Trend Micro Integrates Claude Enterprise with Vision One for Out-of-Band AI Governance
Trend Micro's Vision One platform now offers AI-aware visibility and detection for Anthropic's Claude Enterprise through two new collectors, addressing security gaps where inline controls are not feasible.
Security teams are increasingly grappling with the widespread adoption of large language models (LLMs) like Anthropic's Claude Enterprise, often without adequate visibility or control. The launch of Anthropic's Claude Compliance API in May 2026 highlighted this challenge, acknowledging that employees are using these tools for business-critical tasks, leading to the potential exposure of sensitive data, personally identifiable information (PII), protected health information (PHI), credentials, and proprietary source code. Traditional security tools have struggled to monitor these interactions, creating significant audit risks, particularly for organizations in regulated industries.
To address this gap, Trend Micro has integrated Anthropic's Claude Compliance API into its TrendAI Vision One platform. This integration provides an out-of-band method for governing Claude Enterprise usage, specifically targeting environments where inline enforcement solutions are not yet deployable. The solution allows organizations to gain crucial visibility into Claude usage without altering user workflows or hindering adoption, offering a flexible approach to AI security.
The integration is delivered through two distinct collectors, enabling organizations to tailor data handling to their specific risk and compliance requirements. The first option is a self-hosted collector, which operates entirely within the customer's own environment. This collector leverages the Claude Compliance API to ingest logs, processes them locally using AI Guard for immediate detection of threats, and then forwards alerts and relevant data to TrendAI Vision One for broader correlation and analysis. Critically, sensitive data and compliance access keys never leave the organization's infrastructure, ensuring maximum data privacy and control.
The self-hosted collector is designed to detect a range of security issues, including sensitive data exposure (PII, PHI, credentials, source code), policy violations, and prompt-based attacks such as prompt injection and jailbreaking attempts. It also identifies harmful content within conversations, providing security teams with actionable intelligence to mitigate risks associated with employee interactions with Claude Enterprise.
The second collector is SIEM-based and integrates directly with the TrendAI Vision One platform. In this configuration, organizations provide the compliance access key, allowing TrendAI Vision One to pull Claude Enterprise logs into its broader security ecosystem. This approach facilitates enhanced Extended Detection and Response (XDR) correlation by combining AI telemetry with data from other sources like email, network traffic, cloud services, and identity systems. The conversation content is brought into TrendAI Vision One, enabling detailed analysis of insider risk, anomalous behavior, and providing a robust audit trail for compliance purposes.
Organizations can choose the collector that best suits their needs based on data residency requirements and the desired level of correlation and reporting. For highly regulated industries that cannot export AI conversation logs, the self-hosted collector offers full visibility and detection capabilities while keeping data within their own boundaries. It's important to note that this integration, like the Compliance API itself, is reactive and out-of-band; it does not provide real-time blocking or interception of conversations. It complements, rather than replaces, inline enforcement solutions like TrendAI Vision One's AI Secure Access when those can be deployed.
This new capability extends Trend Micro's existing AI security portfolio, which includes AI Secure Access for zero-trust control over GenAI services, Agentic Governance Gateway for securing AI applications and self-built agents, and AI Security Posture Management (AI-SPM) for identifying misconfigurations and shadow AI. The Claude Enterprise integration fills a critical need for regulated customers who have adopted Claude but lack the ability to implement front-end controls, providing a comprehensive solution for governing their entire AI estate from a single platform.