Kaspersky Endpoint Detection and Response Expert
Helps enterprises detect, investigate and respond to advanced security incidents more effectively using existing resources
- Prevent business disruption
Build security against complex and targeted threats - Equip your experts
With advanced detection, full visibility and custom response
*Price per user for quantities 250-499. Quantity must be 250 or greater
Get a Quote!
*Price per user for quantities 500-999. Quantity must be 500 or greater
Get a Quote!
*Price per user for quantities 1000-1499. Quantity must be 1,000 or greater
Get a Quote!
More pricing below, click here!
Overview
Boost your endpoint defenses first
Corporate endpoints are where data, users and corporate systems come together to generate and implement business processes. These endpoints continue to be the primary target for cybercriminals.
Cyberattacks are becoming more sophisticated and capable of bypassing existing security measures. Kaspersky Endpoint Detection and Response (EDR) Expert provides comprehensive visibility across all endpoints on your corporate network and delivers superior defenses, automating routine EDR tasks and enabling the Analyst to speedily hunt out, prioritize, investigate and neutralize complex threats and APT-like attacks. Kaspersky EDR Expert uses a single agent that can be managed both from a cloud-based single management platform and from an offline console in air-gapped environments, leveraging threat intelligence and incorporating customizable detections.
Stronger with XDR
Upgrade to a complete suite of Extended Detection and Response functionality - effortlessly
Build up to XDR
Kaspersky EDR Expert can be absorbed into the Kaspersky Anti Targeted Attack Platform, providing extended detection and response capabilities. The Kaspersky Anti Targeted Attack Platform with Kaspersky EDR Expert at its core is an all-in-one APT protection solution and combines network-level advanced threat discovery and EDR capabilities.
A single solution for your experts
IT security specialists have all the tools they need to handle superior multi-dimensional threat discovery at endpoint and network level, apply leading-edge technology, undertake effective investigations, and deliver a rapid centralized response — all through the single solution.
Kaspersky EDR Expert gives you the power to:
- Detect threats using the best, most advanced methods. Profiling potential threat actors’ activity is an efficient way of detecting malicious activity within an infrastructure.
- Kaspersky EDR Expert allows centralized Indicators of Compromise (IoC) to be loaded from threat data sources and supports automatically scheduled IoC scanning, streamlining analysts’ work
- With our Indicators of Attack (IoA) engine, Kaspersky EDR Expert can discover suspicious actions using the unique set of IoAs generated by Kaspersky’s threat hunters, provisioning real-time automated threat hunting capabilities
- To give you a more accurate picture of what’s happening, a file or process can be sent to the Sandbox for behavioral analysis, either manually or automatically
- IoAs and Sandbox detections are mapped to MITRE ATT&CK for the further analysis of the adversary’s Tactics, Techniques and Procedures. Individual events in the incident's tree are enriched with MITRE knowledgebase context, including the identification of MITRE-defined tactics used and visualization of the event on the incident graph
- Investigate the causes of the incident and prevent any recurrence. Kaspersky EDR Expert provides high-level endpoint protection and increases the efficiency of your SOC, providing access to retrospective data, even in situations where compromised endpoints are inaccessible or when data has been encrypted during an attack. Boosted investigation capabilities through our unique IoAs, MITRE ATT&CK enrichment and a flexible query builder, plus access to our Threat Intelligence Portal knowledge base - all facilitate threat hunting and fast incident response, leading to effective damage limitation and prevention.
- Choose a convenient telemetry storage option for forensics. A centralized database stores endpoint telemetry for 30 days by default and objects and verdicts with no time limit, meaning that forensic analysis can be performed without relying on endpoint availability. If you find you need more telemetry retention time, this can be increased to 60 or 90 days. In on-prem installations, it’s up to you to determine the period of data storage, depending on the capacity and characteristics of your hardware.
- Respond in the way that suits you best. Your IT security experts are equipped with tools that enable a ‘one click’ response via the central management console, reducing the number of manual tasks and cutting response times from hours to minutes.
- Work smoothly and efficiently. The endpoint activity tree and click-down event tree visualization tools enable your investigators to easily pivot on interesting data elements during threat path evaluation or drill down for more information. Linking events and consolidating alerts helps reveal the full impact of an attack.
Kaspersky EDR Expert is ideal if your organization wants to:
- Upgrade your security with an easy-to-use, enterprise solution for incident response.
- Automate threat identification & response without business disruption during investigations.
- Understand the specific Tactics, Techniques, and Procedures (TTPs) used by threat actors to achieve their goals, enabling more powerful defenses and the effective allocation of security resources.
- Enhance your endpoint visibility & threat detection with advanced technologies.
- Establish unified and effective threat hunting, incident management and response processes.
- Increase the efficiency of your inhouse SOC so they don’t waste their time analyzing irrelevant endpoint logs and alerts.
- Support compliance by enforcing endpoint logs, alert reviews and the documenting of investigation results.
Suitable for
Organizations struggling to respond to complex and APT-like threats, especially in the following industries.
- National
- Heathcare
- Financial Services
- Industrial
- Telecom
- Transportation
- Retail
Pricing Notes:
- Pricing and product availability subject to change without notice.
*Price per user for quantities 250-499. Quantity must be 250 or greater
Get a Quote!
*Price per user for quantities 500-999. Quantity must be 500 or greater
Get a Quote!
*Price per user for quantities 1000-1499. Quantity must be 1,000 or greater
Get a Quote!
*Price per user for quantities 1500-2499. Quantity must be 1,500 or greater
Get a Quote!
*Price per user for quantities 2500-4999. Quantity must be 2,500 or greater
Get a Quote!
*Price per user for quantities 5000+. Quantity must be 5,000 or greater
Get a Quote!
*Price per user for quantities 250-499. Quantity must be 250 or greater
Get a Quote!
*Price per user for quantities 500-999. Quantity must be 500 or greater
Get a Quote!
*Price per user for quantities 1000-1499. Quantity must be 1,000 or greater
Get a Quote!
*Price per user for quantities 1500-2499. Quantity must be 1,500 or greater
Get a Quote!
*Price per user for quantities 2500-4999. Quantity must be 2,500 or greater
Get a Quote!
*Price per user for quantities 5000+. Quantity must be 5,000 or greater
Get a Quote!