Cisco Threat Response automates integrations across select Cisco Security products and accelerates key security operations functions: detection, investigation, and remediation. Threat Response integrates threat intelligence from Cisco Talos and third-party sources, which adds context from integrated Cisco Security products automatically so you know instantly which of your systems was targeted and how.
N/A
Kaspersky EDR Optimum
Score 9.1 out of 10
Mid-Size Companies (51-1,000 employees)
Kaspersky Endpoint Detection and Response (EDR) Optimum helps identify, analyze and neutralize evasive threats by providing easy-to-use advanced detection, simplified investigation and automated response. It is a basic EDR tool for mid-market organizations who are just starting to build their incident response processes.
$14.50
per year on a 3 year license (Pricing is for a 3-year commitment, calculated per year). 1 and 2 year licenses also available. per endpoint
Pricing
Cisco SecureX
Kaspersky EDR Optimum
Editions & Modules
No answers on this topic
Kaspersky EDR Optimum
$14.50
per year on a 3 year license (Pricing is for a 3-year commitment, calculated per year). 1 and 2 year licenses also available. per endpoint
It's well suited with any security operation center. So if someone is doing anything with security, whether it be firewalling, endpoint security whether it be email security, it's certainly suited to any type of security that can roll up security events. So this is a single pane of glass where you can view all your security events. So what it's doing is it's taking all your security silos that have historically been very difficult to manage and it's rolling everything up into one dashboard, so it makes it much easier to manage.
I’m convinced that the key is guaranteeing the 100% of coverage, with the best configuration possible and without pain or hit at resource consumption and harmonies performance.I would like that the solution detecting, inventorying, and alerting about some host/device unknow or don’t register in KSC. Don’t depend on Device Detection function.
So the product enables end users to get visibility into their security environment, not only across the Cisco products but across the third-party products as well. The product also automates detection and response. So the product really offers end-user efficiency in the security operations center.
KEDR Optimum is helping to see threat kill chain formation, which helps to get clear picture of the what exactly attacker was trying to do during attack.
We are crating prevent execution rules to block the threat in our complete infra.
Ioc scan to validate and remove the any active threat entry from our endpoints
Of course, many companies prefer to obtain security from the cloud; however, not all of them prefer it, which is why having a local implementation would allow these companies to also use said software as their ally for their security.
Working with this software can be simple, that is, any threat can be visualized with greater precision, but when it comes to managing its orchestration, it is a bit complex.
Its integration with other software can be simple but with others it is not, that is why it would be ideal if all of them could be carried out in the same way.
Integrating with a larger number of third party software would be of great help, to further enhance the analysis and detection of threats.
At the moment and unfortunately we'll not renew our licenses, due to the Russian conflict and the company policy that has forced us to get rid of any Russian related product. Before that incident, we were very happy with the product and we did not even think once about changing it... Maybe on the future...
This item can always be improved, perhaps by pre-elaborating very long reports, such that they are built progressively so that when the user wants to consult them, the delay is minimal. It would also be interesting to have a warehouse of reports, which serves as a repository where they can be consulted whenever needed, adding AI capabilities that allow data to be linked together and improve the analysis and possible correlations of events.
A lot of the look and feel of both products is quite similar. There's several best practices on visualization that are followed in both and integration of common telemetry is comfortable and quick. But while Microsoft ATP offers deep insights into mostly the Microsoft environment and a limited view into other common sources, SecureX shines in all the non-client areas Microsoft's product seems lackluster in.
Kaspersky EDR Optimum is the evolution of Kaspersky Endpoint Bussiness, a more complete product, which runs the same software on Windows 11 and Windows Server. Now, we already use Kaspersky Sandbox on-premises, which has now been unified with KEDR as Cloud Sandbox. These improvements and unifications have made life easier for Security administrators.
It is a solution that is of great help to reduce threats and their powerful damage, thanks to its high threat identification.
Its workflow automation saves time and money, that is, it makes possible a better performance in the team that handles corporate security because it helps them with the tasks.
By unifying security solutions, it gives the advantage of reducing operating costs and greatly improving responses to threats.
Their analyzes are vital to carry out a quick remediation and thus reduce the time in which the company is under threat.
