We were using Symantec before, and with the coming of EDRs in the market, we were looking for a solution. We wanted a defense system so that if there is an attack on the system, such as an endpoint is infected or the attacker or a known technique for ransomware is moving laterally, I do not need to go to the firewall team. I do not need to go to other teams to find out. I should have enough intel at that very stage to contain it if possible.

We utilize Trend Vision One to identify and neutralize malicious activities on our network. This comprehensive security solution extends beyond traditional antivirus software, which relies on pattern matching, by actively monitoring endpoint behavior for anomalies and deviations from established norms.

In 2020, we transitioned to remote work like many other companies. During this transition, we conducted an internal Trend Micro office scan, which revealed that many of our users' devices were out of date due to their inability to connect to the VPN for extended periods. This prompted us to switch to Apex One later that year. As part of the Apex One implementation, we were given a complimentary trial of Vision One. During this trial, we received an alert that demonstrated the product's effectiveness, leading us to purchase a subscription. Vision One has been an excellent addition to our security arsenal. Trend Micro continuously adds new features and updates, making it an ever-evolving and valuable tool. The product's capabilities, functionality, and incident response capabilities have improved significantly over the past several years. We can set up playbooks to automate our response to specific incidents, which is a tremendous asset. Vision One is an outstanding security solution.

We have deployed the Trend Micro product suite across all our servers and workstations, including their XDR component, Vision One.

Our decision to switch from Kaspersky to Trend Micro stemmed from the concerns surrounding Kaspersky and the Russian government. Following those developments, we were advised to discontinue using Kaspersky and began the process of evaluating alternative security solutions. Trend Micro ultimately emerged as our preferred choice due to their exceptional support during the proof-of-concept stage. Unlike other vendors, Trend Micro proactively dispatched an engineer to our corporate headquarters at their own expense to assist with setting up and running the POC, demonstrating their commitment to our success. Vision One was released a year into our contract and we were able to work with the Trend Micro account team to deploy it in our organization.

Previously, our security setup with Trend Micro was entirely on-premises. This meant we were managing our backend servers and manually reviewing security updates. It was a time-consuming process, especially when vulnerabilities arose in their on-prem products. Reviewing briefing files and ensuring everything was patched was a constant burden. Moving to the cloud was a game-changer. The maintenance of backend servers is now handled by Trend Micro, freeing up our resources. We receive monthly emails notifying us of upcoming maintenance, and they take care of everything behind the scenes. It's a breeze. Vision One has always been cloud-based, but our previous on-premises solutions included their endpoint product Apex One, server product Deep Security, and exchange product. When we transitioned to the cloud, Apex One remained our endpoint protection, while Deep Security evolved into Cloud One. Additionally, Cloud App Security was introduced, providing security features for SharePoint and Teams alongside Exchange Cloud. 

We have deployed Trend Micro XDR on all our endpoints. It is deployed as an agent because we are using Trend Micro Apex, the antivirus agent, and the SaaS agent. This means that we receive notifications from XDR for any suspicious activity related to endpoints. For example, if a user connects to a suspicious website, XDR should alert us based on our rules. It can also generate alerts for malicious Windows activities.

In addition to deploying XDR on our endpoints, we have connected Vision One XDR to our Office 365 email platform. This allows XDR to read incoming emails. We can then configure rules to remove emails from mailboxes if they have certain properties or are particularly suspicious.

We have also connected XDR to our Azure platform, which is our user authentication platform. XDR can monitor for risky user sign-ins, such as sign-ins from unusual locations. If it detects any risk, it will notify us.

Finally, we have integrated XDR with a third-party tool to receive indicators of compromise. When we receive an IOC, Vision One will automatically run a check in our environment to see if any endpoints have been compromised. It will also check to see if any emails have been sent from any of the senders in the IOC listing. If it finds any matches, it will notify us.

We can also configure playbooks to automatically take action when XDR detects a threat. For example, we could configure a playbook to force a user to reset their password or isolate an endpoint from the network.

We are using the Trend Micro Vision One XDR agent. This agent component is installed on all of our endpoints, including servers, workstations, desktops, and any other computer elements. Vision One also has an API-based element, which we have connected to our email system, such as Azure.

We use Trend Micro XDR for rapid response to end-user computing and security concerns.

As a health system, one of our core challenges is ensuring full visibility into our attack surface. We have many thousands of endpoints and end users that must be properly secured and protected. Our primary use case was to improve visibility, and response time, and reduce complexity. That is why we chose Trend Micro XDR.

Trend Micro XDR is deployed on Trend Micro's private cloud.

We use Vision One for antivirus, endpoint protection, and identifying misconfigurations in our cloud platform. It secures our servers and endpoints and detects any sort of malicious software or inappropriate user behavior. It's a cloud solution with agents on the machines for endpoint protection. 

It's a perfect tool for monitoring infrastructure, including endpoints, servers, and potential attacks via networks. That's especially true for internet-visible hosts, which we can monitor directly from the tool.

We had problems with users not using legitimate tools, such as pendrives. We needed to protect hosts from external threats and third-party actors. That included monitoring behavior, scanning our infrastructure, and exploitation of vulnerabilities.

