Try our new research platform with insights from 80,000+ expert users
Hassam-Uddin - PeerSpot reviewer
System Administrator at a financial services firm with 10,001+ employees
Real User
Top 10
Provides a centralized dashboard, protects older servers, and reduces our time to detect
Pros and Cons
  • "The zero-day vulnerability is valuable."
  • "The automation capabilities on-premises could be improved, as we currently have to manually activate servers and push policies."

What is our primary use case?

We use FireEye, Microsoft Defender, and Trend Micro for our endpoint solutions. Trend Micro.

We implemented Trend Vision One because we have many production servers and wanted to secure all endpoints.

We are planning to move our XDR to the cloud, but all of our production servers are currently on-premises. 

How has it helped my organization?

Trend Vision One's ability to cover all our servers is important because we can detect and quarantine any vulnerabilities as well as block and isolate third-party applications from being installed on our servers.

The centralized visibility empowers us to monitor and manage all our servers from a single console. This includes generating reports, deploying security updates, and identifying offline or outdated servers.

The centralized visibility and management across protection layers have helped increase our efficiency. We receive alerts and make changes all from one place.

Trend Vision One helps us protect our servers, specifically our older servers that are not supported by Microsoft.

It has reduced our time to detect by 50 percent.

Trend Micro XDR has reduced the time spent on false positive alerts by up to 40 percent.

What is most valuable?

The zero-day vulnerability is valuable. As end users, we may not be aware of exploitations and Trend Micro makes suggestions to update to protect our endpoints from attack.

What needs improvement?

The automation capabilities on-premises could be improved, as we currently have to manually activate servers and push policies.

I would like the uninstall process of agents to require two-step verification.

Buyer's Guide
Trend Vision One
March 2025
Learn what your peers think about Trend Vision One. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
844,944 professionals have used our research since 2012.

For how long have I used the solution?

I have been using Trend Vision One for ten months.

What do I think about the stability of the solution?

Trend Vision One is stable.

What do I think about the scalability of the solution?

Trend Vision One is scalable.

How are customer service and support?

The technical support is good but we sometimes face delays because they will only respond to our partner who then relays the information to us.

How would you rate customer service and support?

Positive

How was the initial setup?

The migration from on-premises to the cloud allows us to access the cloud and on-premise servers from the cloud. The migration is not complicated but some rule-based ports require a lot of approvals and assistance from our network team.

The migration can be done in a few hours if all the ports are available.

Two people are required for the migration.

What about the implementation team?

We used a third-party service from JVS for the migration.

What other advice do I have?

I would rate Trend Vision One a nine out of ten.

For the on-premises deployment, maintenance is required because we have to manually check the connectivity of the agents. One person is required for the maintenance.

I recommend Trend Vision One, especially for older servers that are not supported by some other endpoint solutions.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1072692 - PeerSpot reviewer
Head of IT at a financial services firm with 11-50 employees
Real User
Top 5Leaderboard
A comprehensive solution that is not overly complex to use or manage
Pros and Cons
  • "Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage."
  • "I would like to have more integration with mobile device management."

What is our primary use case?

Trend Micro XDR is utilized for security management, and we apply it to our email, network, and endpoints.

Trend Micro XDR is based on its proprietary cloud.

How has it helped my organization?

Trend Micro provides us with centralized visibility and management across protection layers, which are important to our organization.

The centralized visibility and management across both layers improve our efficiency by offering central security without the need for extensive management or fine-tuning. Trend Micro is also comprehensive and user-friendly. We have confidence in the results.

The risk index provides us with insights into potentially vulnerable areas or aspects that we may need to double-check to ensure everything is working as expected. In other words, it's a useful tool to obtain a quick overview of parts that could be more exposed to risks and other potential issues.

Trend Micro helps reduce our MTTD and MTTR.

Trend Micro presents results in a comprehensive and easy-to-read manner, which helps reduce the time we spend investigating false positive alerts.

We utilize Trend Micro's automation capabilities for alerting and categorizing emails into specific categories based on their risk level.

What is most valuable?

Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage. The security results have been quite good.

What needs improvement?

I would like to have more integration with mobile device management.

For how long have I used the solution?

I have been using Trend Micro XDR for three years.

What do I think about the stability of the solution?

Trend Micro XDR is stable.

What do I think about the scalability of the solution?

Trend Micro XDR is scalable. As a small company, the licenses we have are sufficient to meet our needs.

How are customer service and support?

