As industry and government regulations grow increasingly stringent, you are faced with the challenge of meeting them while battling a growing number of threats. To help, Trend Micro has invested in certifications, security documentation, and company assessments that can help you better understand how we secure our offerings and protect your data.
Certifications are part of our security commitment
A
L’Agenzia per la Cybersicurezza Nazionale (ACN)
ACN is Italy's National Cybersecurity Authority, protecting national cybersecurity interests. It ensures that the country's National Cybersecurity Strategy is adopted, including certifying leading products like Trend Vision One for use in the government.
C
Centro Criptológico Nacional (CCN)
CCN is the Spanish government certification body focused on ensuring strong security across the country’s government entities. Certification under this program reflects our commitment to delivering secure products for the Spanish government market.
Cloud Computing Compliance Controls Catalogue(C5)
Mandated by the BSI, C5 (Cloud Computing Compliance Controls Catalogue) attestation enables German federal and state government entities and other highly regulated organisations to confidently leverage Trend's powerful SaaS-based security capabilities across the enterprise.
Common Criteria EAL2+
Common Criteria (CC) is an international standard for computer security certification. It provides assurance that the process of specification, implementation, and evaluation of a computer security product has been conducted in a rigorous, standard, and repeatable manner at a level that is commensurate with the target environment for use. Both Trend Micro™ Deep Security™ and Trend Micro™ – TippingPoint™ have been certified under Common Criteria at the EAL2+ level.
CSA Star Level 2
As the leader in cloud security, the CSA Star Level 2 certification is a reflection to our commitment to secure cloud deployments. The CSA STAR Certification is a rigorous third-party independent assessment of the security of a cloud service provider.
Cyber Security Agency of Singapore (CSA)
To better safeguard consumer data, the Cyber Security Agency of Singapore (CSA) has mandated compulsory registration for key services. Trend has successfully registered and is licensed as a managed security operations center monitoring service.
D
Dubai Electronic Security Center (DESC)
The United Arab Emirates (UAE) Dubai Electronic Security Center (DESC) is focused on ensuring that cloud service providers (CSPs) are secure to support the government mandate for data security and privacy. Trend Vision One has been certified under this program, enabling government departments to confidently leverage the platform.
F
FedRAMP
Trend offers the leading cybersecurity platform to protect sensitive government applications, data, and infrastructure. Deploy security across your physical, virtual, and multi-cloud environments to gain unified visibility, management, detection, and prevention with Trend Cloud One™ for Government and Trend Vision One™ for Government.
FIPS 140-2
Deep Security and TippingPoint provide settings that enable cryptographic modules to run in a mode compliant with FIPS 140-2 standards. We have obtained certification for our Java crypto module, Native crypto module (OpenSSL), and TippingPoint.
FIPS 140-2 support
H
HIPAA
HIPAA and HITECH impose requirements related to the use and disclosure of protected health information (PHI). HIPAA regulations require that covered entities enter into agreements with business associates to ensure that PHI is adequately protected.
I
ICSA Labs Certification
Certified organisations demonstrate a high standard of product quality through continuous independent security testing by ICSA Labs. Trend Micro™ – Deep Discovery™ is tested and certified by ICSA Labs.
ISMAP
The Information System Security Management and Assessment Program (ISMAP) is a Japanese government system for assessing the security of cloud service providers. Trend cloud-based security products are assessed and certified under ISMAP as shown on the official ISMAP cloud services list. Our products and services provide comprehensive compliance assurances to help your organisation comply with national, regional, and industry-specific requirements.
IRAP
The Australian Information Security Registered Assessors Program (IRAP) is governed and administered by the Australian Cyber Security Centre (ACSC). Trend Vision One has been assessed at the PROTECTED level under the IRAP program, enabling Australian government agencies to leverage the power of the Trend Vision One platform to secure their "Cloud First" strategy.
ISO 20000
Ensuring quality data through our threat discovery and response teams, Trend is certified under ISO/IEC 20000-1:2018. It specifies requirements for organisations to establish, implement, maintain, and continually improve service management systems (SMS).
ISO 27001, 27014, & 27034
ISO/IEC 27001:2013 is a standard that attests to a product's security operation via an information security management system (ISMS) and security controls. The standard has 2 extensions: ISO/IEC 27014:2020, which focuses on security governance and extends to many other aspects of the business, and ISO/IEC 27034-1:2011, which applies to application-level security controls. Our SaaS offerings and data centres are certified under these global standards.
ISO 27017
Committed to security and privacy in our cloud offerings, Trend is certified under ISO/IEC 27017:2015, which provides guidelines for information security controls applicable to the provision and use of cloud services.
N
National Privacy Commission (NPC)
The NPC is an independent body responsible for enforcing the Data Privacy Act (DPA) of 2012 in the Philippines, ensuring compliance with international data protection standards. Our certificate and seal of registration from the NPC underscore our commitment to data privacy, protection, and building trust with individuals and stakeholders.
NetSecOPEN
NetSecOPEN's transparent testing methodology allows organisations to understand performance under realistic conditions. This testing of TippingPoint provides organisations with the confidence needed for real-world deployments.
NHS England Data Security & Protection Toolkit
All organisations that have access to NHS patient data and systems must use the Data Security and Protection Toolkit to publish an assessment against the National Data Guardian’s 10 data security standards. Trend has completed this assessment and details can be found on the NHS site.
P
PCI DSS Certified Service Provider
The Payment Card Industry Data Security Standard (PCI DSS) stipulates that any organisation handling credit card information must secure payment card data in accordance with PCI standards. Aligned with our commitment to data privacy and security, Trend Vision One is a certified PCI DSS service provider, enabling organisations to confidently meet compliance requirements.
Trend Vision One:
Trend Vision One™ – Cloud Security:
PrivacyMark
The PrivacyMark system evaluates private enterprises' ability to take the appropriate measures to protect personal information. Those that pass are then granted the right to display "PrivacyMark" as a way to demonstrate their commitment to privacy to both their customers and partners.
R
Romania Strategic Infrastructure Certification
The Supreme Council of National Defence of Romania approves IT and security vendors for their involvement in key public infrastructure projects. Trend has completed this assessment and is authorised to participate.
S
SOC 2 Type II
As an example of transparency and security, Trend has undergone a SOC 2 Type II audit, which outlines the internal controls we use to safeguard customer data and how well those controls are operating.
StateRAMP
Trend offers the leading cybersecurity platform to protect sensitive government applications, data, and infrastructure. Deploy security across your physical, virtual, and multi-cloud environments to gain unified visibility, management, detection, and prevention with Trend Cloud One for Government and Trend Vision One for Government.
T
TX-RAMP
Trend offers the leading cybersecurity platform to protect sensitive government applications, data, and infrastructure. Deploy security across your physical, virtual, and multi-cloud environments to gain unified visibility, management, detection, and prevention with Trend Cloud One for Government and Trend Vision One for Government.
U
UK Cyber Essentials
Cyber Essentials is a UK government certification that evaluates a vendor's ability to protect against a variety of common cyber attacks.
W
Waste Electrical and Electronic Equipment (WEEE) Directive
Trend is committed to complying with the directive, which places responsibilities on producers and distributors of Electrical and Electronic Equipment (“EEE”) and batteries regarding the collection, treatment, recovery, and environmentally sound disposal of EEE and batteries at their end of life.
Join us