Cortex Xpanse vs Trend Vision One comparison

Palo Alto Networks and Trend Micro are both solutions in the Attack Surface Management (ASM) category. Palo Alto Networks is ranked #8 with an average rating of 8.8, while Trend Micro is ranked #2 with an average rating of 8.7. Palo Alto Networks holds a 4.3% mindshare in ASM, compared to Trend Micro’s 5.4% mindshare. Additionally, 100% of Palo Alto Networks users are willing to recommend the solution, compared to 97% of Trend Micro users who would recommend it.

Cortex Xpanse

Read 5 Cortex Xpanse reviews

1,159 Views
697 Comparison Views

100% willing to recommend

Trend Vision One

Read 70 Trend Vision One reviews

3,115 Views
1,250 Comparison Views

97% willing to recommend

Cortex Xpanse

Trend Vision One

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Mar 9, 2025

Trend Vision One and Cortex Xpanse are top competitors in the cybersecurity category. Trend Vision One appears to have the upper hand due to its comprehensive features and centralized management.

Features:Trend Vision One boasts advanced security features including endpoint protection, data loss prevention, and threat detection. It provides centralized visibility through its Vision One platform, with Managed XDR service and telemetry reporting. Cortex Xpanse shines in attack surface management, digital asset discovery, and continuous security monitoring. It also offers effective digital brand protection and intelligence on exposed assets.

Room for Improvement:Trend Vision One could enhance integration with third-party tools, streamline its interface, and improve reporting features. It also needs more user-friendly interfaces and broader operating system support, plus quicker technical support responses. Cortex Xpanse could benefit from improved customization, better dashboard configuration, and additional threat intelligence. Both would gain from more comprehensive documentation and support services.

Ease of Deployment and Customer Service:Trend Vision One supports Public Cloud, On-premises, and Hybrid Cloud deployment models and generally receives satisfactory ratings for technical support, despite some reports of delays. Cortex Xpanse offers similar deployment flexibility but slightly less integrated support, although its technical support is considered responsive and knowledgeable.

Pricing and ROI:Trend Vision One is seen as expensive, yet users find its investment justified due to an extensive feature set and strong vendor relationships, benefitting from flexible pricing and notable ROI. Cortex Xpanse, also seen as pricey, is justified for its comprehensive attack surface management, best suited for larger enterprises. Users suggest aligning pricing with benefits for smaller organizations.

To learn more, read our detailed Cortex Xpanse vs. Trend Vision One Report (Updated: April 2025).

Buyer's Guide

Cortex Xpanse vs. Trend Vision One

April 2025

Download the complete report

Helped 850,028 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex Xpanse

Ranking in Attack Surface Management (ASM)

8th

Average Rating

8.8

Reviews Sentiment

7.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Trend Vision One

Ranking in Attack Surface Management (ASM)

2nd

Average Rating

8.6

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

Endpoint Detection and Response (EDR) (4th), Network Detection and Response (NDR) (3rd), Extended Detection and Response (XDR) (5th), AI-Powered Cybersecurity Platforms (3rd)

Mindshare comparison

As of May 2025, in the Attack Surface Management (ASM) category, the mindshare of Cortex Xpanse is 4.3%, up from 4.2% compared to the previous year. The mindshare of Trend Vision One is 5.4%, down from 9.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Attack Surface Management (ASM)

Featured Reviews

Ali Mohamed

Account Manager at Cairo International Airport Co.

