Sold by: Trend Micro
Deployed on AWS
Free Trial
Vendor Insights
AWS Free Tier
Stop threats before they strike with TrendAI Vision One™ - the AI-powered enterprise cybersecurity platform built to predict, prevent, and respond to threats across AWS, hybrid, and multi-cloud environments. Gain unified visibility, streamline cloud risk management, accelerate cloud investigations, and empower your security teams with proactive, layered protection that works at cloud speed. Proactive security starts here.
4.6
Overview
TrendAI Vision One™ gives enterprises and security leaders the power to see, secure, and control their entire multi-cloud and hybrid environments from a single, unified platform. Gain complete visibility with real-time risk scoring, threat exposure mapping, and centralized monitoring all from one intuitive dashboard.
Backed by AI, machine learning, and predictive analytics, TrendAI Vision One™ empowers proactive cloud security by automating threat detection, risk mitigation, and response. Streamline operations, reduce security complexity, and offload the pressure on your teams with modern CNAPP capabilities so you can stay ahead of every attack.
Trusted by industry leaders and recognized as a 2024 Gartner Peer Insights™ Customers' Choice for CNAPP, Trend Vision One is proven to reduce operational costs by up to 79% and accelerate detection and response times by 70%. It's also a Leader in the 2025 Gartner® Magic Quadrant for Endpoint Protection Platforms, delivered a 100% detection rate in MITRE evaluations, and was named a Leader in the IDC MarketScape for Cloud-Native Application Protection Platforms 2025, solidifying its position as the most trusted platform for securing the cloud.
Confidently secure your cloud transformation with a platform built for the modern enterprise. From hybrid to multi-cloud, TrendAI Vision One™ delivers unmatched protection, visibility, and control - wherever your workloads live.
Trend provides custom pricing via Private Offer. Please contact us if you're interested in personalized pricing options.
Highlights
- Identify and eliminate hidden cloud risks with unified Cyber Risk Exposure Management - discover assets, prioritize vulnerabilities, and manage posture and attack surface all from one place.
- Stay steps ahead of threats with XDR for Cloud, which extends visibility into cloud environments and streamlines SOC investigations through powerful correlation and alerting.
- Secure every application and workflow - from containers and code to S3 files and cloud workloads - with holistic protection via the integrated stack: Container Security, File Security, Workload Security, and Code Security.
Get personalized pricing in minutes - New
If qualified, an express private offer gets you custom pricing and terms. Finalize your purchase in the AWS Marketplace console.
Details
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(4)
ISO27001
SOC2
GDPR
HIPAA
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
TrendAI™ Flex (credits) | A credit-based licensing model that offers flexibility, simplifying purchasing, deployment, and management of Trend Vision One solutions. | $1.00 |
Dimension | Description | Cost/unit |
|---|---|---|
Cyber Risk Exposure Management - Cloud Risk Management | Per 500 resources per cloud account per hour | $0.12 |
Container Security | Per Amazon ECS instance or Kubernetes node per hour | $0.168 |
Container Security | Per serverless container pod or task per hour | $0.017 |
File Security SDK | Per file scan | $0.013 |
File Security Storage | Per cloud storage per hour | $1.155 |
Endpoint Security - Essentials | Per workload (Anti-Malware, Web Reputation, and XDR only) per hour | $0.007 |
Endpoint Security - Small | Per EC2 instance (micro to medium), WorkSpace, or other cloud (1 vCPU) per hour | $0.011 |
Endpoint Security - Medium | Per EC2 instance (large), WorkSpace, or other cloud (2 vCPU) per hour | $0.032 |
Endpoint Security - Large | Per EC2 instance (XL), WorkSpace, or other cloud (4 vCPU) per hour | $0.047 |
Endpoint Security - Non-Cloud | Per data center or non-cloud instance per hour | $0.047 |
Dimensions summary
Trend Vision One's pricing dimensions on AWS Marketplace are structured across multiple security capabilities. The core offering includes Endpoint Security with tiered pricing based on instance sizes (from Essentials to Large) and deployment type (cloud vs. non-cloud). Additional components include Container Security priced per node/task, File Security charged per scan and storage hour, Cyber Risk Management billed per cloud resources, and XDR for Cloud billed by data ingestion volume. All services can be accessed through Trend Vision One credits under a 12-month contract model with additional usage options. Credits are for customers interested in annual comitments while the additional usage costs offers PAYG. Credits and PAYG can be combined to best fit the needs of the customer.
