What is our primary use case?
We use Trend Micro to build our entire, CI/CD pipeline. In short, I check out the code from my VCS (Version Control System), then I run a static code analysis as the first job in the pipeline.
From that point onward, I can do multiple scans in multiple environments. For example, I can have the code checkout from my Dev environment, run the static code analysis, then I can do a folder scan. I perform the scan in my Dev environment, in the integration environment, and in the UAP environment. These are the multiple scans that you can run and enter on your application.
All the static code analysis is on the application-side, and the rest of the workflows can be triggered in several places throughout the pipeline and on the infrastructure side as well. I can use it to do VAPT (vulnerability assessment and penetration testing) throughout the entire pipeline.
Broadly speaking, it means adopting the DevOps culture of Trend Micro. DevOps culture is well adopted in Trend Micro. It's very comparable to Prisma Cloud. Palo Alto has recently informed me about their Prisma Cloud offering regarding CI/CD deployment.
We develop and deploy the CI/CD pipeline in the free workflow, using various tools like GitLab.
Palo Alto is a big competitor of Trend Micro.
Within our organization, there are roughly 1,000 plus users, using Trend Micro.
We definitely plan on using Trend Micro in the future. They are one of our preferred vendors, along with Forescout.
Forescout handles the initial stages of threat discovery and it integrates with SIEM.
If we are going to continue with Trend Micro as our endpoint security solution, then we need to have a SIEM solution, like IBM QRadar, ArcSight, Forescout, Micro Focus ArcSight.
What needs improvement?
Trend Micro does region-based scanning — the threats are shown in different regions.
I did some workshops based on tracking zero-day vulnerabilities, etc.
Trend Micro's coverage and scans can be broadened to encompass different types of classified threats based on different parameters.
For example, say I want to filter out all of the threats in The United States. In this case, I will see the US region and I will see the number of threats that are present on my infrastructure. This is referred to as threat intelligence.
When I was in this workshop, the filters always recommend that we start with the region as a first parameter. Once you get into the region (the US region), you might look at the different data centers within the US, then within the different data centers, you can drill down on the folder — on the number of hosts.
The host can then be extracted from the region and the region can be marked red. Red means there are a lot of vulnerabilities in a particular region. If Multiple hosts have multiple vulnerabilities, then the entire region will be marked red. Trend Micro somewhat shows this on their dashboard. In other words, the parameters should be improved, including zero-day filtering.
They should include easy-to-use connectors to make it easier to connect to SIEM. The integration environment has to be available so it can easily connect to SIEM.
Also, you should be able to perform more scans.
For how long have I used the solution?
I have been using Trend Micro for two years.
What do I think about the scalability of the solution?
Trend Micro is both scalable and stable.
How are customer service and technical support?
We are satisfied with the technical support. They are available 24/7.
How was the initial setup?
The initial setup was very straightforward. I did the installation by myself.
Regarding deployment topologies, whether it's on-premises, a hybrid cloud, or a public or private cloud, installation is quite easy. It will be up and running within a couple of hours.
Once we deployed it, we had to connect the console to the dashboard. Once the dashboard was up and running, we could filter out threats by connecting to the Trend Micro Data Security Operations Center, which has a threat intelligence ability that highlights all of the threats. The data comes from the CMDB database and It shows us the CVS4 of each threat.
What's my experience with pricing, setup cost, and licensing?
If you buy Trend Micro, you will also need to purchase a SIEM solution which is often quite expensive.
What other advice do I have?
I would definitely recommend Trend Micro to other potential users.
On a scale from one to ten, I would give Trend Micro a rating of eight.
Which deployment model are you using for this solution?