Proactively manages security and identifies vulnerabilities with good alerts

We use Cortex Xpanse as a security control for attack surface management in our organization When there is an alert from Cortex Xpanse regarding a certificate or surface, it prompts us to take immediate action. It checks vulnerabilities periodically, ensuring they are addressed, which helps in…

Read full review

DavidBowman

Systems and Security Manager at a educational organization with 5,001-10,000 employees

It improves the detection speed, but it could be more customizable

They need to stop changing Vision One once a week. They're in a hurry to change things so badly and so fast that I can't find where stuff is half the time, which is a challenge sometimes. I've given one piece of feedback to their product guys. One thing that they're trying to make is a SIEM. It's a product where you input all the logs from your tools, and it creates additional insights into how things look. They've been kind of playing the "me too" game on that, even though that's not what I bought the product for. They have a new gateway where I can take my firewall of email logs and send it over there. In theory, it's supposed to do a more comprehensive evaluation of all my stuff to improve that risk index score. I'm not impressed with it, and I've told them as much. I feel if you're good at something, you should keep working on that and not try to be all the things to all the people. I bought a different email solution even though it would have been 10 times easier to just stay with their email solution because they aren't great at it. They are great at other things, but they're playing the "me too" game with some of their products. Their competitors do this, so they should be doing this, too. They need to pick a product and keep being good at that. If they're going to roll new things out, they should do it but do it right. They have a button to isolate an endpoint because it looks bad, but it doesn't usually work. I've had no chance to argue with the product guys to show them examples of how their button doesn't work. You think it does, but it doesn't work in a real environment. That can be a challenge sometimes. I can see in the data showing what is a false positive. But it doesn't save me time helping them figure out how to fix the problem in their engine. It can help me identify it as a false positive, but it doesn't apply that consistently. It will ignore the false positive for that device, but if they start detecting a false positive on Apple devices, I have eight thousand Apple devices and get 8,000 alerts. I can tell that specific false positive, but it doesn't learn from that particularly well. We use the executive dashboards, but I don't find them particularly useful. One is the ability to customize. That has gotten a little better, and it'll be better in the future. Most of what they have on there are data points that are generic and not particularly actionable. That's why it's called an executive dashboard. Executives want to see if we are secure, but it's hard for me to find out why our attack surface risk went down by x percentage. I don't know. It says that on the dashboard, but it doesn't give me specific details about why. I find it confuses my executives, and it's not useful for me because it doesn't give me things to work on. It will give me generic things on the executive dashboard like you have a thousand accounts with an old password. Those are big generic things, but I also can't tell it that our password policy is different from what your automatic detection model means, and I don't have a problem with that, so quit lowering my risk score. The risk score is useless. In theory, it's based on the random intelligence they're getting from their various customers. I'm in K-12 education, so they have a decent amount of K-12 customers, but it's a subset, and the baseline of what's common in K-12 education is not the same. There's not enough data to make that particularly clean or useful. Vision One is not custom, and that's part of my beef. That index score is based on whatever random report they're looking at from their data sources at any given moment in time. It's nice, but I'd rather have one that's based on your particular circumstances. Instead, it's saying that the number one attack threat surface for school districts is email phishing. It's too generic.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Cortex Xpanse is a strong solution for attack surface management, including digital brand protection and continuous monitoring."

"The most valuable aspect is its ability to catch trojans and malware."

"When there is an alert from Cortex Xpanse regarding a certificate or surface, it prompts us to take immediate action."

"As an attack surface manager, I highly recommend Cortex Xpanse, especially if there are many services exposed publicly on the internet."

"Cortex Xpanse has an easy-to-use user interface."

"The most valuable features of the solution are its firewall and antivirus."

"I would definitely recommend Trend Vision One to others."

"I like Vision One's observed attack techniques feature. It lets you see what an attacker is doing, how they have tried to exploit a machine, or how malicious code is operating. It helps us discover indicators of compromise so we can write better rules for detection."

"The proactive approach is the best feature."

"We had previously deployed on-premises, and all we had to do was access the designated console and click a button to migrate all on-premises agents to cloud agents."

"Scaling is not a problem at all."

"Drilling down further, we can analyze how our users are utilizing their workstations, including the websites they visit."

"The most valuable features of Trend Vision One are its capabilities for XDR, EDR, MDR, and NDR, allowing for network detection and response."

