Try our new research platform with insights from 80,000+ expert users
Security Specialist at a transportation company with 1,001-5,000 employees
Real User
Top 10
Simple monitoring with centralized dashboards and great visibility into vulnerabilities
Pros and Cons
  • "The most important thing for us as a customer is that we can spend more time in other places as it's simpler to have that overview. We have much more time for other tasks."
  • "They should increase their potential for third-party integrations."

What is our primary use case?

The reason we invested in Trend Micro XDR was to consolidate security operations and monitoring. On top of that, we invested in their managed detection and response service, which they can provide on top of the ETA service, which makes our lives easier. You can say that with it, we need fewer hands.

How has it helped my organization?

We're able to gather a more simple view of what was going on in our infrastructure. Before this solution, we used a SIEM system. Trend Micro XDR made monitoring more simple, and we trusted them as a security partner.

It definitely has improved our visibility of all of our ongoing items in the infrastructure. We can get a good overview of what's going on across our network and what our security looks like.  

What is most valuable?

Having everything under one management console and having them monitored from one place is the most beneficial.

It saves time and we do not have to invest in a lot of products to meet all of our use case needs.

It's quite simple to monitor everything under one console. It makes life simpler for our operations team. 

We have the solution everywhere, including email, network, endpoints, and cloud. This is important to have this coverage. As a former incident response analyst, having visibility everywhere is really important. Having everything correlated into one place increases visibility.

We have centralized visibility and management across our production layers. They are also improving that from month to month. It's important for us. In security operations, the fewer places you need to go to have a look around, the easier it is. Back in the day, we had to open ten different consoles. Now we just open one. 

The most important thing for us as a customer is that we can spend more time in other places as it's simpler to have that overview. We have much more time for other tasks. 

We use the solution's executive dashboards. We like that we can drill down from the dashboards into XDR detections. It helps the C-suite understand. However, it also helps us drill down by allowing us to choose which views we want. 

We have a trial version of the Risk Index. We have a daily look at it and it gives a nice overview of our vulnerability management and what the attack surface looks like. It helps us prioritize our daily tasks. 

The Managed XDR service was great. It helped quite a lot. We had to get used to working with them and they with us, however, now it's quite an easy task and the advisory and alerts we get from them have been helpful. The availability to work on other tasks has helped us improve in other areas. It's positively affected our business. Having this product means that we are improving in a lot of different areas that we also need to focus on. They can do the monitoring better than we can do it ourselves. We don't have the manpower to do it on our own so it helps a lot to have them help with management.

We use the Attack Surface Risk Management capabilities, which are also in the trial period. It's absolutely helped us to identify blind spots in our environment. It made us realize that, for example, users were using their work email for private services such as Netflix or other services that, if they had a data breach, would be an issue. With this, we can reach out to those users and explain to them how to act on the Internet, not to use your work email for private services, et cetera.

It's helped decrease our time to detect and respond to threats. It's likely 80% faster now. It's also helped us reduce the time we spend investigating false positive alerts. They do a lot of the initial work for us and come back with the actions we need to do on our part (if any). It's helped us reduce false positive investigations by 50%.

We're using some of the automation capabilities of XDR. It's helped us save time. At the moment, it's likely helped us save 20% of the time we'd normally spend on manual processes. 

What needs improvement?

They should increase their potential for third-party integrations. We'd like to see integrations with other IT security vendors that are not currently there. 

I'd like to see central management of all products.

Buyer's Guide
Trend Vision One
August 2024
Learn what your peers think about Trend Vision One. Get advice and tips from experienced pros sharing their opinions. Updated: August 2024.
801,394 professionals have used our research since 2012.

For how long have I used the solution?

I've been using the solution since it came out, essentially. I've been working with it for eight or nine years.

What do I think about the stability of the solution?

The solution is quite stable. 

What do I think about the scalability of the solution?

We don't have branch offices, however we have 2200 clients and 800 servers. 

It is easy to scale if you are a bigger organization. We do plan to scale further in the future. 

How are customer service and support?

We have Service One, which includes three-year support. It is 24/7/365 support and they are quite good. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Before Trend Micro, we used Splunk. The use case and monitoring were easier with Trend Micro. We found it easier to fulfill our needs using Trend Micro. 

How was the initial setup?

