Trend Micro’s ASRM capabilities helped a transportation company identify blind spots
Mikkel M.
Security Specialist at a transportation company with 1,001-5,000 employees
WHAT IS OUR PRIMARY USE CASE?
The reason we invested in Trend Micro XDR was to consolidate security operations and monitoring. On top of that, we invested in their managed detection and response service, which they can provide on top of the ETA service, which makes our lives easier. You can say that with it, we need fewer hands.
We can spend more time in other places as it’s simpler to have that overview. We have much more time for other tasks.
HOW HAS IT HELPED MY ORGANIZATION?
We're able to gather a more simple view of what was going on in our infrastructure. Before this solution, we used a SIEM system. Trend Micro XDR made monitoring more simple, and we trusted them as a security partner.
It definitely has improved our visibility of all of our ongoing items in the infrastructure. We can get a good overview of what's going on across our network and what our security looks like.
WHAT IS MOST VALUABLE?
Having everything under one management console and having them monitored from one place is the most beneficial.
It saves time and we do not have to invest in a lot of products to meet all of our use case needs.
It's quite simple to monitor everything under one console. It makes life simpler for our operations team.
We have the solution everywhere, including email, network, endpoints, and cloud. This is important to have this coverage. As a former incident response analyst, having visibility everywhere is really important. Having everything correlated into one place increases visibility
We have centralized visibility and management across our production layers. They are also improving that from month to month. It's important for us. In security operations, the fewer places you need to go to have a look around, the easier it is. Back in the day, we had to open ten different consoles. Now we just open one.
The most important thing for us as a customer is that we can spend more time in other places as it's simpler to have that overview. We have much more time for other tasks.
We use the solution's executive dashboards. We like that we can drill down from the dashboards into XDR detections. It helps the C-suite understand. However, it also helps us drill down by allowing us to choose which views we want.
We have a trial version of the Risk Index. We have a daily look at it and it gives a nice overview of our vulnerability management and what the attack surface looks like. It helps us prioritize our daily tasks.
The Managed XDR service was great. It helped quite a lot. We had to get used to working with them and they with us, however, now it's quite an easy task and the advisory and alerts we get from them have been helpful. The availability to work on other tasks has helped us improve in other areas. It's positively affected our business. Having this product means that we are improving in a lot of different areas that we also need to focus on. They can do the monitoring better than we can do it ourselves. We don't have the manpower to do it on our own so it helps a lot to have them help with management.
We use the Attack Surface Risk Management capabilities, which are also in the trial period. It's absolutely helped us to identify blind spots in our environment. It made us realize that, for example, users were using their work email for private services such as Netflix or other services that, if they had a data breach, would be an issue. With this, we can reach out to those users and explain to them how to act on the Internet, not to use your work email for private services, et cetera.It's helped decrease our time to detect and respond to threats. It's likely 80% faster now. It's also helped us reduce the time we spend investigating false positive alerts. They do a lot of the initial work for us and come back with the actions we need to do on our part (if any). It's helped us reduce false positive investigations by 50%.
We're using some of the automation capabilities of XDR. It's helped us save time. At the moment, it's likely helped us save 20% of the time we'd normally spend on manual processes.
It’s helped decrease our time to detect and respond to threats. It’s likely 80% faster now.
WHAT NEEDS IMPROVEMENT?
They should increase their potential for thirdparty integrations. We'd like to see integrations with other IT security vendors that are not currently there.
I'd like to see central management of all products.
FOR HOW LONG HAVE I USED THE SOLUTION?
I've been using the solution since it came out, essentially. I've been working with it for eight or nine years.
WHAT DO I THINK ABOUT THE STABILITY OF THE SOLUTION?
The solution is quite stable.
WHAT DO I THINK ABOUT THE SCALABILITY OF THE SOLUTION?
We don't have branch offices, however we have 2200 clients and 800 servers.
It is easy to scale if you are a bigger organization. We do plan to scale further in the future.
HOW ARE CUSTOMER SERVICE AND SUPPORT?
We have Service One, which includes three-year support. It is 24/7/365 support and they are quite good.
HOW WOULD YOU RATE CUSTOMER SERVICE AND SUPPORT?
Positive
WHICH SOLUTION DID I USE PREVIOUSLY AND WHY DID I SWITCH?
Before Trend Micro, we used Splunk. The use case and monitoring were easier with Trend Micro. We found it easier to fulfill our needs using Trend Micro.
HOW WAS THE INITIAL SETUP?
I was involved in the deployment process. Some of it was quite complex. Unfortunately, we had an on-prem environment that wasn't well taken care of. The migration was hard, however, that was more our fault. It could be easier to migrate, however.
It took us about nine months to fully deploy.
We already had some products in the cloud, however, we needed to migrate all of our endpoints. The on-premise agent needed to be placed in the cloud and we had some problems as some clients did not have an opening to the internet, et cera. There was some preparation we needed to do. We needed to do some upgrading before migrating. There were two to four people performing the implementation.
The solution requires maintenance and we have a person that manages that.
WHAT ABOUT THE IMPLEMENTATION TEAM?
We had help from Trend Micro professional services.
WHAT WAS OUR ROI?
We have noted an ROI. Having them monitor our IT solutions allowed us to have fewer people on the team. It's saved us in man hours.
WHAT'S MY EXPERIENCE WITH PRICING, SETUP COST, AND LICENSING?
The solution is affordable. You do need to pay additional fees for some of the functionalities.
WHICH OTHER SOLUTIONS DID I EVALUATE?
We also evaluated Microsoft's solutions.
WHAT OTHER ADVICE DO I HAVE?
I'm a customer and end-user.
We realized the benefits of the solution pretty fast - within a couple of weeks. We knew the benefits beforehand which is why we chose Trend Micro. The possibility of having the solution monitored by the vendor itself was quite helpful.
I'd rate the solution nine out of ten.
I would advise others to prepare your needs beforehand. If you know those, you will know Trend Micros is the right fit for you. It's great. If there's a problem with central management or monitoring, Trend Micros is quite useful.
WHICH DEPLOYMENT MODEL ARE YOU USING FOR THIS SOLUTION?
Public Cloud
IF PUBLIC CLOUD, PRIVATE CLOUD, OR HYBRID CLOUD, WHICH CLOUD PROVIDER DO YOU USE?
Amazon Web Services (AWS)
Get started with Trend today