"Trend Vision One offers superior integrations, enhanced tool capabilities, and expanded solutions for network security, firewalls, and remote malware scanning."

More Trend Vision One pros

Cons

"It's challenging to confirm the absolute coverage and penetration of Cortex Xpanse into the Dark Web. The solution lacks comprehensive intelligence on adversaries and risks, which other competitors might provide."

"Cortex Xpanse needs to add dark-web scanning."

"Cortex Xpanse should offer better customization and configuration options on its dashboard."

"Some improvements are needed in the user interface."

"Some improvements are needed in the user interface. It may require more enhancements."

"Cortex Xpanse should offer better customization and configuration options on its dashboard."

"There is an issue with the old versions of Cortex, and so when we have an older one with Windows or any OS, we have a problem with its connectivity with the cloud."

"The solution could always be made to be more secure."

"I think that continued optimization of the environment towards automation and orchestration, a kind of layer that sits underneath all of the technologies, would be extremely important."

"Expanding compatibility to include currently unsupported security tools, such as firewalls, would be beneficial."

"Sometimes it’s difficult to find your way around."

"It is very expensive."

"The deployment process could be more streamlined over the existing infrastructure, as it was not as easy as we thought."

"The solution only supports Windows and Mac. It would be helpful if it could support other OS, such as Linux."

"Improving the user interface would be helpful—it can be confusing, especially if you do not use it daily."

More Trend Vision One cons

Pricing and Cost Advice

"Cortex Xpanse is cheaper than other solutions."

"The tool's cost is too high."

"The pricing is fair and not on the higher side."

"From a pricing standpoint, they're a really good negotiator and they'll work with you."

"Trend Micro XDR has a good price, and on a scale of one to five, I would rate it a four out of five in terms of price."

"The price is reasonable. It's not exorbitant. CrowdStrike and other players are on the higher side."

"They've introduced a credit system, where we purchase credits and then allocate them to the specific services we need active."

"I feel that Vision One is a bit expensive. As for the pricing or licensing, I would rate it a seven out of ten."

"The pricing of the solution is okay. There is a need for me to look into the new pricing plan introduced by the solution recently."

"The pricing is competitive, and the cost aligns with the features we receive."

More Trend Vision One pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Attack Surface Management (ASM) solutions are best for your needs.

See recommendations

850,028 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Manufacturing Company

12%

Financial Services Firm

12%

Government

Educational Organization

20%

Computer Software Company

19%

Financial Services Firm

Healthcare Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Cortex Xpanse?

Cortex Xpanse has an easy-to-use user interface.

See all answers

What is your experience regarding pricing and costs for Cortex Xpanse?

Cortex Xpanse is a bit expensive compared to other market solutions like FortyRicoh and RiskIQ, making it more suitable for enterprise companies.

See all answers

What needs improvement with Cortex Xpanse?

It's challenging to confirm the absolute coverage and penetration of Cortex Xpanse into the Dark Web. The solution lacks comprehensive intelligence on adversaries and risks, which other competitors...

See all answers

What do you like most about Trend Micro XDR?

I appreciate the value of real-time activity monitoring.

See all answers

What is your experience regarding pricing and costs for Trend Micro XDR?

Its price is very decent. It suits our requirements.

See all answers

What needs improvement with Trend Micro XDR?

In future releases of Trend Vision One, I would like to see improvements regarding role-based access control, as it is important to ensure that when granting admin access to a person, their visibil...

