Solution designed to help organisations with small IT departments.
Kaspersky is pitching a new ‘three-in-one’ endpoint cybersecurity solution designed to make it easier for medium to large businesses to cope with threats.
Kaspersky Endpoint Detection and Response (EDR) Optimum provides insights about incidents and response capabilities for organisations with limited security resources.
It also provides a ‘sandbox’, which is an isolated environment for running and examining the behaviour of suspicious files.
The solution is a response to the difficulties small IT departments face in keeping up with cybersecurity threats.
“Majority of business leaders rely heavily on a limited number of IT staff in their organisations to identify how and when an internal cybersecurity incident happens and how they should respond,” says Margrith Appleby, General Manager of Kaspersky ANZ.
“However, in most instances, these organisations don’t have the resources and security functions in place to keep up with their cybersecurity requirements and this expands the threat surface,” Appleby added.
About 40 percent of mid-size companies and enterprises lack enough insight and intelligence about the threats faced by their organisation, according to a global Kaspersky survey.
The new solution is designed to address that problem by improving visibility of endpoints –it also aims to simplify root cause analysis and automate responses to threats.
Kaspersky’s approach to doing this is to integrate Kaspersky Endpoint Security for Business with a cloud management console, Kaspersky Endpoint Detection and Response Optimum (EDR Optimum) and Kaspersky Sandbox.
When a threat is detected, Kaspersky EDR Optimum offers various ways to respond, such is isolating the endpoint or quarantining the file.
If Kaspersky Endpoint Security for Business finds a suspicious file it can’t categorise as malicious, it sends it to Kaspersky Sandbox. The analysis can also be improved by using Kaspersky EDR Optimum to analyse the file.
Centralised management and automation features are designed to streamline response efforts. For example, cybersecurity specialists can create Indicators of Compromise, which indicate a system has been breached, and schedule automatic scans of endpoints for a malicious object.
For companies that want to deploy the Kaspersky Security Center management console quickly and cost-efficiently and reduce maintenance tasks, they can now do so by deploying it to the cloud, though an on-premise deployment is also available.
Kaspersky has also hardened Kaspersky Endpoint Security protection for Linux endpoints. Users now benefit from network and web threat protection, and data protection device control, which allows rules for transferring data to other devices.
Article sponsored by Kaspersky.