has significantly improved our company because we can now track and see how many attacks we have. Since we’ve implemented it, we haven’t had any major attacks that have successfully entered the company. So, we know the defense mechanism is working.

In terms of our ability to manage risks, we already had the stances for risk management in place, from our side, from a purely conceptual standpoint. Through a solution like this, we always want to get a more concrete approach for the operational side. We aim to identify and assess risks and then determine the measures we can take to mitigate those risks. That’s where Trend Micro is very helpful.

Trend Vision One has significantly helped reduce our time to detect and respond to threats.

In terms of whether or not Trend Vision One has helped my organization reduce noise from false positives, it’s always a matter of perspective in terms of whether or not the number of alarms has truly been reduced or if they were false alarms. We rolled out the solution across the company, and as a result, we now monitor more devices and have a more comprehensive view of security. Therefore, the number of alarms and false alarms has certainly increased, because we are now looking at all devices. Previously, we didn’t monitor them, so we didn’t notice them.

We have always seen alarms and false alarms. However, we have incorporated mechanisms to identify where the false alarms are coming from, and we continuously refine the system. Sometimes, activities in the internal IT administrative area trigger alarms that are not actual threats, and we continuously adjust and refine those rules to reduce false alarms. We didn’t have a solution in place before to compare whether or not it has reduced false positives. The mechanisms we have now allow us to assess both alarms and false alarms in detail and, in the case of false alarms, to trace where they come from and implement rules to prevent them from happening again.

Trend Vision One has definitely reduced my organization's cyber risk. We took a holistic view of all devices, became more aware of IT security risks from the outset, and then integrated all devices into that view. In the incidents we encountered at the beginning, as we increasingly implemented and observed this solution, a clear path was outlined on how to address and resolve these issues.

We implement the sensors globally from the angle that we are, in fact, global and operate worldwide. The importance lies in the fact that we know attacks can happen from anywhere, and therefore we decided to implement this as a standard solution within our company, The Samson Group. The Samson Group itself has 60 legal entities worldwide, and from our side, this is more of a governance requirement, meaning it must be used to protect the entire organization.

We have found the Deep Discovery Inspector that is in place exceptionally valuable. It has consistently helped us identify areas where issues are happening and where there have been small vulnerabilities in the network that could lead to issues. This happens when, at some point, an unauthorized device—one that shouldn’t be in the network—somehow gains access. This is certainly one of Trend Micro's standout features, as it has provided us with insight into what is happening in our network, which has prevented us from facing significant damage.

We have a positive impression of Trend Vision One's ability to provide us with centralized visibility and management across protection layers. The impression is definitely positive for us. That’s also why we decided to extend the contracts. It’s a very mature solution that is well-understood and user-friendly for people working in this field.

Trend Micro helps us consolidate security vendors because we are now establishing this as standard software for the company. We only work with one solution provider, which is part of the consolidation. When selecting the solutions, we carefully considered what was important to us and where issues occurred. For example, we were particularly pleased that the base and system come from a Japanese company, meaning we don’t have to put ourselves in the hands of Russian or American companies to make this happen.

We use the CREM features and from our perspective, it is very helpful because it provides a supportive function. In situations where we notice something, we also have a very direct line to the team.

When it comes to having AI, from a high-level perspective, I don’t really care how it’s done in terms of the solution. It's great if AI is used because we measure based on the results we achieve. It must meet the requirements for performance and speed. Today, AI is the tool of choice to achieve the necessary speed and performance. But it’s not about the fact that AI is involved; it’s about the fact that, at the end of the day, a fast and reliable solution has been created.

We still have devices that are not traditional IT equipment but rather fall under the category of Operational Technology (OT) devices. There is increasingly a blending of the traditional OT world, which requires a specific focus, as OT devices often don't use standard Ethernet protocols and similar technologies. These are areas where I believe more can be done by Trend Vision One.

Taking it a step further, we also produce items that include IT elements, which are then used by customers. It would be great if there were Trend Micro products that could enhance the security of these devices, either as part of our product or in some other way integrated into our offering. But that's a different approach. At the moment, we use Trend Micro to protect our own company and our internal networks, but expanding this to our customer-facing products is an idea for the future.

We have been using Trend Micro for a long time, since 2020. We started in 2019 and signed our first Trend Vision One contract in 2020.

The stability is very high. We rarely encounter stability issues. When we do have issues, we typically find that they originate from our side, usually because certain information couldn't be provided by the server.

Compared to other companies, we're not huge, but during the rollout and expansion, we found that it scales easily. We haven't encountered any issues with scaling effects or anything like that.

Their technical support is excellent because we continuously see that when an issue arises, direct communication is sought. The ability to act quickly and be in direct communication is very important to us. It's not just about high-level support with the chatbot; rather, when an issue occurs, we have the experts on-site and ready to respond swiftly, which is crucial. In such situations, you need to act quickly without wasting time on what should happen next.

We have used a lot of products. Over the past few years, we have been consolidating into a single corporation and replacing other solutions with the corporate mandate of Trend Micro. The reason is for efficiency reasons, among others. By using the same solution across the entire company, we can manage and maintain it centrally, ensuring uniform behavior without having to deal with individual solutions for each part of the organization.

I was involved in the setup in terms of managing the role and function, but not from a technical standpoint.

My colleagues reported that it is a very well-designed software. We’ve experienced other solutions where we’ve worked on software for a long time, and it didn’t go as smoothly. I haven’t heard any complaints, so the setup must have been good.

We took a risk-based approach to implement this. We started rolling it out in some large manufacturing companies, where the potential damage in case of an incident would be the greatest. From there, we moved to the smaller legal entities, such as just sales offices or similar, so from large to small.