See all answers

Comparisons

Tenable Attack Surface Management vs Cortex Xpanse

Compared 26% of the time

Bitsight vs Cortex Xpanse

Compared 14% of the time

Mandiant Advantage vs Cortex Xpanse

Compared 13% of the time

Censys Attack Surface Management vs Cortex Xpanse

Compared 11% of the time

IBM Security Randori Recon vs Cortex Xpanse

Compared 11% of the time

More Cortex Xpanse Competitors

Trend Vision One Endpoint Security vs Trend Vision One

Compared 20% of the time

CrowdStrike Falcon vs Trend Vision One

Compared 12% of the time

Microsoft Defender for Endpoint vs Trend Vision One

Compared 10% of the time

Wazuh vs Trend Vision One

Compared 8% of the time

Microsoft Defender XDR vs Trend Vision One

Compared 8% of the time

More Trend Vision One Competitors

Product Reports

Buyer's Guide

Attack Surface Management (ASM)

April 2025

Download Cortex Xpanse product report

Buyer's Guide

Trend Vision One

April 2025

Download Trend Vision One product report

Also Known As

No data available

Trend Micro XDR, Trend Micro XDR for Users, Trend Vision One - XDR for Networks

Interactive Demo

Demo not available

Palo Alto Networks

Trend Micro

Overview

Xpanse provides a complete, accurate and continuously updated inventory of all global internet-facing assets. This allows you to discover, evaluate, and mitigate cyber attack surface risks. You can also evaluate supplier risk and assess the security of acquired companies.
Manual asset inventory maintenance is slow and prone to error. An outside-in view of your attack surface catches assets and exposures you never knew existed to help with attack surface reduction.

Get ahead of your ransomware risk assessment by discovering and remediating RDP exposures, the leading attack vector in ransomware attacks. Find exposed assets before attackers do.

Integration with Cortex XSOAR, Prisma Cloud, and our broader portfolio allows our ASM findings to enhance security workflows, and secure unknown, unmanaged risks on your cloud attack surface.

Palo Alto Networks

Trend Vision One offers comprehensive protection for endpoints, networks, and email with centralized visibility. It is valued for its attack surface management, real-time threat detection, integrated management, ease of deployment, and user-friendly interface.

Trend Vision One provides a sophisticated security platform combining endpoint, network, and email protection with features like virtual patching and advanced AI capabilities. Its centralized management and integration with platforms like Office 365 and Azure make it an attractive option for organizations needing streamlined workflows and efficient risk management. While it boasts robust integrations and ease of use, enhancements are needed in reporting, tool integration, and reducing false positives. Users call for better support infrastructure, faster response times, and improved threat intelligence capabilities. Despite some complexity, its AI and ML features significantly enhance threat detection and response.

What Features Define Trend Vision One?

Comprehensive Protection: Guard endpoints, networks, and emails against threats.
Centralized Visibility: Monitor systems with a unified view.
Advanced AI and ML: Improve threat detection and response capabilities.
Virtual Patching: Address vulnerabilities without immediate updates.
Integrated Management: Seamlessly manage across platforms.

What Benefits Should Users Look For?

Streamlined Workflows: Enhance operational efficiency.
Improved Threat Detection: Leverage AI for better response.
Ease of Deployment: Simplified initial setup and configuration.
Effective Risk Management: Benefit from centralized and integrated security tools.
Integration Capabilities: Flexibility to connect with different tools and platforms.

Trend Vision One is implemented in industries that require endpoint protection, ransomware defense, and incident response, being flexible for both on-premises and cloud environments. It is used to monitor servers, networks, and endpoints, providing features like email protection, behavioral detection, and threat visibility. Organizations benefit from AI and ML, improving their security posture and response capabilities.

Trend Micro

Sample Customers

Information Not Available

Panasonic North America, Decathlon, Fischer Homes, Banijay Benelux, Unigel, DHR Health,

Buyer's Guide

Cortex Xpanse vs. Trend Vision One

April 2025

Free Report: Cortex Xpanse vs. Trend Vision One

Find out what your peers are saying about Cortex Xpanse vs. Trend Vision One and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,028 professionals have used our research since 2012.

See our Cortex Xpanse vs. Trend Vision One report.

See our list of best Attack Surface Management (ASM) vendors.

We monitor all Attack Surface Management (ASM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.