Advanced server defenses have strengthened threat detection and protected critical infrastructureFrom my perspective, predictive analysis is an area for improvement. The rules are very rigid. The way protection works for Trend Micro ServerProtect is that you have to specifically apply specific rules to achieve particular actions or use cases. We have had instances where a malware is dropped and that malware executes, it is detected, but because the malware has been altered a little bit, either in naming or slight behavior changes, the system is not able to stop it. This is unless you harden the rule to say block anything that appears out of place. My thinking as a security expert is that malware will typically behave outside of the normal operation of the organization. Instead of saying malware behavior based on malware behavior, I would say use analytics to identify anything that is outside the normal behavior of files and systems in the course of business operation, then flag it so it can go for further evaluation to identify if it is a malicious file execution or otherwise. Today, there are some instances where legitimate operations occur because of the static rule definition, the agent would flag a normal activity as malicious and then sometimes flag malicious activities as normal. They need to work on that area. There is a lot of competition today. When Trend Micro ServerProtect initially came out, they were premium, so there was not a lot of competition. Competition is dropping their price. Trend Micro ServerProtect should also come down on the pricing to meet competition. Though it is a great solution and an integrated solution, I think they should also meet the market competition. CrowdStrike is there, Palo Alto is there. There are many other competitors, but they need to also look at what is happening. They need to work on it. I would not say that they are overly priced, but I think they can be more competitive, especially with their new credit allocation process.
