Cloud App Risk Levels

Trend Micro experts constantly evaluate, assess, and adjust cloud applications’ risk levels based on multiple criteria to ensure that customers always have the latest information.


An application's risk level indicates a level of maturity and security compliance for the application and does not indicate that an application is malicious or dangerous.

Trend Micro determines a cloud application’s risk level based on:

  • Standards compliance (for example, CSA STAR LEVEL, ISO, NIST)

  • Security features (for example, multi-factor authentication, DoS protection)

  • Security headers (for example, x-frame-options, content-security-policy)

  • Security breaches or other events that may indicate a compromised service

In addition, Trend Micro evaluates the risk level based on regulatory compliance with the following:

  • EU-US/Swiss-US Privacy Shield


  • GDPR

  • GLBA