I was involved in the deployment process. Some of it was quite complex. Unfortunately, we had an on-prem environment that wasn't well taken care of. The migration was hard, however, that was more our fault. It could be easier to migrate, however. 

It took us about nine months to fully deploy. 

We already had some products in the cloud, however, we needed to migrate all of our endpoints. The on-premise agent needed to be placed in the cloud and we had some problems as some clients did not have an opening to the internet, et cera. There was some preparation we needed to do. We needed to do some upgrading before migrating. 

There were two to four people performing the implementation. 

The solution requires maintenance and we have a person that manages that. 

What about the implementation team?

We had help from Trend Micro professional services. 

What was our ROI?

We have noted an ROI. Having them monitor our IT solutions allowed us to have fewer people on the team. It's saved us in man hours. 

What's my experience with pricing, setup cost, and licensing?

The solution is affordable. You do need to pay additional fees for some of the functionalities.

Which other solutions did I evaluate?

We also evaluated Microsoft's solutions. 

What other advice do I have?

I'm a customer and end-user.

We realized the benefits of the solution pretty fast - within a couple of weeks. We knew the benefits beforehand which is why we chose Trend Micro. The possibility of having the solution monitored by the vendor itself was quite helpful. 

I'd rate the solution nine out of ten. 

I would advise others to prepare your needs beforehand. If you know those, you will know Trend Micros is the right fit for you. It's great. If there's a problem with central management or monitoring, Trend Micros is quite useful. 

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Information security manager at a tech services company with 11-50 employees
Real User
Top 10
Provides visibility, is proactive, and saves us time
Pros and Cons
  • "The proactive approach is the best feature."
  • "The centralized dashboard has room for improvement."

What is our primary use case?

We use Trend Micro XDR for endpoint detection, endpoint user protection, and virtual security.

How has it helped my organization?

We have deployed Trend Micro XDR across our entire environment, which is important for our organization's threat detection capabilities.

We use Trend Vision One to monitor our environment 24/7. Centralized visibility is very important to me and my management. In addition, management wants to see centralized dashboarding. This is very important.

The centralized visibility and management across our protection layers have improved our efficiency.

The executive dashboard is important to our organization. I use the dashboard each morning and evening.

Trend Micro XDR has helped our organization improve its defenses against external and internal threats.

The Managed XDR service has positively affected our team's workload by providing 24/7 monitoring. This has saved our team 20 percent of their time to focus on other tasks.

The time to detect is under one minute.

What is most valuable?

The proactive approach is the best feature. When Trend Micro XDR detects a virus in our system, it stops it and secures our branches.

What needs improvement?

The centralized dashboard has room for improvement.

For how long have I used the solution?

I have been using Trend Micro XDR for almost two years.

What do I think about the stability of the solution?

Trend Micro XDR is stable.

What do I think about the scalability of the solution?

Trend Micro XDR is scalable.

How are customer service and support?

The technical support is good. We receive a response within ten minutes.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We switched to Trend Micro XDR from Kaspersky because it is a better product and we have not faced any issues.

How was the initial setup?

The deployment took one week and required a few people to complete.

What's my experience with pricing, setup cost, and licensing?

Trend Micro XDR is expensive.

What other advice do I have?

I would rate Trend Micro XDR ten out of ten.

We have over 100 Trend Micro XDR users.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Trend Vision One
August 2024
Learn what your peers think about Trend Vision One. Get advice and tips from experienced pros sharing their opinions. Updated: August 2024.
801,394 professionals have used our research since 2012.
Security Consultant at a tech services company with 10,001+ employees
Real User
Top 20
Has a good workbench feature and observed attack technique
Pros and Cons
  • "I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed."
  • "Also, XDR should improve its coverage of the latest IOCs. Their suspicious object management works, but the coverage should be improved. It will take one or two months to get those things covered. XDR will detect on a behavioral basis, but these databases will not get updated daily like some other solutions. If you're dealing with new ransomware or malware, it may take around a month before it's covered by Trend Micro."

What is our primary use case?

We had a SIEM in place, but we wanted to do some behavioral analysis of the files that are getting deployed. We wanted to check to ensure that it was nothing with the external registration side. We needed an EDR solution for checking and monitoring everything deployed on this target machine or our host machine site. It will check and detect if any malicious files are there or not. We are getting alerts related to that kind of thing. So we used to check those alerts on the XDR, and we used to, like, do the incident and response to that kind of thing there.

How has it helped my organization?