We use the solution for event correlation.

Normally, we use the solution for day-to-day investigations. We get alerts when something is going on in the environment. Right now, we are using that tool for the asset management team to identify services or applications that are not allowed for governance and all of these purposes. In addition to that, we use it for isolating devices. We also have a service with them, an MDR service. They analyze information, and they do investigations for us as well.

I was team lead with incident responses and incident management. We used the solution for that.

It offers very good ransomware protection. You have more visibility on the network.

We use FireEye, Microsoft Defender, and Trend Micro for our endpoint solutions. Trend Micro.

We implemented Trend Vision One because we have many production servers and wanted to secure all endpoints.

We are planning to move our XDR to the cloud, but all of our production servers are currently on-premises. 

We use Trend Micro XDR to enhance our security framework.

One of our partners was the victim of a major attack, and we realized that our environment was susceptible to the same thing because we were only using an antivirus solution. 

Trend Micro XDR is deployed on-premises, and we use it on our core business servers, clients, and the management portal to protect all of our network nodes from attacks.

We primarily use the solution for the XDR.

We have integrated this with all of our endpoints. Basically, we are using it for incident response. We have a SOC team here, so we are using it in a SOC and the Workload solution. For two or three months, we have been migrating to Workload Security. It is mainly for incident response.

We use Trend Vision One for our endpoint detection and antivirus solution.

The endpoint agents are deployed locally on our computers and the centralized controller is in the cloud.

The reason we invested in Trend Micro XDR was to consolidate security operations and monitoring. On top of that, we invested in their managed detection and response service, which they can provide on top of the ETA service, which makes our lives easier. You can say that with it, we need fewer hands.

We use Trend Micro XDR for endpoint detection, endpoint user protection, and virtual security.

We had a SIEM in place, but we wanted to do some behavioral analysis of the files that are getting deployed. We wanted to check to ensure that it was nothing with the external registration side. We needed an EDR solution for checking and monitoring everything deployed on this target machine or our host machine site. It will check and detect if any malicious files are there or not. We are getting alerts related to that kind of thing. So we used to check those alerts on the XDR, and we used to, like, do the incident and response to that kind of thing there.

Trend Micro XDR is utilized for security management, and we apply it to our email, network, and endpoints.

Trend Micro XDR is based on its proprietary cloud.

Currently, our company uses the solution solely to monitor our servers for intrusions and other security-related issues.

I did a POC with Trend Micro on our servers. We were testing for detection capabilities. We wanted to use it for security protection.

I use Trend Micro XDR to centrally visualize threats and have a single-pane-of-glass view of my security posture. In a single console, I can have visibility of all the security threats that occur in each of my Trend Micro Security consoles.

I work with it as a third party in other companies. I installed XDR in other companies. And then, I help them understand the tool, help them with developing the necessary use cases, and understand, for example, how to do a threat intel, how to do a threat investigation, and stuff like that. Sometimes, I work with it as well by implementing it and actively using it in the customer's environment.

We use Trend Vision One for real-time analysis and monitoring to identify the root cause of security incidents. This includes finding details like how the attack unfolded, user names involved, IP addresses associated with the attack, and the affected systems and devices. By analyzing this information, we can map out the entire attack flow chart.

We use the solution primarily for monitoring. It's for running investigations.

We primarily use the solution as security against ransomware as ransomware now has become the biggest threat for our customers.

The solution is used to secure our servers and server endpoints and acts as cloud security. It protects us and acts as an antivirus, antimalware, and web protector. 

Trend Micro XDR is useful for more extensive networks, and it's cost-effective for networks with over 500 or 1000 users.

We're primarily using the solution for endpoints, for EDR. It's for server protection. Weve created a customer license portal and create policies around data loss and antivirus.

Everybody is working from home, so we wanted to ensure that there was an additional layer of security put into every end product. Since we were using the Trend Micro antivirus and antimalware, we wanted to upgrade it with the XDR as well. We did that about nine months ago.

It is for endpoint protection. It is essentially a modern updated version of antivirus that has more heuristic and behavioral detection components. 

We are using its latest version. In terms of deployment, it is a combination of cloud and on-premises. There is a local install on the endpoints, but it is controlled through a cloud interface.

I can use it for security. I can check for malicious mail. I can check the logs and working sessions. 

We primarily use it with our customers. I have it installed on my laptop. We primarily use the solution for security and protection.

Basically, you use it to check the complete telemetry for the endpoints, cloud network, and email solutions. If you integrate this product with your endpoints and on a third product that is available. It can completely share the telemetry of that. Trend Micro will apply the AI and ML of that. On that, we will get the Workbench. Therefore, it is just helping us to check the attack factor, et cetera, in detail, in a complete view in one single platform.

We are currently still in the implementation phase. However, we do look forward to the telemetric report provided by Trend Micro XDR. 

It is used for protection and tracking back an attack. It can be deployed on-prem or on the cloud.

We have about three clients who are running Trend Micro XDR. It can be deployed on-premises, in the cloud, or wherever you want. As an endpoint detection and response solution, it is used to identify attack points that reach even beyond the individual endpoints, such as the network environment itself.