Top-of-mind questions for buyers like you
How do Trend Vision One credits work in the 12-month contract model?
Trend Vision One credits are the primary currency for purchasing and consuming Trend Vision One services under a 12-month commitment with additional usage options. Credits can be flexibly allocated across different security services including endpoint security, container security, and file security, allowing customers to adjust their security coverage based on changing needs throughout the contract period.
How do the additional usage costs differ from credits?
Additional usage costs offer flexible, monthly pay-as-you-go (PAYG) billing, while credits are for customers with annual commitments. Both can be used across services—for example, credits for File Security and PAYG for Endpoint Security. Monthly billing requires purchasing one credit for account registration, after which services can be enabled in the Credits & Billing app.
How is Endpoint Security pricing structured in Trend Vision One?
Endpoint Security follows a tiered pricing model based on the size and type of instances being protected. The tiers range from Essentials (basic anti-malware and XDR) to Large (XL instances with 4+ vCPUs), with separate pricing for non-cloud instances, ensuring customers only pay for the level of protection needed for each endpoint.
What determines the cost for Container and File Security services?
Container Security is priced per instance/node for Amazon ECS or Kubernetes, or per pod/task for serverless deployments. File Security combines two pricing components: a per-scan fee for the SDK and Virtual Appliance usage, and an hourly rate for cloud storage protection, making it scalable based on actual usage patterns.
Vendor refund policy
No refunds
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Your purchase also includes 24x7 support from Trend Micro. You can log a support ticket for any issues directly from your TrendAI Vision One™ console. If you experience any issues or have questions, please contact our AWS Security experts by email at aws.marketplace@trendmicro.com .
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Trend Micro
By Rapid7
Top
25
In Security
Top
10
In Vulnerability and Patch Management, Data Governance
Top
25
In Observability, Software Development
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Unified Risk Management Platform
Centralized cyber risk exposure management with asset discovery, vulnerability prioritization, and attack surface management from a single dashboard
Extended Detection and Response for Cloud
XDR capabilities that extend visibility into cloud environments with correlation and alerting to streamline security operations center investigations
AI-Powered Threat Detection
Machine learning and predictive analytics for automated threat detection, risk mitigation, and response across multi-cloud and hybrid environments
Comprehensive Application Security
Integrated security stack covering container security, file security, workload security, and code security for end-to-end application protection
Real-Time Risk Scoring and Monitoring
Real-time risk scoring and threat exposure mapping with centralized monitoring capabilities across AWS, hybrid, and multi-cloud environments
Attack Surface Management
Aggregates comprehensive attack surface visibility across hybrid environments with external attack surface scans to provide 360-degree view of entire attack surface
Vulnerability Management
Delivers complete visibility across on-premise and remote endpoints to identify, communicate, and remediate vulnerabilities, misconfigurations, and risks
Cloud Security
Provides code-to-cloud protection for cloud-native applications with seamless CI/CD pipeline integration and agentless risk assessment based on reachability, exploitability, and potential impact
Next-Generation SIEM and XDR
Delivers accelerated detection and response with SaaS deployment, intuitive interface, out-of-the-box detections informed by MDR SOC, and built-in automation capabilities
Threat Intelligence
Delivers high-fidelity actionable threat intelligence infused with proprietary threat and vulnerability research from Rapid7 Labs and community-driven tools
Offensive Security Engine
Simulates external exploits to produce Verified Exploit Paths for prioritizing exposures that are reachable by outside attackers and reducing cloud attack surface.
Cloud Security Posture Management
Continuously monitors and manages security of AWS configurations to prevent public exposure and ensure compliance.
Secrets Scanning
Identifies more than 750 types of secrets across public and private repositories.
Cloud Infrastructure Entitlements Management
Detects and manages excessive or unused permissions to mitigate the risk of privilege escalation.
Real-Time Malware Detection
Detects malware including zero-days in milliseconds with scanning performed directly in cloud environment for object storage services like Amazon S3 and file storage services.
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
No security profile
No security profile
Standard contract
No
No
No
Customer reviews
PankajKumar24
Centralized security management has unified risk visibility and simplifies attack response
Reviewed on Apr 28, 2026
Review from a verified AWS customer
What is our primary use case?
