TrendAI
More information
TrendAI Vision One is one of the first XDR platforms on the global market to offer event correlation across the entire organization—from endpoints and servers to networks, email, mobile devices, and the cloud. It allows for expansion with individual modules at any time, and the integrated AI assistant, Trend Companion, supports SOC analysts in their daily operations and reporting. In developing the platform and its built-in solutions, TrendAI is backed by the Zero Day Initiative (a bug bounty program that purchases zero-day vulnerabilities) and a partnership with Anthropic, which grants access to their AI technology.
Platform Components:
Cyber Risk Exposure Management (CREM): Continuous risk analysis that can operate both alongside TrendAI products and in cooperation with third-party vendors. It enables the analysis of devices, accounts, applications, and cloud resources. Through Threat and Exposure Management, it provides administrators with ready-to-use solutions to mitigate potential risks before they are exploited by cybercriminals. CREM also includes compliance reports (e.g., for NIS2 or DORA), phishing attack simulations, and Attack Path Prediction functionality.
AI Security: Provides protection against data loss, prompt injection attacks, and blocks potentially harmful output data.
Описание на технологията
Trend Micro Email Security Advanced - Extends TMES functionality with a built-in sandbox for files and URLs, file password extraction capabilities, and extended email tracking (60 days instead of 30). Trend Micro Email Security is available as a standalone product or as part of the Smart Protection Complete suite.
Trend Micro Email Security Standard - An email protection solution that requires no hardware within the corporate network, as all security features are hosted in the cloud. It provides continuously updated protection against spam, phishing, ransomware, and other malware before they reach the corporate network. Using Trend Micro Email Security (TMES), administrators can configure rules to take action on emails based on detected threats—for instance, removing detected malware from incoming messages before they enter the network. TMES stops traditional email threats in the cloud using global threat intelligence, specifically targeting phishing, BEC (Business Email Compromise), and spam.
Standard Endpoint Security - Comprehensive computer protection based on multiple complementary detection techniques (including malware signatures, behavior monitoring, and machine learning). It is one of the most effective antivirus defenses on the market, offering efficient protection against advanced attacks such as ransomware (cryptolockers). It delivers real-time endpoint protection against the latest threats in a lightweight form factor optimized for physical and virtual clients. Optional add-ons available: Intrusion Defense Firewall, Data Protection, and Security for Mac. ApexOne is a solution available for both on-premises installation and hosted environments. It secures servers and workstations located anywhere. By connecting to continuous cloud-based protection, it blocks new threats before they reach corporate computers.
Mobile Security - Security technologies for mobile devices serve as a natural extension of MDM (Mobile Device Management) capabilities in the following areas: preventing corporate data leaks, protecting against malware and APT attacks, and providing secure, convenient remote VPN access to internal IT services. Integration capabilities: The platform can ingest data from and feed data into third-party products, ranging from Active Directory and firewalls to SIEMs, vulnerability management solutions, and even competing EDRs.
Network Security Policy Management
Network Security - Network protection based on a virtual probe (Network Sensor) or a physical TippingPoint IPS appliance. It enables internal traffic analysis to protect against exploits. Trend Micro TippingPoint Threat Protection System: An online network Intrusion Prevention System (IPS). It provides attack blocking with automated policy configuration (easy management and maintenance), alongside high availability and multi-gigabit speed operations. A unique benefit for customers is provided by the Zero Day Initiative—one of the world's largest vendor-agnostic bug bounty programs. Protection against zero-day exploits is made possible through the Zero Day Initiative. TippingPoint was designed from the ground up as an IPS, not an IDS. As a result, it ensures very fast installation and deployment, with virtually zero false-positive or false-negative rates. Integration with Trend Micro Deep Discovery allows potential threats to be forwarded from the IPS to the ATP Analyzer Sandbox, while IPS policies are automatically set to block attacks from that specific threat.
Server and Workload Security - Offers the most comprehensive set of security features for virtual environments: Anti-Malware and Web Reputation - Detects and blocks malicious software, tracks website credibility, and protects users from malicious URLs; Intrusion Prevention - Identifies and blocks attacks targeting system and application vulnerabilities. It features an auto-update mechanism and helps quickly deploy "virtual patches"; Host-based Firewall - Reduces the attack surface, prevents DoS attacks, and detects reconnaissance scanning attempts; Integrity Monitoring - Ensures that unauthorized system changes are detected and reported; Log Inspection - Detects events recorded in system logs to identify suspicious behavior; Application Control - Perfectly complements anti-malware protection, allowing approved applications and system components (Windows & Linux) to be locked down. It supports continuous application changes through automation; Management & Integration - Features centralized management for all security modules and ensures consistent protection policies for both physical servers and virtual machines. Integrates with VMware NSX (SDN). The solution is also available as a Service (aaS).
Web Gateway - Trend Micro Web Security: A virtual software appliance that provides application control, web malware protection, website reputation assessment, and URL filtering. The key features of InterScan Web Security include scanning network traffic for malicious software to prevent it from entering the corporate network. It also closes the security gap in HTTPS communication by decrypting and inspecting encrypted content.