We deploy Trend Vision One - Cloud Security on all systems as part of the standard package. When rolling out new devices, it allows me to monitor East-West traffic between our endpoints. Previously, I had no visibility into communication between Trend user A and end user B within the network. XDR now grants me this insight, while also sending alerts for suspicious activity. I can click on these alerts, investigate in Trend Vision One - Cloud Security, and visualize the communication flow in a user-friendly diagram. This helps me distinguish genuine threats from warnings or false positives. For example, one day I saw an alert indicating someone attempting to reinstall Chrome on a PC. Trend Vision One - Cloud Security confirmed this activity. Additionally, XDR enables me to directly block malicious attempts from the workbench.

Trend Vision One - Cloud Security operates entirely in the cloud, enabling remote access to user devices for necessary changes, virus removal, and patch implementation.

The biggest problem was that I couldn't see our East-West network traffic between our endpoints. However, I could see North-South traffic, meaning anything that went up to the firewall and back. This meant if, for example, a coworker and I were sending something malicious to each other, I wouldn't be able to see it or tell where it was coming from. I might get an alert saying suspicious activity was detected, but wouldn't have specific details.
Implementing an XDR system changed this. Now, I can see all East-West traffic and set up rules for specific actions if certain events occur. I can also filter the information to focus on what's most important. Every day, I review XDR alerts, investigate them, and determine if they're suspicious or not.

We use Trend Vision One - Cloud Security across all our endpoints, including PCs, laptops, and servers. The coverage it provides is extremely important. We leverage Trend Vision's XDR capabilities for enhanced threat detection and response. Additionally, we utilize the Trend Vision One - Cloud Security app security solution. We have Trend Vision One - Cloud Security as a service, and I also manage TippingPoint. Our cybersecurity posture is significantly stronger than it was four years ago. Back then, we were hit by a ransomware attack, which exposed vulnerabilities in our security measures. We were only spending around eight thousand dollars annually on cybersecurity, and as the company grew rapidly, investments in cybersecurity weren't prioritized. While achieving absolute security is impossible, we are demonstrably more secure than ever before.

Trend Vision One - Cloud Security provides centralized visibility. Every day, I log into Vision One and the first thing I check is my risk score. Based on my score, I take action. For example, if my score jumps from 36 to 50, I investigate the change in Vision One. Vision One tells me what caused the increase and offers specific recommendations. I can then easily see what actions will reduce my risk. For example, I might see that fixing a specific vulnerability will lower my score by six points, but another fix won't help. Trend Vision One - Cloud Security is a powerful tool, and that's just a glimpse of its capabilities. It shows me my OS vulnerabilities, application vulnerabilities, and even critical business exposures. For example, it might alert me to an Adobe CBE and tell me which devices are affected. This allows me to quickly identify and patch vulnerable devices. Furthermore, I can directly initiate patching from Vision One. Additionally, I can use integrated products like Container Security for AWS to gain comprehensive security insights across different environments, all within the same platform.

Every day, I start by logging into the Executive Dashboard. It's the first thing I check, as it provides me with my risk index and a summary of potential issues. Furthermore, I can view information about our devices, risk levels, and other relevant data points. After reviewing the Executive Dashboard, I transition to the Operations Dashboard for a more granular look at individual devices and their associated risks.

Before XDR, I could spend hours trying to track down the issue behind an alert. Now, everything is at my fingertips within Vision One. I simply click on the link, and it gives me all the information I need: who the user is, the PC name, and relevant context depending on the alert type e.g., a suspicious email. So, instead of spending hours figuring out the source of the alert, I can now resolve it in just a couple of minutes.

With the managed XDR service, I have peace of mind knowing that if they find something suspicious, they will alert me immediately. They can even call me and say, "Hey, we found some unusual activity and stopped it. Do you want us to continue investigating or revert to the previous state?" I can then confidently say yes and trust that they are handling the situation effectively. I've received calls in the past late at night about suspicious activity, and I'm grateful that I don't have to be the one monitoring everything 24/7. Now, I have a team of experts who do it for me, providing a significant advantage over-relying on a single person. They only alert me when something serious arises, allowing me to focus on other matters.

The managed XDR service has freed up our team's time by eliminating the need for 24/7 on-call duty with Vision One. This allows us to focus on other tasks instead of spending hours diagnosing potential issues. Now, we're able to resolve concerns in minutes, freeing up additional time for projects and other responsibilities.