We are currently working with Trend Micro as a partner, managing multiple OEMs like Trend Micro and Trellix. TrendAI Vision One is a managed single centralized management console. We are using multiple Trend Micro products and managing them through TrendAI Vision One .
When customers use multiple security solutions in their environment such as email security, EPP, endpoint security, NDR, and data security posture management (DSPM), we manage everything through TrendAI Vision One console for Trend Micro products, while integrating with third-party security tools such as firewalls and Microsoft to capture telemetry and metadata from both sides. TrendAI Vision One then correlates this data and shows us the observed attack techniques, along with options for sandboxing ransomware file samples through TrendAI Vision One.
What is most valuable?
TrendAI Vision One gathers risk management information such as risk scores at the OS level, account level, and domain level through the endpoint agent that monitors all machines for vulnerabilities. The CREM shows us vulnerabilities at the OS level, application level, and cloud application level while highlighting how we will remediate and mitigate loopholes in our environment or customer environment.
TrendAI Vision One also helps us with consolidated management, but there is a need for improvement if the customer has multiple branches and their IT admin is location-wise. We require location-wise console segregation in TrendAI Vision One, but there are gaps in policy management that hinder that, as all branch IT admins see all policies in the console despite needing to segregate them by location.
What needs improvement?
There are support challenges when we are using TrendAI Vision One console. If a customer needs a remote session with support, they generate multiple queries and logs, which we escalate to Trend Micro management for remote support, and aligning with remote support becomes a significant challenge.
When dealing with 10,000 users of EPP with the XDR solution, there are complication issues due to the agent size being between 500 and 700 MB, which hampers our ability for mass deployment through Active Directory. We do use hybrid solutions and cloud solutions in TrendAI Vision One, and face challenges only with mass deployment regarding sizing.
For how long have I used the solution?
We have been using TrendAI Vision One for over four years.
What do I think about the stability of the solution?
There are no glitches, and TrendAI Vision One is scalable and stable.
What do I think about the scalability of the solution?
We are not currently facing any risks as TrendAI Vision One platform manages multiple Trend Micro products within a single management console.
How are customer service and support?
Support is low. When we raise a ticket for P0 or P1, the response tends to be quite late.
Which other solutions did I evaluate?
We are working with Trend Micro, CrowdStrike, and Trellix.
What other advice do I have?
After sharing Trend Micro pricing with the customer and understanding their budget, we chase the Trend Micro OEM sales person to reduce the price given the budget that the customer has, and hopefully Trend Micro sales representatives manage and close these deals.
In terms of price and technical solution, the security solutions provided by TrendAI Vision One stand out as the best offering. Time to action for delete and quarantine is crucial, and it is approximately ten percent.
We are not experiencing any noise on their side, and thus TrendAI Vision One solution is working smoothly in multiple organizations, which helps us reduce attack risks. The overall review rating for this solution is eight out of ten.
Kartik S.
Admin-Friendly with Stellar Support and Easy Setup
Reviewed on Apr 13, 2026
Review provided by G2
What do you like best about the product?
I like that Trend Vision One is admin friendly and offers a big data lake, which make it effective for our needs. I appreciate the quick support that we receive, ensuring any issues are resolved promptly. The endpoint inventory management is the best feature for me, providing great value. Additionally, setting it up was very easy, making the onboarding process smooth.
What do you dislike about the product?
Deep Security is hard to understand.
What problems is the product solving and how is that benefiting you?
I find Trend Vision One to be admin-friendly and appreciate the big data lake. Quick support and Endpoint Inventory Management are standout features.
reviewer2813907
Incident analysis has become faster and clearer but event interfaces still need improvement
Reviewed on Apr 02, 2026
Review provided by PeerSpot
What is our primary use case?
TrendAI Vision One is used for XDR.
What is most valuable?
TrendAI Vision One is more limited, but the strong part is its minimalist design, allowing you to know the most important information about the incident. This is the strong point.
TrendAI Vision One helps consolidate security software across hybrid environments, and I think it is useful, especially when integrated with another tool for some clients. It is so useful to get a first analysis or to get some CUs with TrendAI Vision One, so it helps.
The solution saves time approximately by 80 to 90 percent; it is very simple.
