Kaspersky Lab is announcing a comprehensive endpoint detection and response (EDR) solution that features award-winning, multi-layered detection and an automated remediation solution. In a world where no network is completely secure, businesses can join Kaspersky Lab's pilot program for Kaspersky EDR starting on October 3 to enhance their threat hunting processes and look for indicators of compromise of intrusion proactively.
Over a quarter (27%) of businesses have experienced targeted attacks during the past year, with some threats staying undiscovered within corporate infrastructure for months. Hidden attacks typically spread in the network due to security teams often being overwhelmed when manually processing the sheer number of alerts generated by modern security solutions. Additionally, the lack of necessary skills to analyze the data also presents a challenge, therefore some of the most crucial incident indicators get lost in the noise.
To meet the demands of enterprise customers, Kaspersky Lab is introducing Kaspersky Endpoint Detection and Response, with enhanced incident mitigation, better visibility over endpoints, interoperability with the company’s traditional endpoint protection product, and investigative capabilities for security teams and SOCs (Security Operations Centers). Kaspersky EDR customers will benefit from the company’s vast experience in threat intelligence, advanced protection technologies and a long history of discovering some of the world's most high-profile APTs, all embedded into the solution’s threat hunting functionality.
Kaspersky Lab’s approach to EDR security consists of:
- Monitoring: Kaspersky Lab’s incident detection and visibility features make it possible to collect data automatically.
- Detection: Kaspersky EDR’s advanced detection technologies, including a machine learning-based Targeted Attack Analyzer to help enterprises assess data from endpoint sensors and rapidly generate threat detection verdicts.
- Aggregation: To properly define an attack kill chain, Kaspersky EDR aggregates and visualizes key digital forensics data from endpoints, including information about unknown files and endpoint metadata on processes, programs, services, modules, files, auto runs, network connections and timelines.
- Response: Effective EDR is impossible without a timely response that enables organizations to clean infected systems remotely as an alternative to the costly and disruptive manual reimaging of computers. Prevention of the advanced threat repetitive assault is one of the key advantages of Kaspersky EDR. Teams will be able to prohibit the launch of suspicious PE files, office documents and scripts, and set up rules to proactively delete files on the endpoints making sure that a threat will not continuously impact the business.
“The increasing sophistication levels of targeted cyberthreats and lack of visibility over endpoints make even the most effective prevention products and internal security teams susceptible to missing something,” said Rob Cataldo, senior director of enterprise sales at Kaspersky Lab North America. “To substantially reduce dwell times associated with these unique threats, enterprises should reevaluate their cybersecurity strategies and consider comprehensive EDR solutions as a critical component. Early identification of cyberattacks and incident response needs to be a priority.”
Kaspersky EDR is a part of Kaspersky Lab’s holistic enterprise security portfolio, built with adaptive security strategies in mind. It creates a TrueCybersecurity fusion: cutting edge algorithms through its next-generation endpoint security suite, detection with Kaspersky Anti Targeted Attack platform and Kaspersky EDR, as well as security expertise with Kaspersky Research and Intelligence Services. With the company’s enterprise portfolio, businesses also have instant access to 20 years’ worth of security intelligence data enabled by Kaspersky Security and Private Security Networks.
Kaspersky EDR will be available as part of a new pilot program starting on October 3.