The technical support team is excellent, and they were able to answer our questions to our satisfaction.

How would you rate customer service and support?

Positive

How was the initial setup?

The deployment did not appear to be complex, but it was managed by Pro-Axis, who utilized a large workforce to ensure the swift completion of the deployment.

What about the implementation team?

We engaged an external partner named Pro-Axis to assist us with migrating from Trend Micro on-premises to Trend Micro XDR. Their services were excellent, and we did not encounter any unexpected issues. We were fully satisfied with the migration process as Pro-Axis promptly restored our services.

What's my experience with pricing, setup cost, and licensing?

The pricing is competitive, and the cost aligns with the features we receive. The license fee covers all of our needs.

What other advice do I have?

I give Trend Micro XDR a nine out of ten.

We were initially using Trend Micro on-premises and then expanded our usage by implementing XDR. We were satisfied with the solution and its features, so we made the decision to stick with Trend Micro.

A small team is required for maintenance, which will not impose a significant burden on our IT team.

Our entire organization uses the solution.

I suggest trying out the trial of Trend Micro XDR to assess its suitability for their environment. It can be a good solution for small or medium-sized organizations, but keep in mind that everyone has their own specific requirements.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Trend Vision One
March 2025
Learn what your peers think about Trend Vision One. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
844,944 professionals have used our research since 2012.
reviewer2380077 - PeerSpot reviewer
Jr Cybersecurity Engineer at a tech services company with 51-200 employees
Real User
Top 20
Helps save investigation time, reduces false positives, and provides real-time analysis
Pros and Cons
  • "I appreciate the value of real-time activity monitoring."
  • "While blocking an IP address restricts access for 30 days, it eventually becomes accessible again."

What is our primary use case?

We use Trend Vision One for real-time analysis and monitoring to identify the root cause of security incidents. This includes finding details like how the attack unfolded, user names involved, IP addresses associated with the attack, and the affected systems and devices. By analyzing this information, we can map out the entire attack flow chart.

How has it helped my organization?

The network coverage provided by Trend Vision One is important.

Trend Vision One is an XDR tool so it is important for us that it provides centralized visibility and management across protection layers.

Centralized visibility and management across protection layers enable real-time monitoring, which improves our efficiency.

While the Trend Micro Vision One executive dashboard provides a valuable overview, the ability to drill down from that level into the XDR detections is crucial. During a real-time attack, this drill-down functionality is essential for identifying the root cause, prioritizing the threat type, and ultimately finding an effective solution.

Trend Micro Vision One's greatest strength lies in its real-time monitoring and analysis capabilities. This allows for the seamless blocking of malicious URLs and attacks.

The managed XDR has saved us time allowing us to focus on other tasks.

The managed XDR helps us detect and respond to threats in under five minutes. It will display all the details in a single, unified view, including any alerts, trends, usernames, and everything else relevant. By simply looking at the tag data, we can get a complete analysis. This eliminates the need to switch between different screens and saves us significant time. For example, if we see a flag, we can immediately understand its meaning and the associated location without having to search for it elsewhere. Having all this information on a single page is a huge time saver.

Trend Vision One helps reduce the time we spend investigating false positives. The more we familiarize ourselves with the tool the easier it becomes identifying false positives. The time saved by identifying false positives depends on the type of alert. In some cases, we only deal with simple attacks, such as brute-force password attempts, followed by alerts for unusual login failures. These are common attack methods. We can then determine if the user was trying a different password, mistyped their password, or there's a mismatch. In such cases, identifying a false positive can be relatively quick, taking only one to two minutes. 

What is most valuable?

I appreciate the value of real-time activity monitoring. It provides accurate data, giving us a clear picture of what's happening, including who attempted an attack, their location, and any other details we need to mitigate the threat.

What needs improvement?

While blocking an IP address restricts access for 30 days, it eventually becomes accessible again. For true permanence, blocked IPs need to be transferred to a dedicated storage solution. However, this storage has limited capacity. To accommodate new blocked IPs, we must remove existing ones, creating a disadvantage that has room for improvement.

For how long have I used the solution?

I have been using Trend Vision One for over 1 year.

What do I think about the stability of the solution?

Trend Vision One is stable.

What do I think about the scalability of the solution?

Trend Vision One is scalable.

Which solution did I use previously and why did I switch?

