TLDR: Trend Micro has unveiled new agentic AI capabilities for its Security Information and Event Management (SIEM) solutions, integrated with its cybersecurity digital twin technology. This initiative aims to empower Managed Security Service Providers (MSSPs) and enterprises to combat the escalating complexity and AI-driven nature of cyber threats by offering more proactive, automated, and accurate security operations.
Cybersecurity leader Trend Micro is significantly advancing its offerings for Managed Security Service Providers (MSSPs) and enterprises by integrating cutting-edge agentic AI capabilities into its Security Information and Event Management (SIEM) solutions. This strategic enhancement, announced on August 13, 2025, is designed to address persistent challenges in SIEM operations, including high costs, operational complexity, reliance on manual processes, and the overwhelming volume of alerts. The new SIEM AI agents are combined with Trend Micro’s recently introduced cybersecurity digital twin technology, creating a robust framework for more proactive and responsive security operations essential in today’s adaptive and AI-driven threat landscape.
Rachel Jin, Trend Micro’s Chief Enterprise Platform Officer, emphasized the significance of this development, stating that the company’s Vision One Agentic SIEM represents ‘a major stepping stone to our long-term vision for full, AI-driven SecOps.’ Jin envisions a future where security teams can dedicate more time to strategic tasks, confident in the support provided by agentic AI. This offering leverages autonomous data analysis and anomaly detection and response, moving beyond traditional manual log and alert monitoring. This shift is expected to drastically reduce the time required for threat detection and mitigation.
Key features of the enhanced SIEM include extended data retention—up to seven years for archival data and two years for analytic retention—facilitating comprehensive detection, threat hunting, and compliance. The system also allows for searching archival logs, which is crucial for meeting audit and regulatory demands. When an incident occurs, the AI agents automatically correlate data from over 900 supported sources, accelerating the investigation process and improving the accuracy of results. This leads to reduced alert fatigue through more precise threat detection and the ability to identify subtle, sophisticated attack patterns that rule-based systems might miss. Furthermore, AI can accelerate vulnerability and incident response by recommending playbooks and potentially enabling automated and autonomous actions.
Trend Micro’s digital twin technology, introduced in late July, forms a critical component of this new model. Built on NVIDIA’s accelerated computing stack and AI Enterprise software, including NVIDIA NIM microservices, these digital twins create live, continuously updated simulations of an organization’s IT and OT environments. These virtual models allow organizations and MSSPs to proactively detect and mitigate security risks, particularly in sensitive sectors like healthcare, supply chains, predictive maintenance, and smart buildings. Bartley Richardson, Senior Engineering Director, Agentic AI at NVIDIA, highlighted that ‘Powered by NVIDIA NIM microservices, Trend’s cybersecurity digital twins bring AI-driven protection to enterprise infrastructure.’
Eva Chen, Trend Micro’s co-founder and CEO, previously noted in a white paper that security teams face challenges not only from AI-armed threat groups but also from managing increasingly complex digital ecosystems and supply chains. The digital twin approach directly addresses this by enabling scenario planning where AI agents simulate threats and tactics within the virtual environment before real-world incidents occur. This allows for continuous testing of mitigation strategies, improved resilience planning, and informed investment decisions by assessing new tools or policy changes in a safe, simulated setting. Stuart Samples, Chief Technology Officer at Northeast Georgia Health System, affirmed that ‘Trend’s digital twin approach completely changes our ability to… catch threats we didn’t even know to look for, allowing our team to focus less on firefighting and more on confidently driving innovation.’
Frank Dickson, Group Vice President, Security & Trust at IDC, commented on the innovation, stating, ‘As threats migrate to OT, proactive security is critical. Trend Micro’s Digital Twin technology introduces a new operational model for enterprise cyber security: simulation.’ He added that this continuous cycle of adversary simulation and defensive validation is invaluable for staying ahead of threats while respecting the fragility of operational environments. Sharda Tickoo, Country Manager for India & SAARC at Trend Micro, reiterated that the Digital Twin technology empowers customers to ‘simulate threats and safely validate security controls without touching production systems—to finally close the gap between digital transformation and defensive readiness.’
Also Read:
- AI-Powered Cybersecurity Bot Leads the Charge Against Digital Threats
- Cybersecurity Under Siege: BOXX Insurance Highlights AI’s Role in Accelerating Criminal Threats
This announcement aligns with Trend Micro’s broader commitment to leveraging AI in cybersecurity. The company recently announced plans to open-source its Trend Cybertron AI model and agent framework to accelerate the development of autonomous cybersecurity agents. With 93% of security leaders bracing for daily AI attacks in 2025, and 66% of surveyed organizations anticipating AI to have the most significant impact on cybersecurity this year (according to the World Economic Forum’s Global Cybersecurity Outlook report), Trend Micro’s latest innovations are poised to redefine proactive security and cyber resilience.
