Kaspersky is announcing a new comprehensive security Extended Detection and Response (XDR) solution combining multiple security options in a unified platform. Including log collection and correlation, case and asset management, response playbooks and investigation capabilities, XDR helps companies protect business assets and processes against advanced or complex threats, APTs and targeted attacks. Early adopters can now evaluate Kaspersky XDR in a test environment and share feedback before implementing it in real infrastructure.
The cyberthreat landscape makes it extremely challenging for organizations to stay on top of their cybersecurity while focusing on core business operations. Add an ever-expanding attack surface, regulatory requirements, and the global skills gap to the mix and it's easy to see why modern businesses are under so much pressure. According to Enterprise Strategy Group's XDR and SOC Modernization Report, 51 percent of companies struggle to detect and investigate advanced threats with their current tools. They need better threat detection and response capabilities, better security alerts prioritization and a unified management hub for all security operations taking place in the company. Kaspersky XDR has been created to meet growing demands in response to all these requests.
The first Kaspersky XDR offering evolved from Kaspersky Anti-Targeted Attack platform as Native XDR in 2016. In 2023, the company is now making the next step on the way to better detection and response capabilities with the introduction of Open XDR [1] . The new product is available to early adopters who can assess its functionality and compatibility with the existing infrastructure in a test environment.
Easily managed from the Open Single Management Platform, Kaspersky XDR offers comprehensive on-premise security, ensuring customers' sensitive data remains within their own infrastructure while meeting data sovereignty requirements. This is a robust cybersecurity solution that provides an all-encompassing view of the company's security and helps businesses stay ahead of evolving cyberthreats by correlating and analyzing data from various sources across an organization's IT infrastructure, providing a holistic and contextual view of potential threats.
Kaspersky XDR can integrate with other cybersecurity solutions from Kaspersky ecosystem as well as with third party products, including Endpoint Protection Platforms and Threat Intelligence services. This integration can help organizations seamlessly streamline their security operations and reduce the complexity of managing multiple security solutions.
Advanced analytics for comprehensive threat detection and response
Kaspersky XDR provides comprehensive threat detection and response capabilities by leveraging a wide range of data sources, including endpoint, network, and various application and operation systems logs. The solution uses advanced analytics and can automatically cross-correlate and analyze data from multiple sources. It can also initiate automated responses to contain and remediate potential cyber risks. For the most experienced and demanding users, threat hunting capabilities are available to proactively detect advanced threats.
Investigation Graph for greater visibility
The investigation graph is a tool that helps InfoSec professionals gather attack artefacts in a clear and coherent picture that is easy to analyze and respond. Its purpose is to simplify the process of starting to investigate alerts and incidents, bringing together events from different systems on the same canvas, displaying their connections, and giving tools for searching, enriching and responding.
Customized playbooks for better efficiency
Kaspersky XDR also allows the creation of efficient playbooks to customize workflows with flexible triggers and tailored response scenarios. This feature helps companies to speed up typical operations, build a process for teamwork and minimize errors in frequently thus providing InfoSec professionals with more time for the investigation of repeated complex incidents.
Easy deployment and management
Kaspersky XDR is designed to be easily deployed and managed, even in complex enterprise environments with focus on data sovereignty. On universal platforms, Kaspersky can land XDR to any environment or region, guaranteeing compliance with frameworks such as General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS) and Health Insurance Portability and Accountability Act (HIPAA).
Anton Ivanov, Chief Technology Officer at Kaspersky, said: “Our Extended Detection and Response is a breakthrough major milestone in our strategy. It brings a new quality of protection and ease-of-use for our corporate customers by consolidation of complex cross-product scenarios in a single unified console. XDR is based on our new Open Single Management Platform enabling our customers to enjoy tailored security that can integrate into Kaspersky's products, and a wide array of third-party solutions. Another benefit of our Open Single Management Platform is that it enables both cloud and on-premises installations, which makes Kaspersky XDR one of the few deployment-agnostic solutions of its kind in the market. Our XDR will help companies to increase the overall efficiency of their cybersecurity while addressing such global trends, as increasing attack complexity, skill shortages, and alert fatigue.”
Any company that is interested in improving its security operations efficiency may try Kaspersky XDR for free only during the early adoption. To become an early adopter, please visit the website .
The commercial release of Kaspersky XDR takes place in H1 2024 worldwide. It will also be available as a part of a new Kaspersky product line.
[1] Open XDR solutions are designed to work with a wide range of security products, allowing organizations to integrate various security products from different vendors.
Native XDR solutions typically work seamlessly with the vendor's own ecosystem of security tools, providing a more unified and cohesive experience.