We previously used Palo Alto's Cortex XDR. However, we switched to Trend Micro Vision One because it's more user-friendly. Trend Micro's interface allows us to better understand the features and processes, enabling us to achieve the desired results more easily. Cortex XDR, on the other hand, was more complex to navigate.

What was our ROI?

The solution has delivered a return on investment through time savings.

What other advice do I have?

I would rate Trend Vision One 9 out of 10.

Maintenance is required but it is easy to do.

I would recommend Trend Vision One to others. I suggest completing training before using the solution.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2295564 - PeerSpot reviewer
Security Consultant at a tech services company with 10,001+ employees
Real User
Top 20
Has a good workbench feature and observed attack technique
Pros and Cons
  • "I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed."
  • "Also, XDR should improve its coverage of the latest IOCs. Their suspicious object management works, but the coverage should be improved. It will take one or two months to get those things covered. XDR will detect on a behavioral basis, but these databases will not get updated daily like some other solutions. If you're dealing with new ransomware or malware, it may take around a month before it's covered by Trend Micro."

What is our primary use case?

We had a SIEM in place, but we wanted to do some behavioral analysis of the files that are getting deployed. We wanted to check to ensure that it was nothing with the external registration side. We needed an EDR solution for checking and monitoring everything deployed on this target machine or our host machine site. It will check and detect if any malicious files are there or not. We are getting alerts related to that kind of thing. So we used to check those alerts on the XDR, and we used to, like, do the incident and response to that kind of thing there.

How has it helped my organization?

If you have a SIEM in place, you will only get the network logs. XDR gives you more control over what files are getting deployed, how they are being executed, and how they can potentially harm your system. XDR doesn't work like a normal antivirus solution, which uses signatures to detect and block threats. XDR detects based on behavioral analysis and blocks most things.

It reduces the investigation time because it gives you everything, including how the file was executed, which processes it called, the file name, the stemming, and the time. When we have the endpoint name, we can reach out directly to the endpoint owners and communicate with them regarding those alerts.

What is most valuable?

I like XDR's workbench feature and observed attack technique. It generates an alert once certain conditions are met. For example, let's say there's a threat called malicious.exe being deployed on your system. It will generate an alert with information like the file path, location, hash, etc. You also see a relational matrix showing how that file was executed and which processes were installed.

It's a SaaS solution that covers endpoints, email, and cloud. We have agents installed wherever data is being pushed, so it used to give us a payload. Cloud functionality is one of the most critical things because we don't generally have visibility for cloud applications. Once we install the agents, we gain visibility into all the things integrated on the cloud or any SSH attempts.

XDR offers visibility across layers. This is critical when you want to implement some policies and apply exclusions for particular parts of the system that should not get scanned. It's easy to implement those things. Let's say you want to deploy policies for multiple systems. Using Apex Central, you can directly push the policy to various systems and cover the logs of several systems at a time. 

What needs improvement?

Sometimes, there are some false positives. For example, once a user had a file in their system named recovery.txt. The solution was flagging that as a ransom note, so we were confused. It isn't that serious, but it should be improved. 

Also, XDR should improve its coverage of the latest IOCs. Their suspicious object management works, but the coverage should be improved. It will take one or two months to get those things covered. XDR will detect on a behavioral basis, but these databases will not get updated daily like some other solutions. If you're dealing with new ransomware or malware, it may take around a month before it's covered by Trend Micro. 

For how long have I used the solution?

I have used XDR for two years.

What do I think about the stability of the solution?

Trend Micro XDR is stable. We've never had downtime. 

What do I think about the scalability of the solution?

Trend Micro XDR is scalable if you can pay more for licenses. 

How are customer service and support?

I rate Trend Micro support seven out of 10. Their technical support is good. They reply regarding your cases. However, if you don't reply to them properly, they may close your case if you are not reviewing that kind of thing. 

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

 I previously used Crowdstrike, which is an MDR, so it was totally managed by the Crowdstrike team. They were monitoring every alert that was generated, so it's hard to compare it to Trend Micro XDR. It was somewhat similar, but CrowdStrike is more proactive than Trend Micro, and it has greater coverage of IOCs. I have also used SentinelOne.

How was the initial setup?

It's a SaaS solution deployed across multiple locations covering 20,000 endpoints. It doesn't require any maintenance aside from updates. 

What other advice do I have?