While I find the Attack Surface Risk Management module to be a valuable addition to the executive dashboard, I don't utilize the Attack Surface Discovery feature as frequently, maybe once a week. This is primarily because I rely on the XDR management system to monitor for potential threats and alert me to anything critical. Manually reviewing the detailed discovery overview doesn't add significant value at present, as I trust the XDR system to flag any urgent issues.

The Attack Surface Risk Management module helps to identify blind spots in our environment, especially where assets are highly exposed. It presents explainable CDZs and provides a rich asset score for each PC or device. This allows me to easily identify high-risk devices and investigate further. For example, when I saw a server with a suspicious file flagged as a 96 high-risk alert, I could investigate and find that it was an Excel file with a macro, explaining the risk. I can then determine if it's a false positive and communicate this appropriately. The module's continuous learning ensures improved accuracy over time.

Implementing the managed XDR has significantly reduced our time to detect and respond to threats. Previously, I received security alerts via email, which could be delayed. Additionally, I often needed to manually review logs and scan results, which was time-consuming and inefficient. Now, the managed XDR provides timely alerts directly in the platform, streamlining my workflow and keeping me informed promptly. This has saved me one to two hours per day.

Implementing a managed XDR solution has significantly reduced the number of false positives I encounter. This allows me to identify and address real issues much faster. Instead of spending 45 minutes tracking down potential threats, I can now simply click a link and determine if an alert is legitimate within three minutes.

We use playbooks that have certain rules and are set up to automatically take action when they find something suspicious. This way, I don't have to sit there and make judgment calls every single day. If a certain event occurs, or if we discover something unexpected, I can create a playbook to automatically start looking for it everywhere on the network.

Trend Vision One - Cloud Security does not utilize a lot of resources which allows our users to keep working even during a scan.

The workbook insights generate a massive list, making it inconvenient to review. Ideally, we could easily filter or view items by selecting multiple lines and marking them as false positives. Unfortunately, the current process requires manually clicking on each item, opening Trend, and then closing it again.

I have been using Trend Vision One - Cloud Security for almost three years.

We have had minimal downtime and it was always corrected quickly.

We are an organization of 900 users and I have seen organizations with tens of thousands of users. If we want to add users we just need to add credits and it automatically installs and starts reporting.

We have a dedicated technical account manager assigned to us. I have contacted technical support on two occasions - once for an outage and another time for device cleanup of some old, unused assets that we needed to remove. They responded to me promptly on the same day and resolved the issue the following day.

Before adopting Trend Vision One - Cloud Security, we relied on Kaspersky for endpoint protection. Unfortunately, within the first three months of deployment, we experienced three security incidents. Consequently, we transitioned to OfficeScan, followed by Apex One, and ultimately migrated to Vision One for enhanced protection.

We participate in a VIP program that grants us monthly meetings with Trend, where we provide feedback and receive previews of upcoming features and products.

Trend provided us with a dedicated support person to assist with the initial deployment, which was smooth due to my prior familiarity with their platform. They walked us through the process, outlining the best practices. On our end, we had a team of three, including a sales representative, an engineer, and one other individual, to deploy Trend Vision One - Cloud Security on 900 machines. We implemented the deployment via our group policy, utilizing a simple click-through link for all users.

The number of staff and time saved by using the managed XDR pays for itself and we saw these savings right away.

One year ago, Trend transitioned to a credit system for licensing, which has confused users. While each user receives a set number of credits initially, adding more credits becomes complex. Previously, purchasing a license based on user count was much simpler. Now, even mid-contract, if Trend increases the cost of a product, they also raise the required number of credits until the year's end, further compounding the confusion.

I would rate Trend Vision One - Cloud Security ten out of ten.

No maintenance is required from our end because it automatically updates to the latest version. The only maintenance that we would ever have to do is if a manual patch is required on a device.

Organizations can avoid alert fatigue by filtering their managed XDR solution to only display suspicious activity, allowing the rest of the traffic to flow through unhindered. Additionally, ensuring all patches are applied before running scans can significantly reduce false positives and alert noise. We learned this the hard way, initially receiving 50-100 email alerts daily. By implementing these changes, we've successfully minimized alerts to a maximum of two per day.

