Trend Micro Apex One Reviews

My primary use case is for end-point protection such as anti-virus, anti-malware, etc. 

The benefit for the organization is that we're getting secured.

One of the advantages for me is that it is very easy to use. Moreover, it's cloud-based, so we're not managing any local hardware here. This means it's always updated.

In future releases, I would like to see more advanced protection.

Trend Micro Apex One could improve advanced threat protection or include more in-depth endpoint protection.

I have been using Trend Micro Apex One for three years. I am currently using the latest version. 

I would rate it an eight for stability.

We have around 700 users from all departments, including front-end, back-end, and executive offices.

I would rate it an eight out of ten because you can easily add licenses to scale it up.

The customer service and support are very responsive.

Positive

The initial setup is easy. You just need to install the agent, which usually takes a couple of minutes. Moreover, maintenance is not required because the product automatically updates to the cloud.

What you get for the license, you get it. If you want to get another product, then you have to get another license for that. That's how they do it.

I would rate the solution an eight out of ten because there's still room for improvement.

Our customer experienced a ransomware attack while using a different security solution. This prompted them to switch to Trend Micro Apex One, which they deployed for both their servers and endpoints. However, they only opted for the Endpoint Detection and Response version for their servers, not for their endpoints.

We have deployed Trend Micro Apex One to strengthen our defenses against viruses, enhance access control, and implement device control measures.

Apex One effectively defends endpoints against threats, including malware and malicious scripts.

The advanced protection capabilities adapt to safeguard against unknown and stealthy new threats, a critical advantage for our customers. We often observe that our customer's systems lack proper patching, making them more susceptible to infections. However, Apex One effectively mitigates the damage caused by these attacks.

It utilizes runtime machine learning capabilities to detect ransomware. This is crucial as ransomware poses a significant threat, and customers are increasingly moving beyond traditional antivirus solutions due to ransomware's heightened prevalence.

Apex One offers a unified console for cross-layer detection, threat hunting, and investigations, depending on the services we subscribe to. Utilizing a single console for these tasks is crucial as it eliminates the need to manage multiple solutions and their respective consoles. When a single OEM provides its solutions within a single console, it presents the most efficient approach, eliminating the need to toggle between different consoles, manage disparate systems, and correlate data across multiple platforms.

Apex One provides around 95 percent visibility into our IT security environment.

Improved visibility can help reduce response times and proactively address issues with our endpoints. This allows us to take a more proactive approach rather than a reactive one.

Apex One is easy to learn, but like any security product, it requires additional skills beyond simply navigating the solution. However, for those who need to explore the solution and figure things out, it is quite convenient. Technicians should not take long to adapt to a user's experience with any kind of endpoint security system.

It has improved our customers' security posture, enabling them to realize the benefits within the first three months.

Apex One proactively shields our customers from vulnerabilities by employing virtual patching, even before a patch is available for the underlying issue. This proactive approach proves invaluable in safeguarding against emerging threats.

Ideally, the reduction in risk stems from the implementation of multiple security measures. For instance, if an organization fails to implement device control, it might become susceptible to phishing attempts. These phishing emails, if clicked on or if attachments are downloaded, can lead to malware infections. However, endpoint security can block these threats before they reach the system, regardless of whether they arrive through a device, email, or web access. This is where detection becomes crucial. Endpoint security doesn't necessarily reduce the number of threats in the network environment, but it does prevent those threats from exploiting vulnerabilities on endpoints.

Apex One has helped reduce our customer's overhead by 30 to 40 percent.

Apex One includes a built-in fine-grained DLP solution. This is particularly beneficial for SMB customers, as they may not need to invest in a full-fledged DLP solution if Apex One meets their requirements.

The application and web controls have room for improvement. A fully integrated endpoint security system, encompassing EDR, should include application control, web control, device control, patch management, and encryption. This comprehensive solution would be highly appealing to customers, as they currently rely on multiple tools to address these security needs. Moreover, an EDR solution would provide visibility into endpoint vulnerabilities, such as unpatched systems, enabling proactive remediation. These features would undoubtedly enhance the value proposition of Trend Micro's security offerings.