If you have a SIEM in place, you will only get the network logs. XDR gives you more control over what files are getting deployed, how they are being executed, and how they can potentially harm your system. XDR doesn't work like a normal antivirus solution, which uses signatures to detect and block threats. XDR detects based on behavioral analysis and blocks most things.

It reduces the investigation time because it gives you everything, including how the file was executed, which processes it called, the file name, the stemming, and the time. When we have the endpoint name, we can reach out directly to the endpoint owners and communicate with them regarding those alerts.

What is most valuable?

I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed.

It's a SaaS solution that covers endpoints, email, and cloud. We have agents installed wherever data is being pushed, so it used to give us a payload. Cloud functionality is one of the most critical things because we don't generally have visibility for cloud applications. Once we install the agents, we gain visibility into all the things integrated on the cloud or any SSH attempts.

XDR offers visibility across layers. This is critical when you want to implement some policies and apply exclusions for particular parts of the system that should not get scanned. It's easy to implement those things. Let's say you want to deploy policies for multiple systems. Using Apex Central, you can directly push the policy to various systems and cover the logs of several systems at a time. 

What needs improvement?

Sometimes, there are some false positives. For example, once a user had a file in their system named recovery.txt. The solution was flagging that as a ransom note, so we were confused. It isn't that serious, but it should be improved. 

Also, XDR should improve its coverage of the latest IOCs. Their suspicious object management works, but the coverage should be improved. It will take one or two months to get those things covered. XDR will detect on a behavioral basis, but these databases will not get updated daily like some other solutions. If you're dealing with new ransomware or malware, it may take around a month before it's covered by Trend Micro. 

For how long have I used the solution?

I have used XDR for two years.

What do I think about the stability of the solution?

Trend Micro XDR is stable. We've never had downtime. 

What do I think about the scalability of the solution?

Trend Micro XDR is scalable if you can pay more for licenses. 

How are customer service and support?

I rate Trend Micro support seven out of 10. Their technical support is good. They reply regarding your cases. However, if you don't reply to them properly, they may close your case if you are not reviewing that kind of thing. 

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

 I previously used Crowdstrike, which is an MDR, so it was totally managed by the Crowdstrike team. They were monitoring every alert that was generated, so it's hard to compare it to Trend Micro XDR. It was somewhat similar, but CrowdStrike is more proactive than Trend Micro, and it has greater coverage of IOCs. I have also used SentinelOne.

How was the initial setup?

It's a SaaS solution deployed across multiple locations covering 20,000 endpoints. It doesn't require any maintenance aside from updates. 

What other advice do I have?

I rate Trend Micro XDR seven out of 10. If you plan to implement XDR you should be aware of the IOC coverage and follow up with the Trend Micro team. Most things are covered, but it takes time to add and deploy all that stuff. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Daniel Winninger - PeerSpot reviewer
Head of IT & Telecommunications at VA-Erzberg GmbH
Real User
Top 5
A stable solution that monitors servers for intrusions and other security-related issues
Pros and Cons
  • "It is a stable product. It works very well."
  • "A room for improvement is Trend Micro XDR's website. It's a very complicated website since finding the right point one wants to see is difficult."

What is our primary use case?

Currently, our company uses the solution solely to monitor our servers for intrusions and other security-related issues.

What is most valuable?

I will have to have a look at my end to be able to explain the features that I find most valuable about the solution.

What needs improvement?

A room for improvement is Trend Micro XDR's website. It's a very complicated website since finding the right point one wants to see is difficult.

For how long have I used the solution?

I have been using Trend Micro XDR for a year now. Also, I am a customer using the solution.

What do I think about the stability of the solution?

It is a stable product. It works very well.

What do I think about the scalability of the solution?

Presently, we have 150 users in our company using the solution. Even if the number of users were to increase in my company, it would still work the same.

How are customer service and support?

Initially, while using the solution in a company, we faced some issues. Our company did help us to resolve these issues.

How was the initial setup?

Since another company carried out the initial setup process, my company did not find it complicated.

The solution is currently deployed on-premises, but we are planning a move to the cloud. We have a plan to conduct a POC for Trend Micro XDR on the cloud shortly.

What's my experience with pricing, setup cost, and licensing?

The pricing of the solution is okay. There is a need for me to look into the new pricing plan introduced by the solution recently.

What other advice do I have?

I would tell those planning to use the solution that they need to consider using it. I rate the overall product an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Specialist Security Operations at a financial services firm with 5,001-10,000 employees
Real User
Good threat hunting and detection with a nice interface
Pros and Cons
  • "I'm satisfied with the level of coverage. The policies have been very useful and detailed."
  • "I'd like to see alert time reduction so that they show up on the dashboard faster."

What is our primary use case?

I did a POC with Trend Micro on our servers. We were testing for detection capabilities. We wanted to use it for security protection.

How has it helped my organization?

Once we deployed the solution into our organization, we were able to view logs. From there, we could handle detection. 

What is most valuable?

The detection was very good. It helps with threat hunting. 

Its interface is good. We were able to find logs easily.

It's been working well on our organization's network. I'm satisfied with the level of coverage. The policies have been very useful and detailed. 

We use the solution's executive dashboard. We actually have two or three dashboards. It helps us spot vulnerabilities. 

It's helped us reduce workloads. By getting logs, we could reduce detection time. The threat hunting became easier. We're still working through a POC, so I can't speak to if it will enable us to work on other tasks. We're still testing. 

The solution has helped us to decrease our time to detect and respond to threats. We can respond to threats in half an hour to an hour.

What needs improvement?

When an incident occurs, it will detect the incident within half an hour to an hour. I'd like to see alert time reduction so that they show up on the dashboard faster. 

For how long have I used the solution?

I've been using the solution since 2021. 

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

I've never tried to scale the solution. For my purposes, it's fine. I can't speak to how scaling would go. Likely, it can scale. 

How are customer service and support?

I've been satisfied with the technical support. They are very good. 

How would you rate customer service and support?

Positive

How was the initial setup?

To deploy the POC takes less than one week. Implementing the cloud is fast. It's not complex to set up. 

What's my experience with pricing, setup cost, and licensing?

The pricing is expensive. Most organizations cannot afford XDR. 

I don't deal with the licensing directly. 

Which other solutions did I evaluate?

I've looked into other solutions, like Cortex. Trend Micro offers good visibility. I prefer Trend Micro. It's good. I like the useability. 

What other advice do I have?

I'm an end-user.

We have yet to use the attack surface risk management capabilities. I only downloaded the sensors and installed them on the current phones and servers. We've only done this in the last week. 

I'd rate the solution nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Bruno De Amorim Campos - PeerSpot reviewer
Analista de Segurança da Informação at a tech services company with 1-10 employees
Real User
Top 10
Centralized visibility, helpful support, and great for vulnerability detection
Pros and Cons
  • "It helps a lot to understand where the threat is coming from, where is it going, how is it being dealt with, et cetera."
  • "The zero trust is a bit complicated compared to other parts of the solution."

What is our primary use case?

I work with it as a third party in other companies. I installed XDR in other companies. And then, I help them understand the tool, help them with developing the necessary use cases, and understand, for example, how to do a threat intel, how to do a threat investigation, and stuff like that. Sometimes, I work with it as well by implementing it and actively using it in the customer's environment.

What is most valuable?

The workbench feature is excellent. It helps a lot with understanding how the environment is working and how the threats are working in their own environment. It helps a lot to understand where the threat is coming from, where it is going, how is it being dealt with, et cetera. 

We do not use XDR to protect a multi-cloud or hybrid cloud environment. I have other solutions on the cloud, like Apex One, the endpoint protection feature in the cloud. I have Cloud One Workload Security, which is protection for workloads and servers where the main console is in the cloud. I'm mainly using this to protect an on-premises environment. 

I've been using it for emails, for networks, endpoints, workload servers, et cetera. It has the ability to cover all of those. The coverage is really important. The integration between all those different tools and those different assets makes a big difference in understanding the analytics.

It provides centralized visibility and management across our protection layers. That helps in a lot of ways. For example, the fact that it has some centralized visibility means we can do searches between email addresses and an endpoint. We can take a workspace, for example, and do IPS detection in a workspace and understand from which endpoint something is coming. 

We use the executive dashboards that they have almost every day. Once we see an anomaly or something that feels weird in the environment, we can go straight to work, straight to the detections, and we can take a look at it to see what's going on. 

We use the Risk Index mainly to help us understand a customer's environment. We use it to get a brief overview of how the environment is, how high their risk is, and then, given the score that we've received, to understand what is causing this risk and then give them suggestions on how to take the score down.

