SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Kaspersky achieves AAA expert rating for EDR products
Wed, 24th Aug 2022
FYI, this story is more than a year old

Independent security testing organisation SE Labs has awarded Kaspersky Endpoint Detection and Response Expert a ‘AAA' rating in its first comparative Enterprise Advanced Security assessment of EDR products.

In the test, Kaspersky EDR Expert achieved 100% ‘Total Accuracy Rating', detecting every element of each threat with no false positives.

According to the company, cyber crime is a rising threat, predicted to reach a global cost of $10.5 trillion by 2025. Not only are the number of threats rising, but the attacks themselves are also becoming more sophisticated, with criminals using new tools and methods to breach target networks.

It is therefore important for businesses to have robust and reliable detection and response tools in place, to secure their network across all devices, Kaspersky states.

To determine how effective each EDR product is, SE Labs ran several full-chain attacks against the offerings of five different cybersecurity companies.

These were based on real attacker behaviour, using the ATT-CK MITRE framework to ensure the environment is as realistic as possible. The tests consisted of 17 attacks in total, from four different APTs – Wizard Spider, Sandworm, Lazarus Group and Operation Wocao.

Products were then scored on their ability to detect the attack at various different stages, helping to identify any weaknesses in a particular area.

Kaspersky EDR Expert managed to detect every one of the 17 attacks, across all stages, receiving a ‘Total Accuracy Rating' of 100%. This score came from the product's ‘Detection Accuracy' and ‘Legitimate Accuracy' ratings, meaning that it not only identified the full range of attacks, but it also avoided identifying any false positives. This put Kaspersky in first place out of five companies tested for its EDR product, earning SE Labs' highest possible ‘AAA' rating.

Alexander Liskin, head of threat research at Kaspersky, says, “As advanced cyber threats become more commonplace, businesses need to ensure they have efficient cybersecurity measures in place to keep them safe. Enterprise Advanced Security assessment of EDR products by SE Labs puts the available security offerings to the test against the full-chain attacks of several known APT groups to evaluate their quality, and uses advanced scoring system to easily identify the best solution."

He continues, "Kaspersky has participated in this assessment starting from its launch as Breach Response Test in 2019, and we are excited to receive regular confirmation about Kaspersky EDR Expert's true capabilities at the highest level.

"SE Labs has the most advanced and transparent security testing methodology, which is why we trust them to test our products publicly. Independent tests provide us with additional control over the quality of protection made available to our customers and confirms the company's success in keeping up with the evolving threat landscape."

Simon Edwards, CEO of SE Labs, says, “There are many different parts to a cyber attack and it's important to use them all when assessing security products. They might miss one but catch another. In this case Kaspersky EDR Expert caught them all, which is extremely impressive and reassuring."

Kaspersky Endpoint Detection and Response Expert provides visibility across all endpoints on a company's corporate network and delivers defence, enabling automation of routine tasks to discover, prioritise, investigate, and neutralise complex threats and APT-grade attacks, the compay states.

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky's threat intelligence and security expertise is continually transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.

The company's comprehensive security portfolio includes leading endpoint protection and a number of specialised security solutions and services to fight sophisticated and evolving digital threats.