We rely on Trend Micro Vision One as our Extended Detection and Response platform, leveraging its capabilities for endpoint detection and response across our entire IT environment.
Trend Vision One
Trend MicroExternal reviews
265 reviews
from
and
External reviews are not included in the AWS star rating for the product.
CIO
What do you like best about the product?
Dashboard showing the overal risk index.
What do you dislike about the product?
They have no support in our local country. I think its better to incorporate support in my country Zimbabwe.
What problems is the product solving and how is that benefiting you?
Reporting overal risk index informs management on how we are doing as an entity
A Robust Cybersecurity Solution
What do you like best about the product?
The best aspect of Trend Micro Vision One is its advanced threat detection capabilities, utilizing AI and machine learning to identify both known and unknown threats effectively.
The integration of multiple security tools into a single platform is highly beneficial, providing a unified view of our security landscape.
The integration of multiple security tools into a single platform is highly beneficial, providing a unified view of our security landscape.
What do you dislike about the product?
The cost of the platform may be prohibitive for smaller businesses, and the learning curve for new users can be steep, requiring substantial effort to fully leverage all features.
What problems is the product solving and how is that benefiting you?
XDR addresses several critical cybersecurity challenges, including advanced threat detection, incident response, and unified security management.
By integrating various security tools into a single platform, it simplifies the management process and provides a comprehensive view of our security posture.
This enables us to detect and respond to threats more effectively and efficiently, significantly reducing the time and effort required to manage security incidents.
By integrating various security tools into a single platform, it simplifies the management process and provides a comprehensive view of our security posture.
This enables us to detect and respond to threats more effectively and efficiently, significantly reducing the time and effort required to manage security incidents.
Wonderfull, for me its de best xdr in the marketing
What do you like best about the product?
the search mode, its to easy to found a anomalous event in my enviroment
What do you dislike about the product?
The way you create an automation to close a case today. At competitors this process is more simplified
What problems is the product solving and how is that benefiting you?
the lack of information in the enviroment
ASRM
What do you like best about the product?
OAT (observe attack technique) is the best part on XDR .
What do you dislike about the product?
Options in XDR.
Sometimes the role of users which, I gave the user permission rights restricted the user role doesn't work properly.
Sometimes the role of users which, I gave the user permission rights restricted the user role doesn't work properly.
What problems is the product solving and how is that benefiting you?
create a user on XDR and give relevant rights to some policies that I made on endpoint protection.
Its strength lies in its advanced features like intrusion detection and integration capabilities
What is our primary use case?
How has it helped my organization?
Trend Micro Vision One boasts a good detection rate thanks to its data lake analysis and frameworks like MITRE. This helps minimize false positives, ensuring alerts are truly security threats. While no platform is flawless and occasional false positives can occur, Vision One's detection is effective for our use cases.
Trend Micro Vision One doesn't have a separate module for advanced threat protection. Instead, its standard endpoint protection, formerly Apex One, includes features like real-time scanning with advanced telemetry collection to identify and prevent unknown threats. These features go beyond basic signature-based detection and offer advanced actions like specific file quarantine or cleanup thanks to machine learning capabilities.
Trend Micro Vision One uses real-time machine learning to detect ransomware, a critical tool since cybercrime is increasingly focused on extortion. While ransomware isn't new, its prominence in news reports makes it a major concern. However, even though it's widely reported, it may not be the biggest threat. For healthcare organizations especially, protecting patient data from being leaked and sold on the dark web is paramount. This is why using tools like Trend Micro Vision One is crucial.
Trend Micro's Vision One simplifies security management by offering a unified console for threat detection, investigation, and hunting across all security layers. This replaces their previous approach of separate consoles for different products like cloud app security and Cloud One, eliminating the need to switch between consoles for a complete security picture.
While telemetry data offers valuable insights into identity access, endpoint detection, and threat intelligence, doesn't provide complete visibility. There's no access to firewall logs or built-in network access control. However, the platform's strength lies in its advanced features like intrusion detection and integration capabilities, allowing for threat hunting and sharing data with other security solutions.
Vision One uses two methods for endpoint detection. The first is "active update," where devices connect securely using port 443 to the cloud to download the latest signature data every 12 hours, ensuring they have up-to-date protection. This eliminates the need for on-premise signature updates.
Vision One is user-friendly with clear navigation, but its wealth of data can be overwhelming for new users. For example, telemetry can be complex, and some alerts might go unnoticed by inexperienced users who lack the necessary skills to interpret the data effectively. This isn't a flaw of the product itself; it's simply a matter of needing the right training and experience to get the most out of it.
Vision One, while easy to manage, requires significant upfront investment when building a platform from scratch. Configuring agent deployment, servers, and third-party integrations, takes many hours and there's no perfect out-of-the-box solution.
While initially considering Trend Vision One as just a replacement antivirus solution, we realized its extended detection and response capabilities offered more than just basic endpoint protection. XDR allows for collecting telemetry data beyond signatures, enabling us to identify threats like suspicious file activity, lateral movement, and potential command-and-control communications. This provides a more comprehensive security posture compared to traditional antivirus solutions and helps reduce our workloads.
What is most valuable?
Our organization utilizes the full range of Trend Vision One features, excluding tipping points. This includes attack surface risk management, XDR threat investigation, endpoint, cloud, network security, and email protection. This full security posture positions us well for our future security roadmap.
What needs improvement?