What needs improvement?
To provide centralized visibility and management across various protection layers could be better. I would add different interfaces as I really appreciate how CrowdStrike manages the datasets. An interface where you can select the different events that happened in the incident would be beneficial because in TrendAI Vision One the information is very basic; you get all the information raw in a column, which I would improve by adding an advanced search feature similar to CrowdStrike where events can be filtered. This would make the analysis better for the client who is receiving the information.
TrendAI Vision One has room for improvement regarding different interfaces, specifically similar to the Event Simple part of CrowdStrike where you can identify what happened. It would be helpful to have an integrated identity module, because sometimes I want to see who executed an incident, such as a PowerShell command, to know if it was an admin or the local user of the machine. If I cannot see that, I do not know anything. Integrating the identity module would be beneficial.
For how long have I used the solution?
I have been working with TrendAI Vision One for one year and a half.
What do I think about the stability of the solution?
I rate the stability of TrendAI Vision One as a ten because I did not have any problems with it.
What do I think about the scalability of the solution?
The scalability of TrendAI Vision One would be around a six; it is appropriate for smaller companies, but for bigger ones such as Nike, I would say it would not fit as well.
What was our ROI?
Using TrendAI Vision One has reduced the time to detect and respond by approximately 20 percent up to 80 percent; the strong point is that it is simple, making it fast and easy to learn.
What other advice do I have?
When an incident appears in TrendAI Vision One, I open it and on the first page, you get to see the timeline of where all the different assets appear, including the host and other information. It is helpful because you get directly all the information by taking a look at the host involved. For example, if it is a server and you see SSH commands, it may fit with your conclusion. After that, I open the XDR part where you see in raw form all the different information. Finally, I can use the XDR view where you can filter using their raw SQL language to filter all the different incidents, for example, by endpoint GUID, something I usually use.
The risk reduction from using TrendAI Vision One depends on various factors. If I only get to use TrendAI Vision One and not any other tools, I think it would be approximately 80 percent, because if you have normal incidents, it is helpful, making it easier for the team of the final client to read the information. However, for real incidents requiring forensics, if you have to activate forensics, I think you would have difficulties, so I would say around 80 percent.
The importance of AI built into TrendAI Vision One is relatively recent for me; it is helpful to have a direct verdict, but I prefer to make my manual verdict. I would say it is important at a level of five for me, but for some inexperienced analysts, it might be at a level of five or seven because they will rely on that.
TrendAI Vision One is more simple compared to other solutions, but it could be useful for controlled cases if you have a small enterprise where the same software is used, making it interesting for situations where you are familiar with specific CUs. In my opinion, it would be more interesting than Cortex for smaller incidents, while I would prefer Cortex for larger cases than false positives which will be better managed by TrendAI Vision One.
My clients may be less than average because TrendAI Vision One is not that widely used. I think it is getting used less, but perhaps with the AI update it will be used more. I would estimate around 5 to 10 clients, approximately half of my client base.
Learning TrendAI Vision One can take anywhere from two weeks to one month.
In my opinion, TrendAI Vision One gets the information easily, but it does not really help reduce false positives by itself; you have to do the final work. I would say it helps with false positives around 80 percent because in TrendAI Vision One, you can see the verdict, plus AI is assisting with it.
I would recommend TrendAI Vision One, telling potential users that it is very easy to use, but it would be useful to learn how to use SQL for deeper analysis of different modules, which is important. Knowing how to use the different modules that your client has integrated will make a significant difference.
Jesus Fabian C.
Comprehensive Protection and Simple Configuration
Reviewed on Feb 28, 2026
Review provided by G2
What do you like best about the product?
I like that the Trend Vision One suite is very comprehensive and extensive for device protection and detection tracking. I love everything about the platform, they are going in a very good direction and are doing great. Additionally, the initial setup was really easy thanks to their very complete documentation, which helps to get the product up and running quickly and easily.
What do you dislike about the product?
Perhaps I would like them to add more options for mobile device protection. While it is currently extensive, if it had more options like remote app updates, it would be great.
What problems is the product solving and how is that benefiting you?
I use Trend Vision One to protect servers and endpoint devices. It helps me against viruses, offers virtual patching, threat analysis, and tracking of detections.
reviewer2805261
Integrated email and endpoint protection has boosted threat detection and simplified deployments
Reviewed on Feb 26, 2026
Review from a verified AWS customer
What is our primary use case?