We use Cloud Security for workload and application security. The company also uses AWS Cloud Conformity. Cloud Security protects us from application-delivered attacks. The solution is protecting our private services, internal customers, and security account holders.

Trend Vision One - Cloud Security is a core component of our security system, offering total visibility into everyday activities across our cloud environments. The solution has helped us to automate some things. We usually report high-severity issues to our customers, so they can investigate them manually, but our security team can fix these via automation in some cases.

The tool is doing most of the work from the security perspective. We only assess the results. We have Vision One. If anything appears on Vision One, we can act based on the workbench alerts.

I like the conformity and workload security modules. Workload security is all about intrusion detection and prevention. Trend Vision One - Cloud Security has behavioral rules that are auto-populated based on organizational structure. That's one aspect that we liked most.

We purchased Trend Vision One - Cloud Security for its multi-cloud capabilities. We already had the same conformity and workload security technologies from Trend Vision that we extended to our cloud workloads. We haven't seen any security incidents in the past six or seven months.

Cloud Security provides useful contextual data. We are integrated with Elasticsearch, so most of the parsing and use cases are also developed there. We have good results from tracking indicators of compromise, and we are generating lists of malicious IPs.

The solution's cloud workload protection is essential because not everyone is good at building workloads based on best practices. It helps us identify misconfigurations or anything like that, so we don't have to worry about it. There is a lot of risk involved. Cloud Security adds another layer of security.

Securing S3 using Cloud Security can cost too much. Trend Vision One - Cloud Security has a tool that requires lots of privileges. From my understanding, it's only for static application testing, so they need to add dynamic application testing, and there should be more collaboration with the application testing tools on the market. We have not used this product, and I don't know if they plan to decommission it or something. They should focus on application security because this tool's unique feature is multi-cloud support. However, they should improve integration with tools for these kinds of use cases, especially application security and dynamic scanning. For example, I would like it to support Dell SecureOps. I'd also like to see some enhancements to API gateway security.

We have used Trend Vision One - Cloud Security for about two years.

I rate Trend Vision One - Cloud Security nine out of 10 for stability.

It's easy to scale. Trend Vision One - Cloud Security is all about scalability and elasticity. It's completely covered by Trend Vision. We're adding licenses annually. This year, we've purchased another 500.

I rate Trend Vision support six out of 10. Their support didn't meet expectations. They should offer more training during onboarding so that everyone on the implementation team is knowledgeable about the product. It was a considerable challenge in a massive environment like ours. We have around 5,000 servers on the cloud. Initially, there was no support for seven or eight months.

This year, we have upgraded to premium support, so we don't have these challenges anymore, but there is a cost involved. If you are selling a product, you have a responsibility to inform the customers about its capabilities.

Trend Vision One - Cloud Security was the first product we purchased for this use case, but we did some POCs for CrowdStrike and found that it didn't have the same coverage of multi-cloud platforms. Trend Vision was the first solution with this capability, and CrowdStrike was lagging at the time, but I'm unsure if the market has changed since then.

CrowdStrike lacked a multi-cloud approach. It covered workload security but not application, storage, and network security. Now, maybe Crowdstrike has these services, but I'm not sure.

We found the product complex to understand initially, but we learned about the use cases and modules step by step. When we were configuring the workload security module, we completely blocked the traffic by accident. We had to take time to understand the company's environment on the cloud and create exceptions.

Eventually, we learned how to automate the deployment. We didn't have any documentation from them. We figured it out ourselves. Now, we can fully deploy the solution in one afternoon. It's hassle-free with the use of automation scripts and automation tools.

We required some specialists, including those who worked on the automation part and those who specialized in some of the native cloud services. For example, in AWS, we needed SSM systems managers to help us push it via SSM agents. They're part of cloud operations, so they handle scripting and build the architecture.

Trend Vision One - Cloud Security helps us reduce costs on AWS by optimizing consumption. We can forward our reports to the customers and have them fix the issue. You can minimize costs by only enabling security for business-critical workloads and instances. For example, you can enable application security for apps containing personally identifiable information or an S3 bucket where you're storing some invoices. Trend Vision One - Cloud Security has seven modules that you can choose and customize based on your use cases and requirements.

I was not involved in purchasing the solution, but it's my understanding that Cloud Security is affordable.

I rate Trend Vision One - Cloud Security nine out of 10. My advice to new users is to clearly communicate with support and set an agreement for what you expect from this product and Trend Vision's support team.