Regulatory Compliance

Accelerate and streamline compliance for GDPR, PCI DSS, HIPAA, FedRAMP, NIST, and other key regulations 

Take control of your compliance challenges

Every day your organization is faced with an unprecedented level of threats targeting your valuable corporate data. To add to the challenge, there are a myriad of security compliance requirements that are mandated by industry and government regulations.

Trend Micro has been helping organizations like yours accelerate and streamline compliance for nearly 30 years. We help by providing key security controls, functional automation, and integrated visibility across products.

EU General Data Protection Regulation (GDPR)

The EU’s General Data Protection Regulation (GDPR) is now in effect, and with hefty fines of up to 4% of annual turnover for non-compliant businesses, even ones not based in the EU, the new regulations will be costly and have far-reaching implications.

Learn who the regulation applies to and how we can help you prepare.  


(Payment Card Industry Data Security Standard)

Accelerate PCI DSS compliance with Trend Micro Deep Security – a single tool that addresses multiple requirements, including intrusion detection and prevention (IDS/IPS), anti-malware, integrity monitoring, application control, system logging and firewall requirements. Deep Security is available as software, through the AWS & Azure marketplaces, or as a certified PCI DSS Level 1 service provider.

Learn how we helped Coiney achieve PCI compliance 4 times faster.

Healthcare compliance

Healthcare organizations need to comply with increasingly complex regulatory requirements to protect Personal Health Information (PHI). In the US, regulations such as HIPAA provide guidelines but very little in terms of specific controls or actions needed.

Frameworks like the HITRUST CSF can help, as they are much more prescriptive and harmonize globally recognized standards including HIPAA, HITECH, NIST, ISO, PCI DSS, FTC, COBIT and State laws. Trend Micro has helped healthcare organizations like MedImpact address compliance while developing a streamlined and layered defense strategy.


U.S. government organizations moving to the cloud need to ensure they are compliant with the FedRAMP program. Cloud providers like AWS and Microsoft Azure address many infrastructure layer security requirements. However, as a part of the shared security responsibility model, departments and agencies need to secure what they put IN the cloud.

We can simplify procurement and improve visibility by addressing many workload layer controls in a single product.

Achieving FedRAMP

Accelerating FedRAMP
compliance in AWS

Participating in AWS

National Institute of Standards
and Technology -- NIST

Achieving compliance with NIST 800-53 or NIST FCI can seem daunting, but with Trend Micro compliance is no longer mission impossible. We can help you meet the rigorous requirements for FedRAMP, TIC, and NIST high-impact controls as well as simplify compliance when you host workloads on cloud providers such as AWS and Azure.

Complying with the NIST
Framework for Improving
Critical Infrastructure
Cybersecurity (FCI)


Implementing NIST 800-53



NIST High Impact Controls
(AWS Quick Start
Reference Deployment)


Center for Internet Security (CIS) and SANS

The Center for Internet Security (CIS) and SANS publish a list of critical security controls to help organizations prioritize a small number of cyber defense actions with high pay-off results. Trend Micro helps to address many recommended controls, making it easier for organizations to achieve continuous, automated protection of hybrid environments.

Addressing CIS-SANS Top 20 Critical Security Controls for Server Environments