I have been using Trend Micro Apex One for one year.

Trend Micro Apex One is stable. We have not encountered any issues.

Trend Micro Apex One is highly scalable, meaning there are no significant challenges with increasing the solution's capacity to meet growing demands.

The technical support is good.

Positive

My team was part of the deployment and from my end, it was a smooth process. The deployment took three days to complete. 

We utilized Trend Micro's auto-deployment feature via Active Directory to seamlessly uninstall the existing antivirus software and deploy Trend Micro Apex One.

The deployment required two people from the customer's side and one person from our end.

Apex One is expensive. On a scale of one to ten with ten being the most expensive, Apex One is an eight.

Initially, customers may be satisfied with the price of Apex One for the first year or two. However, as they become aware of other alternatives that meet their needs more effectively or at a lower cost, they start considering switching to a different option.

I would rate Trend Micro Apex One nine out of ten.

For an organization with 500 to 700 employees, at least two dedicated personnel should be assigned to maintain Apex One if the customer operates multiple shifts. Otherwise, one dedicated personnel per shift is sufficient.

Trend Micro Apex One is a good option for organizations that don't have budget constraints. 

We use Apex One for security purposes. We have installed Apex One agents on 1,900 laptops and desktops. We use all the modules that are available in Apex One.

We have seen a reduction in viruses and malware since moving to Apex One.

Apex One is very good for threat detection and removal and scanning purposes. It has advanced protection capabilities that adapt to protect against unknown and stealthy new threats. These capabilities are definitely important for us.

It can detect ransomware with runtime machine-learning capabilities. It has the capability to detect ransomware-related threats as well.

Apex One can be integrated with other security products.

They provide virtual patching to protect against vulnerabilities even before a patch is available for the source of the issue.

Its threat-hunting capabilities and the information about the known threats are the most available features. It can easily catch any threat in our environment. If you have applied policies and rules, it quarantines or mitigates a threat. It is a very good feature in Apex One. 

Apex One is easy to learn. It is not complex.

We sometimes face issues with policies and rules while working with Apex One. They sometimes do not work.

When we implement an application policy for application control, sometimes, users are not able to access other applications. We apply the policy to a specific application, but it gets applied to all applications. We have found such issues, so the application module or application rules need to be improved in Apex One.

I have been using Apex One for five years. I have been using it in my current company for four years, and I also used it in my previous company.

There is downtime, but it is minimal.

Their support is very good. Whenever we need their help, we raise a ticket, and we get a response within one or two hours. We get a very good response from Trend Micro support. I would rate them an eight out of ten.

Positive

I have previously used McAfee. 

It is on-prem as well as on the cloud. I was involved in its initial deployment, but it was four years ago. It was simple. It was not too complex.

In terms of maintenance, it does require maintenance. 

We got help from Trend Micro. There were two people in total. I and one person from Trend Micro were involved in its deployment.

You need certain skills and a certain amount of knowledge to work with this solution because a lot of things are there. I have been working with Apex One for about five years, and it has been good so far. It is very easy to use, and it gives good protection from threats. I would recommend it to others.

Overall, I would rate Apex One a nine out of ten.

I am using Apex One as a SOC analyst. I solve problems and open tickets if Trend Micro doesn't block, remedy, or quarantine threats. We don't deploy it. The Apex Trend Micro team deploys it at the customer's company, and we use it.

We use Apex One for things like URL and domain blocking, as well as detecting and blocking malicious files. We typically use the DLP solution, too. We can make groups and set policies that we push out. For example, we can set a policy for who is allowed to use a USB and who can use Zoom or any other software. 

I like Apex One's DLP and EDR features. The DLP is a good solution because it allows you to push policies. Source detection is another one. It automatically detects malicious IPs, domains, and URLs. Most of the time, it works automatically, but sometimes it doesn't quarantine or block, so we have to perform remediation manually and delete the file or application through PowerShell.