Trend Micro Vision One requires significant customization to fit our specific needs, which increases the administrative burden. While the wider data collection offers a broader security net, we don't utilize all its services (e.g., Okta integration). This necessitates manual log ingestion from Azure (e.g., anonymous logins, suspicious tokens) and additional verification using separate tools like Azure for risky sign-in detection and IP vetting, making it a more hands-on security solution.
Trend Vision One has some usability issues. For example, extracting browser history for forensic analysis is cumbersome. The platform parses the history file but then doesn't allow exporting the data, making it difficult to share findings with managers. Additionally, the lack of a Network Security Installer for endpoint agents is surprising, especially considering servers have them. The feature request process, relying on a community voting system within a product portal, seems inefficient. Overall, improvements in data consistency and user-friendliness would be beneficial.
For how long have I used the solution?
I have been using Trend Vision One for two years.
How are customer service and support?
Despite having several open support tickets with Trend Micro, I'm impressed by their exceptional customer service. Unlike Microsoft, they proactively reach out by phone to resolve issues quickly. This personalized approach makes me confident we'll get everything sorted out.
Whenever I encounter an issue, technical support is fantastic at providing a root cause analysis, which helps me understand the underlying problem and document it accurately for leadership.
How would you rate customer service and support?
Positive
How was the initial setup?
I wasn't involved in the initial Trend Vision One deployment, but I heard about performance problems. While my team deployed the product itself through SCCM after enterprise approval, the agent caused high CPU usage due to configuration issues. Now, from my new perspective, it's clear these problems stemmed from deployment configuration, not the product itself.
What's my experience with pricing, setup cost, and licensing?
Trend Micro recently switched from a license-based pricing model to a credit system, which caused some initial frustration during my renewal. While I've spoken with their leadership about the credit system's functionality and potential improvements, it still feels unconventional even though I'm now more comfortable with it.
What other advice do I have?
I would rate Trend Vision One eight out of ten.
In our organization, the IT department has a collective decision-making process for product procurement. During the proof of concept calls, a group of 30 IT professionals evaluate vendor presentations, like, Microsoft partners showcasing Windows Defender. They consider features, budget fit, and individual preferences before voting on the best option. Leadership then finalizes the purchase. While I, the senior security team member, have no direct influence on product selection like Trend Vision One, I significantly impact its functionality. I work directly with Trend Micro, providing daily suggestions for product improvement within the platform.
Upon taking control of Trend Vision One, I identified several areas for improvement, including integrating custom data feeds like taxi data, deploying agents in different ways, and collecting telemetry data specific to our environment e.g., Office 365 data. Since Trend Vision One doesn't natively collect everything, and tailoring it to our needs involved significant effort e.g., setting up DLP rules for email and collaboration, I'm unsure about its initial impact without customization.
While a patch exists for the vulnerability through Tipping Point, we don't have it, our existing intrusion prevention/detection rules within our server and workload protection system offer some mitigation. A specific module in this system is being configured to address the CVE and potentially protect our assets even if a patch isn't applied.
Trend Vision One is a great cybersecurity platform that requires upfront effort to set up but offers comprehensive protection for your organization. While it has room for improvement, the developers are actively adding new features like cloud scanning and AI-powered detections, demonstrating their commitment to innovation. This ongoing development ensures Trend Vision One stays relevant and effective in the ever-evolving security landscape.
A Complete XDR
What do you like best about the product?
Centralized information and correlated data to risk index. It's very easy to use and the integrations are very useful.
What do you dislike about the product?
There is no way to close the workbenches and make them go out of sight, to some "file". Furthermore, the allocation of credits is confusing and it is not clear who is using what (it would be interesting for device management.
What problems is the product solving and how is that benefiting you?
XDR is centralizing information and providing information on how to improve the security of the environment, with easy-to-understand information.
Resolving siloed management and visibility.
What do you like best about the product?
It helps us on the proactive approach of checking on early indicators of attack as well as a hollistic view of a certain suspicious activity
What do you dislike about the product?
In terms of the interface, it uses a dark theme. Also, some menus are confusing.
What problems is the product solving and how is that benefiting you?
it solves our challenge on siloed management as well as having a detailed information of a certain attack.
XDR provides detection and improved investigation via security analysis.
What do you like best about the product?
The ASR (Attack Surface Risk Management).
What do you dislike about the product?
Detecting local certificate chain status.
What problems is the product solving and how is that benefiting you?
Checking detection in malware scanning in regard with the Server.
Smart dashboards with hands-on advice
What do you like best about the product?
With Trend Micro Vision One you get a very nice and complete overview of all aspects of your security posture. You can go as detailed as you want and tackle the risks and threats with hands-on advice on how to accomplish. The graphs and lists make it easy to understand and use. Connecting other sources (Entra ID, Microsoft365,...) is straightforward and easy to implement. The platform should be used on a daily basis or even monitored semi-live, depending on the size of your IT team. Customer support is friendly and can get you going, should you get stuck.
What do you dislike about the product?
The transition from the old license model to the credits system was a bit tricky to follow and understand, but after all, the new system has more fairness in it.
What problems is the product solving and how is that benefiting you?
Only one platform needed to view all threats, risks, devices, users and how they correlate with eachother. No longer a need for a handful of platforms to gather all the info.
Robust, wide-coverage tool
What do you like best about the product?
risk view, attack surface and workbench correlation
What do you dislike about the product?
not having a single agent for servers and workstations
What problems is the product solving and how is that benefiting you?
With it we are able to focus our efforts on the most crucial point of the organization.
showing 81 - 90