We have a relatively small team in the global function with three people who worked on it. We also have a packaging team and similar resources when it comes to creating installation scripts for end devices.

In terms of maintenance, we have purchased Trend Vision One as part of a SaaS solution. This includes updates and ongoing support, such as the provision of virus signatures, so we don't have dedicated staff specifically for maintenance. We do have designated contacts around the world dedicated to handling alarms and events. This is an additional responsibility for the IT team members after their training, so I can't give you a precise number of people involved. These activities are integrated into the existing IT staff who manage them alongside their regular tasks.

We have seen a return on investment fundamentally more qualitatively, proportionally, and quantitatively. We haven't done a strict ROI calculation. We know it's in place to counter potential damage, but it's hard to quantify potential damage in an ROI calculation. On the other hand, we had two incidents during the rollout for the global company. Thankfully, we also had cyber security insurance, and the insurance covered the incidents because, through Trend Micro and the implementation of the solution, along with the data it provided, we were able to demonstrate what had happened. Without this, we certainly wouldn’t have received the insurance payout.

Of course, we'd prefer for it to be free. Security has its price. Regarding the prices we've experienced, we consider Trend Micro to be competitive. However, we sometimes wish for a higher discount based on more usage as the company grows.

We looked around at other solutions. When we started evaluating options in 2019, we explored the typical solution portfolios available at the time. We considered several options, and then, based on different factors, we decided on a company operating out of Japan, rather than an extension of an American company. I don't quite remember all the details, but at the time, there was also a Russian solution that was quite popular in the European market, which we decided not to pursue further.

The main differences between these products and Trend Vision One were the functionality and the overall environment. We wanted a truly independent solution. From the perspective of German and European data protection laws, it was a matter of weighing where we could place the most trust and where we would see those principles reflected in the implementation.

My advice would be that one should really take the time to think carefully about what they want and need, and particularly engage in conversations with colleagues to find the right solution. One could say that to perform Deep Discovery Inspector on network traffic, more nodes could be added but at some point, the cost-benefit effect becomes minimal.

We always felt that Trend Micro provided us with very good advice, suggesting that more than three nodes in a global context weren't necessary. Any additional nodes would only slightly improve performance, making it not worthwhile. It's important to listen to the Trend Micro team and communicate openly. What's key is that you have to think about your scenarios and risks in advance—this is something they can't take off your hands. For example, network segmentation, which isn't part of Trend Micro's offering, is a mechanism we also bring in. It's important to work hand in hand, and there needs to be a lot of dialogue at this stage.

We primarily use Trend Vision One for its XDR capabilities, email security features, and MDR services offered through ServiceOne. Leveraging these Trend Vision One products allows us to provide robust security solutions to our customers.

My customers range from small non-profits with 40 endpoints to large enterprises with over 2,000 endpoints across diverse sectors, including energy, manufacturing, finance, and software.

Vision One possesses machine learning predictive capabilities that have already proven effective. In the past week alone, it detected and blocked two scans for unknown threats. This capability is crucial, especially since our predominantly Canadian customer base faces an elevated risk of cyberattacks from China due to the recent government-level ban on TikTok. Consequently, we anticipate an increase in attacks. Trend Vision One boasts the largest zero-day initiative, renowned for its proficiency in detecting such threats.

The single console in Vision One streamlines cross-layer detection, threat hunting, and investigation, incorporating sandbox analysis and log search capabilities. It allows for endpoint isolation, remote shell establishment, and integration with tools like Active Directory and Microsoft Entra ID. Automated playbooks enable actions such as endpoint isolation, custom script execution, forensic investigations, user lockouts, and password resets, all of which are customizable. This automation is crucial for containing threats outside of working hours, as playbooks can be configured to automatically execute actions based on specific criteria, mitigating damage before staff return.

The single console provides comprehensive visibility across the entire IT security environment, including endpoints, cloud activity, workflow protection, email protection, and mobile device management, all within a single, unified platform.

Trend Vision One integrates with a range of security products, including various SIEM solutions, vulnerability management tools, and select firewalls. A comprehensive list of compatible products is available on Trend Micro's website.

Trend Vision One is relatively easy to learn for those with some security background. While first-time users may find it initially confusing, abundant learning resources such as YouTube videos and comprehensive documentation are available to help users quickly familiarize themselves with the platform.

Some of my customers maintain hybrid environments, and Trend Vision One enhances visibility by consolidating all systems into a single platform.

Trend Vision One has malware scanning capabilities, allowing it to detect, quarantine, and block malware effectively.

Trend's Managed Detection and Response service provides continuous 24/7 monitoring, effectively reducing staff workloads by eliminating the need for in-house security monitoring.

Trend Vision One improves my organization's visibility by consolidating security functions into a single console. These capabilities enhance our security operations, making it easier to manage threats.

Trend Vision One's most valuable feature is its centralized console, which provides comprehensive security features, including attack surface risk management. This allows for benchmarking our risk score against similar organizations based on size, industry, and location. Additionally, it offers endpoint vulnerability assessment, user behavior analytics, and standard XDR detection capabilities.

An area for improvement is integrating more tools with Trend Micro's SIEM. Expanding compatibility to include currently unsupported security tools, such as firewalls, would be beneficial.

I have been using Trend Vision One for approximately four months.

Trend Vision One is scalable.

To improve support, the company should streamline communication and reduce response times. Specifically, support tickets often require customers to provide redundant information, creating unnecessary extra steps in the process.

Overall, I rate Trend Vision One a ten out of ten as I am extremely happy with Trend Micro's capabilities and their platform's strength.

Trend Vision One is easy to maintain.