ApexOne has many advanced protection capabilities that help guard against new and unknown threats. It's critical because zero-day threats and ransomware have the most potential to destroy an organization. 

It's easy to use. Its GUI is so basic, and you can easily understand what is there or what is not. The interface is old-fashioned, but it's a good product. It's easy to administer, but I don't have the privileges to use it as an administrator.

Apex One could use some updates to its UI, threat modeling, and insights. I would like to see better integration with helpdesk platforms and more AI-driven features. It has some machine learning EDR capabilities, but they're not quite up to the level of some other solutions. 

I've been using Trend Micro products for the past year, including Apex One and Vision One. 

Apex One runs smoothly. I've never had any issues. 

Apex One is easy to scale. 

I also work with SentinelOne and CrowdStrike, which I regard as the most advanced solutions. Apex One's GUI is way too old school and their R&D is behind. Apex One has most of the features, but it's lacking some things that are necessary in today's landscape. 

SentinelOne is the clear winner out of these three because it offers end-to-end protection against anything malicious. If it's a Mac endpoint, SentinelOne can end the process through launch. SentinelOne also offers a more in-depth EDR analysis than Apex One. 

Trend Micro Vision One has a different feature set because Vision One is an XDR, but Apex One is an EDR. In my use case, Apex One is too old school compared to Vision One, which has more capabilities and advanced features. 

I wasn't involved in the deployment. The client deployed Apex One, and I use it in my capacity as a SOC analyst. It doesn't require any maintenance from our side. I am using it remotely. However, the client may need to update agents and things like that.

I rate Trend Micro Apex One eight out of 10. 

We use Trend Micro Apex One for Endpoint detection.

We have deployed Apex One both on-premises and as a SaaS.

Trend Micro Apex One demonstrates a strong ability to protect endpoints against various threats, including malware, ransomware, and malicious scripts. The solution is considered one of the best in our region's market.

Apex One's advanced protection capabilities adapt to safeguard against unidentified threats, making this visibility crucial for endpoint security.

Apex One's runtime machine learning helps in detecting ransomware, for which we are grateful.

The learning curve for Apex One is easy. The documentation from Trend Micro is excellent, covering all aspects of security, and we also have access to their personnel if needed.

The administrative aspect of Apex One becomes easier as we continue to use the solution. Initially, we encountered some challenges with technical threats and passwords, but Trend Micro promptly assisted us in resolving these issues.

Apex One has helped our staff save time and has also assisted with saving resources.

Apex One has automatically blocked all malware and ransomware.

The deployment of endpoints in the cloud has reduced our employee workloads by 1,200 endpoints.

Apex One reduces administrative overhead by automating many tasks and consolidating all the information into a single dashboard.

We utilize Trend Micro's XDR in combination with Apex One. The pairing of XDR and Apex One enhances the security of our environment.

The most valuable feature is the vulnerability attack and detection since it enables swift action.

The UI has room for improvement. Trend Micro Apex One does not allow us to select a user and deploy a product while creating a new policy and adding users. For example, this limitation occurs when trying to add a USB block.

I have been using Trend Micro Apex One for three years.

Apex One is extremely stable, which is important to me.

Apex One is highly scalable.

The technical support is helpful and efficient.

Positive

The initial deployment took one hour and we had the assistance of the Trend Micro team.

The Trend Micro team helped with our first deployment.

Apex One has a high cost.

I give Trend Micro Apex One an eight out of ten.

Apex One is deployed in our government headquarters as well as 50 branches.

For maintenance, we have a technical team that conducts security and policy checks every quarter.

I recommend Apex One to others.

We use Trend Micro to build our entire, CI/CD pipeline. In short, I check out the code from my VCS (Version Control System), then I run a static code analysis as the first job in the pipeline.

