Solutions for:
Product

Kaspersky Endpoint Detection and Response

Show Gartner Peer Insights reviews
Preventing business disruption and damage by eliminating the risks posed by complex and targeted threats
REQUEST A DEMO Download Datasheet(4 Pages)

Kaspersky EDR

Protect your business against cybercrime with high-end endpoint defenses while cutting costs

Cybercriminals are becoming ever more sophisticated, capable of successfully bypassing existing protection and exposing every area of your business to risk. Corporate endpoints, where data, users and corporate systems all come together to generate and implement business processes, are particularly vulnerable. To protect these endpoints, and to prevent them from being used as entry points into your infrastructure, your IT-security teams should be looking to boost your existing defenses. Implementing the full endpoint protection cycle, from automatic threat blocking to responding swiftly and appropriately to complex incidents, requires preventive technologies supplemented by advanced defense capabilities. Kaspersky Endpoint Detection and Response (EDR) provides comprehensive visibility across all endpoints on the corporate network and superior defenses, enabling the automation of routine tasks to discover, prioritize, investigate and neutralize complex threats and APT-like attacks.

Powerful complete endpoint defenses via a single agent

A single agent for automatic protection against common threats and advanced defense against complex attacks simplifies incident handling and minimizes maintenance costs. As a module which can be activated within our world-leading Kaspersky Endpoint Security for Business, Kaspersky EDR is quick and easy to implement. No added burden on endpoints and no further costs – just the knowledge that your workstations and servers are fully protected against the most advanced threats and targeted attacks.

Efficient in handling complex incidents and compliance support

Kaspersky EDR reduces the time needed for initial evidence collection, provides supreme telemetry analysis and maximizes the automation of EDR processes, cutting overall response times from hours to minutes. The solution enables advanced threat discovery across all endpoints giving a complete view of every incident for investigative and regulatory purposes. It also provides a historical data, even in situations where compromised endpoints are inaccessible or when data has been encrypted during an attack.

Detection quality confirmed by MITRE ATT&CK Evaluation

Recognizing the importance of TTP analysis in complex incident investigation and the role of MITRE ATT&CK in the security market today:

- Kaspersky EDR has participated in MITRE’s APT29 Round 2 Evaluation and demonstrated a high level of performance in detecting key techniques applied at crucial stages of modern targeted attacks

- we’ve enriched Kaspersky EDR’s detections with data from the MITRE ATT&CK knowledgebase for deep analysis of the adversary’s TTPs.

Endpoint Detection and Response

Endpoint Detection and Response

52 Reviews
4.9/5.0
100% would recommend
as of April 12, 2021

See the reviews
Suitable For

Organizations struggling with incident response against complex and APT-like threats, due to huge numbers of manual handling tasks and/or inadequate current technologies. Kaspersky EDR provides a full picture of the security scenario and high levels of automation in detection and response actions, to help your IT security experts to manage and fight to complex threats easily and efficiently.

In Use

  • Enhanced threat discovery and mature investigation process

    Kaspersky EDR enables the ongoing monitoring and visualization of every investigative stage, fast access to data, premium threat discovery and efficient analysis. The investigation process is enhanced with retrospective analysis and unique Indicators of Attack with ATT&CK mapping that helps identify tactics and techniques, as well as proactive threat hunting and access to the powerful Kaspersky Threat Intelligence Portal. Your experts have the robust facilities to understand the entire sequence of intruder actions and discover the most sophisticated attacks and respond appropriately - and fast!

  • Guided investigation and a faster, more accurate response

    Quality and speed of incident response are Key Performance Indicators commonly applied to today’s IT Security Departments. By centralizing incident management with guided investigation across all the endpoints on your corporate network, Kaspersky EDR provides a seamless workflow. Fast, accurate threat containment and incident resolution across distributed infrastructures is supported through centralized and automated actions, all helping to streamline the work of your IT security team. No more costly additional resources needed, no more expensive downtime and no lost productivity.

  • A complete suite of Extended Detection and Response

    Kaspersky EDR can be absorbed into the Kaspersky Anti Targeted Attack Platform, providing extended detection and response capabilities. The Kaspersky Anti Targeted Attack Platform with Kaspersky EDR at its core represents an all-in-one APT protection solution and combines network-level advanced threat discovery and EDR capabilities. IT security specialists have all the tools they need to handle superior multi-dimensional threat discovery at both endpoint and network levels, applying leading-edge technology, undertaking effective investigations, and delivering a rapid centralized response — all through the single solution.

24/7

Premium Support

Professional help is available whenever you need it. Operating in more than 200 countries, from 34 offices worldwide, we have you covered 24/7/365. Take advantage of our Premium support packages, or call on our Professional Services to ensure that you derive maximum benefit from your Kaspersky Lab security installation.

PREMIUM SUPPORT PROFESSIONAL SERVICES

The Threats

Kaspersky EDR is a specialized, unified protection solution for cybersecurity experts and enterprise SOC teams that helps enterprises deal with security challenges:

  • <p>Slow detection, investigation and response times lead to business disruption</p>

    Slow detection, investigation and response times lead to business disruption

  • <p>Attacks on the supply chain as well as from trusted sources can easily penetrate the corporate perimeter</p>

    Attacks on the supply chain as well as from trusted sources can easily penetrate the corporate perimeter

  • <p>A lack of centralized, correlated context hinders visibility and can allow incidents to go undetected by corporate security</p>

    A lack of centralized, correlated context hinders visibility and can allow incidents to go undetected by corporate security

  • <p>Non-malware attacks, like social engineering and credentials theft, are hidden from traditional security solutions which rely on malicious pattern detection</p>

    Non-malware attacks, like social engineering and credentials theft, are hidden from traditional security solutions which rely on malicious pattern detection

  • <p>Manual or non-specialized IT-related responses to issues like reimaging, denylisting, broken connections, etc. as a result of an incident are ineffective without the rich functionality of EDR</p>

    Manual or non-specialized IT-related responses to issues like reimaging, denylisting, broken connections, etc. as a result of an incident are ineffective without the rich functionality of EDR

  • <p>Highly motivated cybercriminal gangs use unique and previously unknown methods against enterprises protected by traditional, widely used prevention technologies</p>

    Highly motivated cybercriminal gangs use unique and previously unknown methods against enterprises protected by traditional, widely used prevention technologies

Related to this Product

    Let’s start the conversation! To talk to one of our experts about how True Cybersecurity can inform your corporate security strategy. Get in touch!

    GET IN TOUCH
    The GARTNER PEER INSIGHTS Logo is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates.