BSH Hausgeräte
Trend Vision One – Cloud Security offers total visibility across cloud environments
Cloud Security Manager
at BSH Hausgeräte with 10,000+ employees
WHAT IS OUR PRIMARY USE CASE?
We use Trend Vision One™ – Cloud Security for workload and application security. The company also uses AWS Cloud Conformity. Cloud Security protects us from application-delivered attacks. The solution is protecting our private services, internal customers, and security account holders.
We did some POCs for CrowdStrike and found that it didn't have the same coverage of multi-cloud platforms. Trend Vision One was the first solution with this capability, and CrowdStrike was lagging at the time
HOW HAS IT HELPED MY ORGANIZATION?
Cloud Security is a core component of our security system, offering total visibility into everyday activities across our cloud environments. The solution has helped us to automate some things. We usually report high-severity issues to our customers, so they can investigate them manually, but our security team can fix these via automation in some cases.
The tool is doing most of the work from the security perspective. We only assess the results. We have Our Trend Vision One™. If anything appears on Our Trend Vision One, we can act based on the workbench alerts.
WHAT IS MOST VALUABLE?
I like the conformity and workload security modules. Workload security is all about intrusion detection and prevention. Cloud Security has behavioral rules that are auto-populated based on organizational structure. That's one aspect that we liked most.
We purchased Cloud Security for its multi-cloud capabilities. We already had the same conformity and workload security technologies from Trend Vision that we extended to our cloud workloads. We haven't seen any security incidents in the past six or seven months.
Cloud Security provides useful contextual data. We are integrated with Elasticsearch, so most of the parsing and use cases are also developed there. We have good results from tracking indicators of compromise, and we are generating lists of malicious IPs.
The solution's cloud workload protection is essential because not everyone is good at building workloads based on best practices. It helps us identify misconfigurations or anything like that, so we don't have to worry about it. There is a lot of risk involved. Cloud Security adds another layer of security.
Cloud Security helps us reduce costs on AWS by optimizing consumption. We can forward our reports to the customers and have them fix the issue. You can minimize costs by only enabling security for business-critical workloads and instances.
WHAT NEEDS IMPROVEMENT?
Securing S3 using Cloud Security can cost too much. Cloud Security has a tool that requires lots of privileges. From my understanding, it's only for static application testing, so they need to add dynamic application testing, and there should be more collaboration with the application testing tools on the market. We have not used this product, and I don't know if they plan to decommission it or something. They should focus on application security because this tool's unique feature is multi-cloud support. However, they should improve integration with tools for these kinds of use cases, especially application security and dynamic scanning. For example, I would like it to support Dell SecureOps. I'd also like to see some enhancements to API gateway security.
FOR HOW LONG HAVE I USED THE SOLUTION?
We have used Cloud Security for about two years.
WHAT DO I THINK ABOUT THE STABILITY OF THE SOLUTION?
I rate Cloud Security nine out of 10 for stability.
WHAT DO I THINK ABOUT THE SCALABILITY OF THE SOLUTION?
It's easy to scale. Cloud Security is all about scalability and elasticity. It's completely covered by Trend Vision. We're adding licenses annually. This year, we've purchased another 500.
HOW ARE CUSTOMER SERVICE AND SUPPORT?
I rate Trend Vision support six out of 10. Their support didn't meet expectations. They should offer more training during onboarding so that everyone on the implementation team is knowledgeable about the product. It was a considerable challenge in a massive environment like ours. We have around 5,000 servers on the cloud. Initially, there was no support for seven or eight months.
This year, we have upgraded to premium support, so we don't have these challenges anymore, but there is a cost involved. If you are selling a product, you have a responsibility to inform the customers about its capabilities.
WHICH SOLUTION DID I USE PREVIOUSLY AND WHY DID I SWITCH?
Cloud Security was the first product we purchased for this use case, but we did some POCs for CrowdStrike and found that it didn't have the same coverage of multi-cloud platforms. Trend Vision was the first solution with this capability, and CrowdStrike was lagging at the time, but I'm unsure if the market has changed since then.
CrowdStrike lacked a multi-cloud approach. It covered workload security but not application, storage, and network security. Now, maybe Crowdstrike has these services, but I'm not sure.
HOW WAS THE INITIAL SETUP?
We found the product complex to understand initially, but we learned about the use cases and modules step by step. When we were configuring the workload security module, we completely blocked the traffic by accident. We had to take time to understand the company's environment on the cloud and create exceptions.
Eventually, we learned how to automate the deployment. We didn't have any documentation from them. We figured it out ourselves. Now, we can fully deploy the solution in one afternoon. It's hassle-free with the use of automation scripts and automation tools.
We required some specialists, including those who worked on the automation part and those who specialized in some of the native cloud services. For example, in AWS, we needed SSM systems managers to help us push it via SSM agents. They're part of cloud operations, so they handle scripting and build the architecture.
WHAT WAS OUR ROI?
Cloud Security helps us reduce costs on AWS by optimizing consumption. We can forward our reports to the customers and have them fix the issue. You can minimize costs by only enabling security for business-critical workloads and instances. For example, you can enable application security for apps containing personally identifiable information or an S3 bucket where you're storing some invoices. Cloud Security has seven modules that you can choose and customize based on your use cases and requirements.
WHAT'S MY EXPERIENCE WITH PRICING, SETUP COST, AND LICENSING?
“I was not involved in purchasing the solution, but it's my understanding that Cloud Security is affordable.
WHAT OTHER ADVICE DO I HAVE?
I rate Cloud Security nine out of 10. My advice to new users is to clearly communicate with support and set an agreement for what you expect from this product and Trend Vision's support team.
Join 500K+ Global Customers
Get started with Trend today