From that point onward, I can do multiple scans in multiple environments. For example, I can have the code checkout from my Dev environment, run the static code analysis, then I can do a folder scan. I perform the scan in my Dev environment, in the integration environment, and in the UAP environment. These are the multiple scans that you can run and enter on your application.

All the static code analysis is on the application-side, and the rest of the workflows can be triggered in several places throughout the pipeline and on the infrastructure side as well. I can use it to do VAPT (vulnerability assessment and penetration testing) throughout the entire pipeline.

Broadly speaking, it means adopting the DevOps culture of Trend Micro. DevOps culture is well adopted in Trend Micro. It's very comparable to Prisma Cloud. Palo Alto has recently informed me about their Prisma Cloud offering regarding CI/CD deployment.

We develop and deploy the CI/CD pipeline in the free workflow, using various tools like GitLab.

Palo Alto is a big competitor of Trend Micro.

Within our organization, there are roughly 1,000 plus users, using Trend Micro.

We definitely plan on using Trend Micro in the future. They are one of our preferred vendors, along with Forescout.

Forescout handles the initial stages of threat discovery and it integrates with SIEM.

If we are going to continue with Trend Micro as our endpoint security solution, then we need to have a SIEM solution, like IBM QRadar, ArcSight, Forescout, Micro Focus ArcSight.

Trend Micro does region-based scanning — the threats are shown in different regions.

I did some workshops based on tracking zero-day vulnerabilities, etc.

Trend Micro's coverage and scans can be broadened to encompass different types of classified threats based on different parameters.

For example, say I want to filter out all of the threats in The United States. In this case, I will see the US region and I will see the number of threats that are present on my infrastructure. This is referred to as threat intelligence.

When I was in this workshop, the filters always recommend that we start with the region as a first parameter. Once you get into the region (the US region), you might look at the different data centers within the US, then within the different data centers, you can drill down on the folder — on the number of hosts.

The host can then be extracted from the region and the region can be marked red. Red means there are a lot of vulnerabilities in a particular region. If Multiple hosts have multiple vulnerabilities, then the entire region will be marked red. Trend Micro somewhat shows this on their dashboard. In other words, the parameters should be improved, including zero-day filtering.

They should include easy-to-use connectors to make it easier to connect to SIEM. The integration environment has to be available so it can easily connect to SIEM. 

Also, you should be able to perform more scans.

I have been using Trend Micro for two years.

Trend Micro is both scalable and stable.

We are satisfied with the technical support. They are available 24/7.

The initial setup was very straightforward. I did the installation by myself.

Regarding deployment topologies, whether it's on-premises, a hybrid cloud, or a public or private cloud, installation is quite easy. It will be up and running within a couple of hours.

Once we deployed it, we had to connect the console to the dashboard. Once the dashboard was up and running, we could filter out threats by connecting to the Trend Micro Data Security Operations Center, which has a threat intelligence ability that highlights all of the threats. The data comes from the CMDB database and It shows us the CVS4 of each threat.

If you buy Trend Micro, you will also need to purchase a SIEM solution which is often quite expensive.

I would definitely recommend Trend Micro to other potential users.

On a scale from one to ten, I would give Trend Micro a rating of eight.

We used it as an antivirus for endpoints. 

We implemented Apex One to have secure endpoints. I am an IT administrator, and I look into security. We chose this product because there is a SaaS-based platform through which the manageability is easy. No on-premise-specific connectivity is required for centralized management. The agents that are installed on the endpoints can communicate well with Trend Micro Cloud and get the latest updates. All the logs and other things flow seamlessly between the endpoint and Trend Micro Cloud.

We saw a plethora of benefits, specifically in terms of managed endpoints. We could see all the AV statuses in the console, and we could sort all the alerts and other things in a single console. It was easy from the management point of view and the compliance point of view. We were happy with the product.

Apex One is good for defending endpoints against threats such as malware, ransomware, and malicious scripts. It does not detect ransomware on every occasion with its runtime machine-learning capabilities, but it is pretty good.