I am from a partner firm and I deploy TrendAI Vision One at multiple customers. I implement the solution to multiple customers.
What is most valuable?
The main use cases which I have heard from customers are that, from the email point of view, email security is the first priority. They are searching for a solution which provides email security, which is able to block the files with an integrated DLP .
One of the best parts of TrendAI Vision One is its email security and the endpoint. Email security it provides at the API level, so it offers both MX Gateway and API, but usually we deploy it using API.
TrendAI Vision One has an investigation team and a support team. Whenever an alert is generated of a virus or malware, we usually have to deal with it ourselves, or the agent handles it. In this case, the agent will give you the logs.
TrendAI Vision One also has an XDR . This XDR helps you collect logs from multiple sources. It will correlate the logs of your databases, your endpoint, your servers, your mail, and using all these data silos, it will give you a report if any anomaly or any malicious file is detected or any virus pattern is detected.
Their support portal is quite good, quite on time, and gives you a detailed analysis. I personally have used it a lot and they are quite helpful.
It uses AI to check the logs, to find the malware or to find any phishing attack. It uses an AI and ML engine for that. There is also another AI agent inside the console. For example, if I want to find a policy or check a user, the AI agent can assist me.
They have recently launched a Zero Trust Secure Access, which is a version of SASE . Using their single agent, which is for endpoint, the same agent you can use for Zero Trust Secure Access. So you do not have to install multiple agents. One single agent can work for multiple things for SASE and for endpoint.
Its deployment is easy and fast. TrendAI Vision One console has all the features, like one single console provides email, email security, endpoint security, server and workload protection, XDR, cyber risk management, all the things in one console. It provides a good overview from a CISO and manager level. Whenever I have a meeting with the management, I show them that. Your cyber risk score is this much, from a comparison point of view.
It has another feature which can detect the unknown processes or malicious processes using its AI technology, which may be forming or in the initial stage of a ransomware attack. It is quite good in capturing that also.
From the functionalities perspective, the agent is quite heavy as it can scan different types of files.
None of my customers have faced any attack. We have detected many attacks using ransomware protection and phishing detection.
What needs improvement?
Although there is a point of improvement in the endpoint protection.
Email security sometimes may lead to some true positive attachments.
One thing I would say is not a good point is they do not have a specific licensing structure. If I bought licensing for 500 users, they convert the licenses to a credit system.
If I am a mid-level enterprise, it provides everything like an integrated DLP . I do not have to spend more money buying other solutions. One solution is enough to cover my DLP needs, endpoints, XDRs, and email security.
In endpoint also, if I have 500 customers, and if I want to change a policy, I have to make a new policy for them and add them to it and then change the policy. This is a complex process.
Management is a bit complex and it could have been easier.
The positive point is centralized management. If you are a mid-level enterprise looking for a solution for most of your cybersecurity products, TrendAI Vision One is a good centralized platform. You should go for it.
For how long have I used the solution?
I have been working with TrendAI Vision One for almost one year.
What do I think about the stability of the solution?
Since TrendAI Vision One is a SaaS-based platform, I have never faced the issue of the platform going down or any issues on the console. It is hosted on the cloud, so it is good. I have never faced that issue.
How are customer service and support?
TrendAI Vision One has an investigation team and a support team. Whenever an alert is generated of a virus or malware, we usually have to deal with it ourselves. But in this case, the agent will give you the logs. They have an investigation team that will give you an EXE to collect the log and EXE to clean your system, a diagnostic tool.
Their support portal is quite good, quite on time, and gives you a detailed analysis. I personally have used it a lot and they are quite helpful.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have used other tools such as Check Point. In email security, the number of false positives is less in TrendAI Vision One in comparison to Check Point.
How was the initial setup?
Within a day, you can deploy the whole solution in your whole company, maybe 500 users, 1000, or 2000. Within a day, you can deploy the solution of email security.
The first benefit is the ease of deployment using API. You simply have to link the Outlook or the Google Workspace API and within two minutes it is synced.
For endpoints, you have a script. You can simply run that script in your AD server and you can install multiple agents in a few minutes on most of your machines in the network.
Which deployment model are you using for this solution?
Hybrid Cloud