Kaspersky Lab has unveiled the next generation of its Kaspersky Endpoint Security for Business offering. The updated solution includes a new Adaptive Anomaly Control feature designed to intelligently perceive and block anomalous application and user behavior, as well as a web-based management console and administrative automation features.
According to Kaspersky, Endpoint Security for Business is specifically designed to help businesses overcome the widening cyberthreat landscape and the challenges they face in managing infrastructure. The latest edition is built to give channel pros and IT security greater control across all endpoints in an end user's environment.
The new Adaptive Anomaly Control feature analyzes user behavior and "remembers" activity patterns, allowing it to block actions that are abnormal for a particular user. That process is fully automated, to save time and reduce the risk of false positives.
In 2018, Kaspersky Lab experts reported a spike in cryptomining-related attacks with more than five million users affected. To prevent hackers from using corporate computing resources for mining purposes, the new Web Control feature includes dedicated techniques to reveal and block cryptocurrency mining online.
The latest version of Kaspersky Endpoint Security for Business also aims to provide more capabilities for web-based threat prevention. Encrypted traffic scanning in its Web Threat Protection component identifies and blocks threats that attempt to use encrypted channels to penetrate the system undetected. The system also scans inbound and outbound encrypted HTTPS traffic to intercept potential malicious activity.
Technicians can manage the product via Kaspersky Security Center's web-based management console. The system lets administrators manage features and policies and monitor security through customized dashboards, including while working remotely on tablets and smartphones. According to Kaspersky, the console's new design is optimized to make dashboard customization simple and convenient.
According to Kaspersky, the company's standardized application programming interface, OpenAPI, makes integrating Kaspersky Security Center with third-party SIEM, SOAR, EDR, and other third-party platforms easier.
Backed by threat intelligence and machine learning-assisted techniques, Kaspersky Endpoint Security for Business provides cybersecurity controls such as device control and encryption, vulnerability and patch management, and integration with Kaspersky Endpoint Detection and Response.
“As attackers increasingly target users directly, understanding and protecting the human side of endpoint security will become even more critical in the coming year,” wrote Chris Sherman, senior analyst, and Salvatore Schiano, researcher, at Forrester in a recent report. “Forrester expects future endpoint security vendors to improve detection efficacy by correlating application-based behavioral analysis with user behavior. ...Future endpoint security suites will go further and leverage an understanding of user behavior to improve external attacker detection rates.”
All new versions of Kaspersky Endpoint Security for Business will be automatically deployed to all endpoints. This requires no action from the administrator except for approval and acceptance of the license agreement, which helps companies proactively keep their protection up-to-date.
“IT security teams need to maintain a balance between being able to control protection across endpoints, while not getting swamped by too many manual tasks and notifications,” said Dmitry Aleshin, vice president of product marketing at Kaspersky Lab, in prepared remarks. “The happy medium is to have intelligent protection, with management tools that allow a certain level of automation and control. Kaspersky Endpoint Security for Business provides all that IT security administrators need to make sure that endpoints remain protected no matter what.”
Kaspersky Endpoint Security for Business is available globally now.