It provides a single console for cross-layer detection, threat hunting, and investigation. These capabilities are pretty important for us. Security is one of the most important parts of any enterprise, especially in the hybrid work culture environment where everybody is not working from an office location. The workforce is mobile. People are working from home and other locations. In those scenarios, security becomes a requirement.

Apex One's single console does not provide end-to-end visibility into the entire IT security environment, but it does give visibility into the antivirus side. With security, there are multiple things such as multifactor authentication, single sign-on, access management, rule-based accesses, automated detection and response, and cloud-based security. All this is not there with Apex One. The scope of Apex One is the endpoint. It is installed on endpoints as an antivirus, and it gives a complete view of that but not the overall IT security.

Apex One is a pretty simple solution. It is pretty easy to master.

It was pretty helpful in reducing the employee workload. There was ease of management and deployment. We did not have to install it manually. It was automated onboarding. It was pretty good. It reduced our workload by 10% to 20%.

Apex One reduced viruses and malware. There was a 20% to 30% reduction.

Apex One has advanced protection capabilities that adapt to protect against unknown and stealthy new threats, but for the automated response, you need an XDR solution so that no IT admin is required to respond to any threat. Apex One does not have this capability. For this, you need a higher product or subscription from Trend Micro.

Apex One is easy to manage, but there is an administrative overhead because of the way Apex One creates a structure of the organization with OUs and other things. If you have a large number of devices in the organization, it is a bit of an administrative overhead to manage them because you have to look into each and every device and its compliance. Around 5% to 10% of devices would act as rogue, would not be compliant, or would not be connecting. They require manual intervention where you go and reinstall Apex One agent on the device.

In terms of security, Trend Micro is pretty fast and good at dealing with any outbreaks or vulnerabilities exposed in the environment. The updates and patches that come through Trend Micro are pretty good, and they are fast to respond to any malicious or vulnerable things in the environment. That is one of the best features. 

The antivirus itself is also lightweight. It does not hamper the performance. It is not resource-hungry. It does not impact the overall performance of the device. It is just there, and it is easy to use.

The console can be better in terms of management and viewing the hierarchy of devices. Currently, setting up the hierarchy OU-wise is a bit cumbersome. It can be made a bit easier. If that can be more user-friendly and easier to manage, it would be great.

I have been using Trend Micro Apex One for the last two years.

It is a stable solution. If it is given the right amount of management and administration, it is a good solution.

Its scalability is good. It is a cloud solution. It is easy to expand your capacity. You just have to buy a new set of licenses or additional licenses, and they can mount that capacity in your cloud platform.

We have multiple locations and multiple departments. In our organization, we have around 6,000 users who are scattered globally. Most of them are based in India. About 40% are in the United States of America, and 10% to 20% are in Europe.

I am satisfied with their support. I would rate them a seven out of ten. They are like any other company's support. If you are facing a specific problem that requires in-depth analysis, it can get hard to get to the right engineer. It can take time to get through to the right engineer.

Neutral

We were using McAfee before using Apex One. Pricing, functionality, and ease of management were the reasons for moving to Apex One.

We have recently migrated from Apex One to Microsoft Defender for Endpoint. Apex One is an Endpoint Detection and Response or EDR solution, whereas Microsoft Defender for Endpoint has XDR capabilities. Apart from detection, it is also helping in responding to those detections and providing automated responses to those detections. In addition, Microsoft Defender for Endpoint is bundled with our subscription. Security is a part of it, so we decided to go for Microsoft Defender for Endpoint, but Apex One was our solution for two years. During the COVID time, when we went into a hybrid work environment and people were working from home, it helped us very well during that time.

It was overall straightforward, but there were a few challenges. The reason we went for Apex One was that it is a cloud-based solution. 

It was pretty straightforward to enroll the endpoints. We integrated it with our Active Directory and all the devices were easily enrolled.

The removal of Trend Micro was challenging. When we moved away from Trend Micro, it was a bit of a challenge to remove the tool.

