Trend Micro Endpoint Security: Solutions at a Glance
Trend Micro provides a wide range of endpoint security solutions, offered as individual products or as part of a package. You can use Trend Micro endpoint security offerings on-premises or as Software as a Service (SaaS). Popular modules include endpoint security, endpoint encryption, mobile security, and web security.
However, while Trend Micro pieces together disparate endpoint technologies to a single offering, Cynet 360 provides a native, purpose-built AV, NGAV and EDR capabilities together with advanced protection technologies such as Network Traffic Analysis, UBA and Deception, together with 24\7 MDR services for its customers with no additional charge. This makes Cynet 360 a superior alternative for anyone who seeks an EDR solution.
Click here to learn how to move beyond EDR with Cynet’s unique Extended Detection and Response (XDR) capabilities.
In this article you will learn:
Trend Micro Endpoint Security Packages
Trend Micro offers three endpoint security packages, these options are available in both Software as a Service (SaaS) and on-premises formats.
|Package||Products Included||Official Data Sheet|
|Smart Protection Complete||Endpoint Security, Endpoint Encryption, Mobile Security, Web Security||https://www.trendmicro.com/en_ca/business/products/user-protection/sps.html#|
|Smart Protection for Endpoint||Same as above plus Web Security and Email Security||https://www.trendmicro.com/en_ca/business/products/user-protection/sps.html#|
|XDR for Users||Endpoint Security, Endpoint Detection and Response (EDR)||https://www.trendmicro.com/en_ca/business/products/user-protection/sps.html#|
In addition, Trend Micro offers the following optional components:
- Endpoint Detection and Response (for Smart Protection Complete and Smart Protection for Endpoint)
- Managed Detection and Response (MDR)
- Sandbox as a Service
See the sections below for more details about the main Trend Micro products included in the above packages:
Trend Micro Endpoint Security: Components and Features
Trend Micro Endpoint Security offers a robust variety of components and capabilities, including:
|Endpoint Protection Features|
- Automated detection and response of threats, including fileless attacks.
- A multipurpose agent for endpoints.
- Defense against ransomware, malware, and malicious scripts that doesn’t depend on signatures.
- Apex One Vulnerability Protection which virtually patches vulnerabilities before traditional patches are available.
- Integration with other security tools with global threat intelligence and sandboxing.
- Centralized control and visibility through Apex Central.
|Apex One™ Application Control™|
- Protects from malicious applications regardless of whether signatures are known.
- Features for blacklisting or whitelisting policies.
- Provides reputation information, such as usage, prevalence, and maturity, for applications prior to installation.
- Grants access to real-time, local and global threat intelligence.
- Certified Safe Software Service categorizes and updates applications.
- Apex Central™ provides policy and visibility management.
|Vulnerability Protection Features|
- Based on vulnerability research by top firms, including ZDI and DVLabs.
- Enables custom patching timelines and reduces risk due to unpatched vulnerabilities.
- Provides patching for legacy operating systems that are no longer vendor supported.
- Provides incremental protection against zero-day attacks for minimal downtime.
- Improves data security compliance and reduces legal liability for breaches.
- Supplements firewall protections for mobile and remote endpoints.
- Provides protection with minimal demands on performance, user productivity or network throughput.
|Data Loss Prevention (DLP) Features|
- Increased control and visibility of data to prevent data loss.
- Helps ensure regulatory compliance.
- Enables encrypted cloud storage and DLP support for SaaS Office 365®.
- Helps you to identify breach of data policies based on regular expressions, file attributes, or keywords.
- Enforces data use policies via blocking, soft-blocking, alerts, and reporting.
- Reduces performance impacts with streamlined device control, content DLP, and endpoint security.
- Integrates with Apex Central to centralize policies and reporting across solutions.
Trend Micro Endpoint Detection and Response (EDR)
Trend Micro’s primary EDR solution is XDR for Users. You can use this SaaS product to ensure your endpoints remain protected through fast detection and response to threats.
Features of XDR for Users include:
- Impact assessment and root cause analysis—provides visibility into attack vectors, including attack spread and the extent of impacts. This supports fast and effective incident response. XDR combines with the Trend Micro Smart Protection Network™ and Trend Micro Threat Connect to provide threat intelligence for improved analysis and response.
- System sweeps and threat hunting—enables you to perform sweeps identifying indicators of compromise (IoC) and indicators of attack (IoA). You can perform these searches using OpenIOC or YARA rules.
- Integrated automatic response—enables you to automatically quarantine and sandbox applications. You also have the option to rollback settings, to prevent damage caused by ransomware. You can automate features on a per-user or system-wide scale.
You can learn more about endpoint security in our guides:
Trend Micro Managed XDR Service
Trend Micro’s Managed XDR service enables you to detect and respond to threats across your systems. It uses a combination of threat intelligence and AI technologies to help ensure that threats are not missed. In the managed aspect of the service, Trend Micro researchers work with customers to perform root cause analyses and develop detailed response plans.
Features of the Managed XDR service include:
- Detection—provides 24/7 monitoring, correlation, and prioritization or alerts. This includes sweeps for IoCs taken from US-Cert and other third-party information sources and active hunting for IoAs.
- Investigation—prioritizes alerts based on the severity of threats. Managed XDR generates a root cause analysis that includes information on dwell times, attack vectors, impacts, and attack spread. It helps you assess which systems are affected and which are vulnerable.
- Response—can automatically respond to threats and generate IoC information based intercepted attacks. Managed XDR also provides an incident report including remediation options and recommendations for recovery tooling.
Endpoint Protection—Prevention, Detection and Protection with Cynet 360
Cynet 360 is a holistic cybersecurity solution that detects and prevents endpoint threats on your network.
The Cynet 360 solution includes:
- Endpoint Protection Platform (EPP)—with built-in EDR, including monitoring and controls for asset management, endpoint vulnerability assessments and application control.
- Next-Generation Antivirus (NGAV)—blocks malware, LOLBins, exploits, malicious scripts, Macros, and any known and unknown malicious threats.
- Automated incident response—including automated playbooks that prompt remediation and response action in the form of either remote teams or automated response.
- Network analytics—for detecting lateral movement, unusual logins, and suspicious connections
- User and Entity Behavior Analytics (UEBA)—establishes a pattern of normal behavior, detects suspicious activity, and then blocks the threats.
- Deception technology—tricks attackers away from your systems and into fake honeypots, where the damage is mitigated and contained.
You can learn more about the Cynet 360 security platform here.