Kaspersky EDR Expert

Score8.4 out of 10

13 Reviews and Ratings

What is Kaspersky EDR Expert?

Kaspersky Endpoint Detection and Response (EDR) Expert provides endpoint protection, advanced detection, threat hunting and investigation capabilities and multiple response options in a single package. It is an EDR solution for IT security teams with more mature incident response processes, enabling them to hunt, prioritize, investigate and neutralize complex threats and APT-like attacks.

Key features

Advanced detection, including methods based on machine learning
Indicator of Compromise (IoC), Indicator of Attack (IoA) and Sandbox detection
Monitoring and visualization with drill-down capability
Guided investigation
Centralized telemetry storage
Threat hunting capabilities
MITRE ATT&CK mapping
Multiple response options
Access to Kaspersky Threat Intelligence Portal
Single cloud or on-prem console

Kaspersky also describes what they believe are the product's key benefits, and differentiators:

Benefits

Single agent with next-gen endpoint security (EPP)
Provides tools for defending against complex and advanced threats
Allows for proactive threat hunting, not only reacting to incidents
Deep investigation helps prevent similar incidents in the future
Several response options, automation and customization to best fit the cybersecurity team
Reduces required cybersecurity resources through guidance and automation
Simple way to upgrade to Native XDR

DIfferentiators

Includes next-gen endpoint security (EPP)
Guided investigation helps analyze threats quickly and learn on the job
Proprietary Indicators of Attack
Sandbox with capability to use customer-defined images (on a select range of OS)
Threat Intelligence
API to send gathered telemetry to third-party systems
Supports both cloud and on-premise deployments