Kaspersky Lab now offers managed detection and response (MDR) solutions to SMEs in the global market. The company also introduces optimum security framework, which addresses integrated security requirements of enterprises & organizations
Striking a major solution diversification, Kaspersky Lab now offers managed detection and response (MDR) solutions to SMEs (small and medium enterprises) the world over. Earlier, this solution was aimed at large enterprises only. Also, the company has also introduced optimum security framework, which addresses integrated security requirements of enterprises & organizations.
Detecting and responding to sophisticated attacks requires specific expertise, while internal training or hiring additional experts may not always fit into the cybersecurity budget. A lack of resources can lead to untimely responses to incidents and, as a result, increase the losses of the organization. According to a Kaspersky report, for enterprises, the average cost of a data breach rises by more than $400k depending on whether a breach is discovered almost instantly or beyond seven days.
“Effective threat protection is always a set of measures that must be well coordinated with each other, easy to manage and meet the needs of customers. Frameworks work just like that. Another advantage is that, unlike one specific solution, they offer a cybersecurity roadmap for the company, assuring the transition from one IT security maturity level to another when the time comes. Thus, in the case of MDR, at a more basic level of information security development, a company can receive a fully automated service. And when the expertise of its specialists grows, switch to the expert level and get involved in the threat hunting and investigation,” explains Dmitry Aleshin, VP, Product Marketing, Kaspersky Lab.
Targeted towards such organizations, Kaspersky MDR provides major benefits of an outsourced security operations center (SOC) and does not require specialized threat hunting and incident analysis skills from internal teams, which can be especially relevant for mid-size businesses. The service is complemented by detection technologies as well as extensive expertise in threat hunting and incident response from professional units including the Global Research & Analysis Team (GReAT). It is also empowered with AI Analyst that enables automatic alert resolution and allows Kaspersky SOC analysts to concentrate on the most important alerts.
The service integrates several components. Kaspersky products such as, for example, endpoint protection or EDR, send their telemetry to the Kaspersky Security Network . This telemetry is then analyzed in the internal Kaspersky security operations center using more than 700constantly updated proprietary TTP-based ‘hunts’ tailored to the customer’s environment along with various detection engines. Since alerts are collected from all endpoints, this allows the system to detect links of one attack chain on various machines. All detections are further validated and prioritized by Kaspersky’s threat hunting team to ensure a timely response. After investigation, customers receive incident alerts and a comprehensive guide to incident response in the dedicated MDR portal. Response options can then be initiated through an endpoint detection and response (EDR) agent. Customers can also combine MDR with Kaspersky’s Incident Response retainer to completely outsource incident investigation, forensics and elimination.
While, Kaspersky optimum security framework enhances security against new, unknown and evasive threats by helping medium-sized businesses and smaller enterprises with limited cybersecurity resources to build incident response. The framework provides advanced detection mechanisms with machine learning-based algorithms and a sandbox, as well as enhanced threat visibility, root cause analysis capabilities and a wide array of response actions. The framework also suggests security awareness training programs to help organizations build a cybersafe employee culture.
Qaisar