We use the Managed XDR feature. It just basically collects the telemetry and sends it to the console so we can use it in other parts. It has helped a lot with the team's workload. The detection has been really, really useful. It helps a lot to rank where we should put our efforts. Sometimes we'll have to take a deep investigation into some of the stuff we see. Sometimes other issues emerge as we dig. It's helped in detection.

We use the risk management attack surface capability to understand the vulnerabilities and how high a risk something is in the environment. It can help with detection. It's helped us effectively identify blind spots. 

The product has helped us decrease time to detect. We've had some issues with a couple of our customers in which the XDR helped us easily detect an issue, and it was fast enough for us to be able to react and respond quickly in order to mitigate damages.

What needs improvement?

The web viewer could be improved. I've had some issues with it in the past. 

The zero trust is a bit complicated compared to other parts of the solution. 

Mostly, I don't have any issues with XDR.

For how long have I used the solution?

I've used the solution for about three years.

What do I think about the stability of the solution?

I haven't had any issues with stability. There has been no crashing to lagging. We occasionally get informed about maintenance that may cause downtime. 

What do I think about the scalability of the solution?

We've had no issues with scalability. 

How are customer service and support?

I've contacted support in the past. They are pretty good. They have a high understanding of the platform and the solutions. If they need to escalate, it's easy to do so. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did not use a different solution previously.

How was the initial setup?

I was involved in the installation. We have an agent installed in the endpoints or a sensor connected to the mail sensors. 

The initial setup is straightforward. You just click through with a simple connection. 

It doesn't require any maintenance on my end. 

We had about four people handling the implementation. We just had to have some credential access, and once the connections were made, we had to distribute the sensors throughout the environment. 

You need the whole platform to use XDR. However, there are some activities you don't need XDR to use. 

What's my experience with pricing, setup cost, and licensing?

I'm not familiar with their pricing and licensing. 

What other advice do I have?

We are an official Trend Micro partner.

We do not yet use the automation capabilities found in XDR.

I'd rate the solution nine out of ten. 

After implementing XDR, have a good understanding of how the workbenches work to create a decent playbook. Use the service gateway to your benefit. Connect your active directories, make connections, and use integrations with your firewalls. These third-party integrations are really good, and they help you a lot with your environment. 

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Head of IT at a financial services firm with 11-50 employees
Real User
Top 5Leaderboard
A comprehensive solution that is not overly complex to use or manage
Pros and Cons
  • "Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage."
  • "I would like to have more integration with mobile device management."

What is our primary use case?

Trend Micro XDR is utilized for security management, and we apply it to our email, network, and endpoints.

Trend Micro XDR is based on its proprietary cloud.

How has it helped my organization?

Trend Micro provides us with centralized visibility and management across protection layers, which are important to our organization.

The centralized visibility and management across both layers improve our efficiency by offering central security without the need for extensive management or fine-tuning. Trend Micro is also comprehensive and user-friendly. We have confidence in the results.

The risk index provides us with insights into potentially vulnerable areas or aspects that we may need to double-check to ensure everything is working as expected. In other words, it's a useful tool to obtain a quick overview of parts that could be more exposed to risks and other potential issues.

Trend Micro helps reduce our MTTD and MTTR.

Trend Micro presents results in a comprehensive and easy-to-read manner, which helps reduce the time we spend investigating false positive alerts.

We utilize Trend Micro's automation capabilities for alerting and categorizing emails into specific categories based on their risk level.

What is most valuable?

Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage. The security results have been quite good.

What needs improvement?

I would like to have more integration with mobile device management.

For how long have I used the solution?

I have been using Trend Micro XDR for three years.

What do I think about the stability of the solution?

Trend Micro XDR is stable.

What do I think about the scalability of the solution?

Trend Micro XDR is scalable. As a small company, the licenses we have are sufficient to meet our needs.

How are customer service and support?

The technical support team is excellent, and they were able to answer our questions to our satisfaction.

How would you rate customer service and support?

Positive

How was the initial setup?

The deployment did not appear to be complex, but it was managed by Pro-Axis, who utilized a large workforce to ensure the swift completion of the deployment.

What about the implementation team?

We engaged an external partner named Pro-Axis to assist us with migrating from Trend Micro on-premises to Trend Micro XDR. Their services were excellent, and we did not encounter any unexpected issues. We were fully satisfied with the migration process as Pro-Axis promptly restored our services.

