Include:
Tech
Cybersecurity
Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.

Location

333 West San Carlos Street
San Jose, California 95110
United States

WWW: acer.com

ChannelPro Network Awards

hello 2
hello 3

Press Releases

June 9, 2019 |

Kaspersky EDR and Kaspersky Anti Targeted Attack Enhanced Features to Empower and Simplify Threat Investigation Process

Solutions now available with unique Indicators of Attack and mapping to MITRE ATT&CK databases

Kaspersky†announces the latest versions of Kaspersky EDR and Kaspersky Anti Targeted Attack, which offer new features that simplify the investigation process and enhance threat hunting. A recently added database of Indicators of Attack (IoAs), maintained by Kaspersky’s expert threat hunters, helps to deliver additional context during investigation of cybercriminal activities. In addition, IoAs are now mapped to the MITRE ATT&CK knowledge base for further analysis of adversaries’ tactics, techniques, and procedures. These key improvements help enterprises investigate complex incidents faster.

Cyber incidents relating to complex threats can have a significant impact on business. The cost of response and process recovery, the need to invest in new systems or processes, the effect on availability and the damage to reputation all adds up. Today, organizations need to consider not only the growing number of widespread malicious programs, but also the increase in complex advanced threats that are targeting them. Kaspersky helps to solve this issue with the next generation of Kaspersky EDR and Kaspersky Anti Targeted Attack platform.

Using Indicators of Attack to boost the investigation process

Kaspersky EDR and Kaspersky Anti Targeted Attack include functionality to check for Indicators of Compromise (IoCs), such as hash, file name, path, IP address, URL, etc., which show that an attacker has struck. In addition to search for IoCs, new capabilities with IoAs provide an opportunity to identify the intruders’ tactics and techniques, regardless of the malware or legitimate software used in the attack. To simplify the investigation process when examining telemetry from multiple endpoints, events are correlated with a unique set of IoAs from Kaspersky. Matched IoAs show up in the user interface with detailed descriptions and recommendations on the best way to respond to the attack.

Customers can produce their own set of IoAs based on their internal experience, knowledge of the most significant threats and their specific IT environment. All new events are automatically mapped in real time with the internal database of custom IoAs, enabling the immediate creation of informed response actions and long-term detection scenarios, according the specifics of the protected infrastructure.

Mapping to the MITRE ATT&CK knowledge base

Together, Kaspersky EDR, Kaspersky Anti Targeted Attack and MITRE ATT&CK – a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations – enable companies to validate and investigate incoming incidents more efficiently. Discovered threats are automatically mapped to the knowledge base, immediately contextualizing the new events with external intelligence and attack technique data. Having a deeper understanding into an attack reduces future risks and helps security teams cut the time taken to analyze and respond to threats.

The enhanced functionality is also available for organizations that offer cybersecurity monitoring and management. The new multi-tenancy architecture allows Managed Security Services Providers (MSSPs) to protect the infrastructure of multiple clients at the same time.

“Professional cybercriminals can reside without detection on trusted objects, exploit zero-day vulnerabilities, use legitimate software, compromised accounts, unique software, or social engineering techniques or exploit insiders. That’s why it is essential not to rely exclusively on the evidence left by malefactors, but to search for potential traces of their activity. To help organizations solve this issue, we translated Kaspersky’s expertise into a set of IoAs and mapped them with MITRE ATT&CK. With more information and understanding of a malefactor’s intentions, companies will be able to react to complex threats faster,” comments Sergey Martsynkyan, Head of B2B Product Marketing at Kaspersky.


Editor’s Choice

MSP360 Bolsters Managed Backup Solution With Full Sharepoint Backup and Restore, Object Lock, and More

March 25, 2024 |

MSP360 CEO Brian Helwig details the latest improvements in its managed backup solutions and teases some new opportunities down the road for its partners in an exclusive ChannelPro interview.

Peer to Peer: Aurora’s Philip de Souza shares his secrets to creating a successful MSSP

March 19, 2024 | Philip de Souza

“It’s important that we understand when it comes to this whole MSP world that it’s all about the customer.”

Evolving State AI Regulations: Best Practices for Mitigating Risk

March 14, 2024 | Anurag Lal

While AI technologies can unlock tremendous business value, they also have potential risks.


Related News

Growing the MSP

Explore ChannelPro

Events

Reach Our Audience