In terms of maintenance, it does require maintenance. From time to time, there will be new agent versions that need to be deployed. The first time also, we had to deploy the agents through SCCM. There are regular updates from Trend Micro. About 80% to 90% of devices get those updates and about 10% to 20% lag behind, so it does require regular monitoring and sometimes manual intervention to check why the updates are not happening. You might have to reinstall the agent on a device.

In a few scenarios, we did engage with Trend Micro where we had an additional or early release of the patches that can be deployed, and we did use that support.

There were two people from our organization, and there were two people from our partner who helped us with the solution.

It was as per expectations. It did the job well. We were using it for our internal IT, so there was not much return on the investment. It was covering the cost, and it was doing the job as expected.

It is cost-efficient.

I would recommend doing a proof of concept. I would recommend this product in certain scenarios. If you are just sticking to Apex One and not going for the XDR solution from Trend Micro, you are missing out on modern-day security practices. Just going for Apex One might not help your environment if you are into security and have users based in different locations. I would suggest going for an XDR solution if you are going for Trend Micro. Also, if you are using Microsoft 365 subscriptions or any higher subscription with Microsoft that includes Microsoft Defender for Endpoint, then you can go for Microsoft Defender for Endpoint. It is a good XDR solution, so you can use it instead of investing in another security solution.

Overall, I would rate Trend Micro Apex One an eight out of ten. As a product, it is pretty cool. It delivers what is promised.

Apex One is used for endpoint security. I deployed it for two major financial institutions in my previous company. I also installed it in my internal lab in the previous company. 

I am currently not using it. I am currently at a banking site, but before that, I was at a managed service provider vendor site.

Apex One is a great solution for defending endpoints against threats such as malware, ransomware, and malicious scripts. It can detect malicious files, ransomware, and suspicious files.

I have not had any issues regarding detection. I have deployed it on two customer sites, and I have not heard of any issues from them. It provides great protection to endpoints.

We have seen a reduction in viruses and malware since moving to Apex One. It provides great protection. It detected ransomware for one customer. After you install it and sign in, it quickly detects all the viruses.

Apex One provides a single console for cross-layer detection, threat hunting, and investigation. It shows everything on the console. If you integrate it with Apex Central, then Apex Central provides a centralized dashboard of every product of Trend Micro. It provides full visibility into the environment. You get full visibility of all the products installed on the site such as DLP, encryption, XDR, and Vision One. Apex Central is the centralized management system.

Apex One integrates with other security products. I have integrated it with SIEM solutions. I have integrated it with LogRhythm and QRadar for log collection.

Apex One is an all-in-one solution. It provides application control, vulnerability management, and protection. It is also for EDR.

It is easy to administer. You have to specify the policy criteria and automate the policies.

Apex One reduces the administrative overhead. There is a 20% to 30% reduction.

Its reporting and dashboard are valuable. Its dashboard is easy to use.

It could be more customizable. Some clients' systems are slow after the installation of Apex One.

I have been using it from the start. It has been more than five years.

It is stable.

It is a scalable solution. Our clients were enterprise clients.

Their support team has been very helpful when we needed support. 

Neutral

I have not used any other solution.

I have experience with on-premises and cloud deployments. I prefer the cloud. The cloud setup is easy. 

The deployment depends on the client. If client requirements are clear, it is easy. Otherwise, it can be complex. In Pakistan, there are many problems that we are facing with the deployment process of Apex One because some clients are not pushing the agents to Active Directory or remote registry. We have to install it manually on every computer or place it on a shared server to install it on their endpoints.

The deployment duration depends on the number of endpoints. For more than 2,000 endpoints, it can take two to three months. If you are only installing the endpoint solution from a remote site without making any policies, then it does not take too much time. You just need to push the agent.

It requires maintenance. There are upgrades. They inform the customers and partners when they are having a major upgrade.

Overall, I would rate Trend Micro Apex One an eight out of ten.