What's my experience with pricing, setup cost, and licensing?

The pricing is competitive, and the cost aligns with the features we receive. The license fee covers all of our needs.

What other advice do I have?

I give Trend Micro XDR a nine out of ten.

We were initially using Trend Micro on-premises and then expanded our usage by implementing XDR. We were satisfied with the solution and its features, so we made the decision to stick with Trend Micro.

A small team is required for maintenance, which will not impose a significant burden on our IT team.

Our entire organization uses the solution.

I suggest trying out the trial of Trend Micro XDR to assess its suitability for their environment. It can be a good solution for small or medium-sized organizations, but keep in mind that everyone has their own specific requirements.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Jr Cybersecurity Engineer at a tech services company with 51-200 employees
Real User
Top 20
Helps save investigation time, reduces false positives, and provides real-time analysis
Pros and Cons
  • "I appreciate the value of real-time activity monitoring."
  • "While blocking an IP address restricts access for 30 days, it eventually becomes accessible again."

What is our primary use case?

We use Trend Vision One for real-time analysis and monitoring to identify the root cause of security incidents. This includes finding details like how the attack unfolded, user names involved, IP addresses associated with the attack, and the affected systems and devices. By analyzing this information, we can map out the entire attack flow chart.

How has it helped my organization?

The network coverage provided by Trend Vision One is important.

Trend Vision One is an XDR tool so it is important for us that it provides centralized visibility and management across protection layers.

Centralized visibility and management across protection layers enable real-time monitoring, which improves our efficiency.

While the Trend Micro Vision One executive dashboard provides a valuable overview, the ability to drill down from that level into the XDR detections is crucial. During a real-time attack, this drill-down functionality is essential for identifying the root cause, prioritizing the threat type, and ultimately finding an effective solution.

Trend Micro Vision One's greatest strength lies in its real-time monitoring and analysis capabilities. This allows for the seamless blocking of malicious URLs and attacks.

The managed XDR has saved us time allowing us to focus on other tasks.

The managed XDR helps us detect and respond to threats in under five minutes. It will display all the details in a single, unified view, including any alerts, trends, usernames, and everything else relevant. By simply looking at the tag data, we can get a complete analysis. This eliminates the need to switch between different screens and saves us significant time. For example, if we see a flag, we can immediately understand its meaning and the associated location without having to search for it elsewhere. Having all this information on a single page is a huge time saver.

Trend Vision One helps reduce the time we spend investigating false positives. The more we familiarize ourselves with the tool the easier it becomes identifying false positives. The time saved by identifying false positives depends on the type of alert. In some cases, we only deal with simple attacks, such as brute-force password attempts, followed by alerts for unusual login failures. These are common attack methods. We can then determine if the user was trying a different password, mistyped their password, or there's a mismatch. In such cases, identifying a false positive can be relatively quick, taking only one to two minutes. 

What is most valuable?

I appreciate the value of real-time activity monitoring. It provides accurate data, giving us a clear picture of what's happening, including who attempted an attack, their location, and any other details we need to mitigate the threat.

What needs improvement?

While blocking an IP address restricts access for 30 days, it eventually becomes accessible again. For true permanence, blocked IPs need to be transferred to a dedicated storage solution. However, this storage has limited capacity. To accommodate new blocked IPs, we must remove existing ones, creating a disadvantage that has room for improvement.

For how long have I used the solution?

I have been using Trend Vision One for over 1 year.

What do I think about the stability of the solution?

Trend Vision One is stable.

What do I think about the scalability of the solution?

Trend Vision One is scalable.

Which solution did I use previously and why did I switch?

We previously used Palo Alto's Cortex XDR. However, we switched to Trend Micro Vision One because it's more user-friendly. Trend Micro's interface allows us to better understand the features and processes, enabling us to achieve the desired results more easily. Cortex XDR, on the other hand, was more complex to navigate.

What was our ROI?

The solution has delivered a return on investment through time savings.

What other advice do I have?

I would rate Trend Vision One 9 out of 10.

Maintenance is required but it is easy to do.

I would recommend Trend Vision One to others. I suggest completing training before using the solution.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free Trend Vision One Report and get advice and tips from experienced pros sharing their opinions.
Updated: August 2024
Buyer's Guide
Download our free Trend Vision One Report and get advice and tips from experienced pros sharing their opinions.