I rate Trend Micro XDR seven out of 10. If you plan to implement XDR you should be aware of the IOC coverage and follow up with the Trend Micro team. Most things are covered, but it takes time to add and deploy all that stuff. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Daniel Winninger - PeerSpot reviewer
Head of IT & Telecommunications at VA-Erzberg GmbH
Real User
Top 5
A stable solution that monitors servers for intrusions and other security-related issues
Pros and Cons
  • "It is a stable product. It works very well."
  • "A room for improvement is Trend Micro XDR's website. It's a very complicated website since finding the right point one wants to see is difficult."

What is our primary use case?

Currently, our company uses the solution solely to monitor our servers for intrusions and other security-related issues.

What is most valuable?

I will have to have a look at my end to be able to explain the features that I find most valuable about the solution.

What needs improvement?

A room for improvement is Trend Micro XDR's website. It's a very complicated website since finding the right point one wants to see is difficult.

For how long have I used the solution?

I have been using Trend Micro XDR for a year now. Also, I am a customer using the solution.

What do I think about the stability of the solution?

It is a stable product. It works very well.

What do I think about the scalability of the solution?

Presently, we have 150 users in our company using the solution. Even if the number of users were to increase in my company, it would still work the same.

How are customer service and support?

Initially, while using the solution in a company, we faced some issues. Our company did help us to resolve these issues.

How was the initial setup?

Since another company carried out the initial setup process, my company did not find it complicated.

The solution is currently deployed on-premises, but we are planning a move to the cloud. We have a plan to conduct a POC for Trend Micro XDR on the cloud shortly.

What's my experience with pricing, setup cost, and licensing?

The pricing of the solution is okay. There is a need for me to look into the new pricing plan introduced by the solution recently.

What other advice do I have?

I would tell those planning to use the solution that they need to consider using it. I rate the overall product an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Julio César Quezada - PeerSpot reviewer
IT Security Engineer at a retailer with 10,001+ employees
Real User
Top 20
A cloud solution for providing all information in one dashboard

What is our primary use case?

We use the solution for event correlation.

How has it helped my organization?

We are deploying a server inside our network to use it as a data collector.

What is most valuable?

The solution provides all the information in only one dashboard. We have integrated with Lumen, NETSCOUT, and other MDM products such as Microsoft Intune and ManageEngine MDM. We have also integrated Chrome with VisionOne.

What needs improvement?

The login system could be improved. We must pass two different dashboards to log in to the solution. We have a second-factor authentication. We need to check the platform, which delays three or four minutes because of logging, checking email, and returning to the platform. If you multiply the entire team, we lose a lot of time daily.

For how long have I used the solution?

I have been using Trend Vision One for two years.

What do I think about the stability of the solution?

I rate the solution’s stability an eight out of ten.

What do I think about the scalability of the solution?

I rate the solution’s scalability a nine out of ten.

Which solution did I use previously and why did I switch?

We have used Symantec before. We switched to Trend Vision because Symantec cut off support for Windows XP. We still have Windows XP in our environment.

How was the initial setup?

The initial setup is easy because our assets are in interactive directory.

What was our ROI?

We’ve seen ROI because we controlled a malware attack in our network with Trend Micro two weeks ago.

Which other solutions did I evaluate?

We have tried other malware solutions. We chose Trend Vision because it supports Windows XP.

What other advice do I have?

Overall, I rate the solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Faheem Shaikh - PeerSpot reviewer
Information Security Engineer at Cyberisk
Real User
Top 20
Comprehensive security offers effective risk management with centralized management
Pros and Cons
  • "The most valuable features of Trend Vision One are its capabilities for XDR, EDR, MDR, and NDR, allowing for network detection and response."
  • "I would like Trend Vision One to incorporate more AI."

What is our primary use case?

Trend Vision One is a comprehensive endpoint security platform that combines NDR, XDR, and MDR capabilities in a single dashboard. We deploy it in offline environments, such as power plants, using relay management to ensure system connectivity without internet access. This approach allows for implementing robust security workflows even in isolated networks.

How has it helped my organization?

Trend Vision One effectively protects endpoints from malware, ransomware, and malicious scripts by allowing for the configuration of policies and sensors that detect and prevent unauthorized file modification.

Trend Vision One offers advanced threat protection that adapts to new and unknown threats. Upon detecting a threat, it deploys a virtual patch to mitigate the issue.

Trend Vision One helps detect ransomware with runtime and machine learning capabilities and will alert us of the detection.

Trend Vision One provides us with a single console for cross-layer detection, threat hunting, and investigation and is easy to learn.

