SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Kaspersky updates endpoint detection and response solution
Thu, 22nd Sep 2022
FYI, this story is more than a year old

Kaspersky has announced an update to Kaspersky Endpoint Detection and Response Optimum.

With the latest version of this solution, users can now take advantage of an essential endpoint detection and response tool. It includes in-built users who can access an advanced automated detection mechanism and tailored incident response recommendations, the company states.

The updated Kaspersky Endpoint Detection and Response Optimum also ensures protection from damage to crucial OS files and provides information on file reputation from Kaspersky's Threat Intelligence portal.

While companies are struggling to ensure the protection of their ever-complex IT infrastructures, adversaries wont hesitate to capitalise on organisations' cybersecurity gaps, Kaspersky states.

According to the recent Managed Detection and Response analytics report from Kaspersky, the proportion of high severity cybersecurity incidents facing organisations has increased by 50% in the last year.

To help IT security workers deal with increased attack surface and complexity, Kaspersky presents the new edition of Endpoint Detection and Response Optimum. According to Kaspersky, the updated version also gives users the opportunity to gain highly sought-after skills in incident investigation and response, and helps them handle their responsibilities under conditions of limited time and attention.

Kaspersky Endpoint Detection and Response Optimum provides information to get up to speed more quickly. Apart from previously available YouTube video instructions, the product now offers a Guided Response section in the alert card where IT security specialists can access all the recommended steps for investigation and response.

In addition, Kaspersky Endpoint Detection and Response Optimum contains integrated quality of life improvements, such as Threat Intelligence file reputation in the alert card. Also, when a response is performed a special check will help avoid making a mistake and blocking a crucial OS file, which can lead to ruining the whole infrastructure.

File reputation from Kaspersky Threat Intelligence Portal is available directly in the console, allowing users to understand what files are good, malicious, or suspicious, and also see known or new threats in even faster and easier ways. It also shows information in which regions or countries the file was observed most frequently, and provides a link to the threat intelligence portal with additional information about the file.

Pavel Petrov, Senior Product Manager at Kaspersky, says, “When our team was working on the Kaspersky Endpoint Detection and Response Optimum enhancements, one of the goals was to make all the solutions capabilities accessible for all types of our users, even for those who are making their first steps in investigation and response.

"We believe the new features will allow our customers not only to ensure the protection of their company against multiple types of threats, but also increase the EDR expertise of the internal IT security team.”