It enhances risk management by providing comprehensive visibility into our environment. This ensures all systems are up-to-date and vulnerabilities are minimized.

Virtual patching is extremely helpful because it provides proactive protection against vulnerabilities even before a fix is available for the underlying issue.

Trend Vision One has helped reduce the number of viruses and malware we received. It has also helped manage risk effectively across various products like workload security, email security, and others through a single dashboard, thus making it easier for the organization to manage risk.

What is most valuable?

The most valuable features of Trend Vision One are its capabilities for XDR, EDR, MDR, and NDR, allowing for network detection and response. It is a comprehensive solution, and even Gartner recognizes TrendMicro as a leader. Additionally, it offers excellent endpoint security and protection that can be easily managed with sensors and agents.

What needs improvement?

I would like Trend Vision One to incorporate more AI.

For how long have I used the solution?

I have been using Trend Vision One for approximately two and a half years.

What do I think about the stability of the solution?

I rate Trend Vision One's stability ten out of ten. I have only faced downtime once and am confident in its stability.

What do I think about the scalability of the solution?

Trend Vision One is scalable, and I have not encountered any issues scaling the solution to meet different client requirements.

I rate the scalability of Trend Vision One ten out of ten.

How are customer service and support?

Customer service and support are excellent. The support team is very timely and helpful, offering solutions and assistance as needed.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial deployment can be done quickly and easily, especially for smaller deployments within one day. For larger deployments, like those with hundreds of endpoints, it might take a few weeks.

What's my experience with pricing, setup cost, and licensing?

I am not directly involved with pricing, but I emphasize the need for competitive pricing to facilitate easier sales.

What other advice do I have?

I would rate Trend Vision One ten out of ten.

Our clients range from small up to enterprise level.

I recommend Trend Vision One to others.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
reviewer1856883 - PeerSpot reviewer
Cyber Security Analyst at a consultancy with 10,001+ employees
Real User
Easy to maintain with advanced protection and helpful support
Pros and Cons
  • "We can scale the product as needed."
  • "We'd like to see a few more integrations."

What is our primary use case?

We primarily use the solution for the XDR.

We have integrated this with all of our endpoints. Basically, we are using it for incident response. We have a SOC team here, so we are using it in a SOC and the Workload solution. For two or three months, we have been migrating to Workload Security. It is mainly for incident response.

What is most valuable?

We are able to observe attack techniques and targeted attack detection. 

We need to explore more on it since it is still a new product for us. 

It is quite advanced, and it can help us protect our organization against threats. The targeted threat detection is great.

My understanding is the initial setup is pretty straightforward. 

The solution has been stable. 

We can scale the product as needed. 

Technical support is helpful.

It is easy to maintain. 

What needs improvement?

We'd like to see a few more integrations. Specifically, we'd like to see more IOC integration tools. 

We haven't implemented the automation piece just yet; however, we will go through that soon. We just need more time to see how it all works. 

For how long have I used the solution?

I've been using the solution for six or seven months. 

What do I think about the stability of the solution?

This solution seems to be pretty stable so far. I haven't come across any issues. There are no bugs or glitches. It doesn't crash or freeze. 

What do I think about the scalability of the solution?

The product is scalable. When we started, we had a few agents and very few endpoints. At this point, we've integrated with most of them. We haven't seen any issues as we've scaled up.

How are customer service and support?

Support has been quite helpful overall. We've dealt with them multiple times, and they have always been helpful. We tend to get the help we need within two or three hours. They ask many questions and get down to solving the problem at hand. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I also work with Microsoft Defender. 

We were using OfficeScan and ApexOne as well. 

We decided to work with this product as it had a good reputation.

How was the initial setup?

While I wasn't directly involved with the setup, my understanding is it was straightforward. I do not recall hearing about any complexities coming up. The deployment itself took a few months.

In terms of maintenance, we do get hotfixes every once in a while. It's pretty simple to maintain. 

What about the implementation team?

Trend Micros assisted our team with the setup process. However, it was mostly handled in-house. 

What's my experience with pricing, setup cost, and licensing?

I can't speak to the exact cost.

What other advice do I have?

I'm an end-user. We are using the latest version of the solution. 

The support is pretty good. It is really straightforward. It is very easy to understand, and therefore, I highly recommend the solution.

I'd rate the solution nine out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Trend Vision One Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2025
Buyer's Guide
Download our free Trend Vision One Report and get advice and tips from experienced pros sharing their opinions.