Kaspersky has incorporated endpoint detection and response (EDR) capabilities into its Endpoint Security Cloud product. The EDR capabilities will be available in the Endpoint Security Cloud Plus tier in test mode in 2021, the company says.
Endpoint Security Cloud's EDR capabilities provide IT administrators with visibility into endpoints and the attack kill chain, Kaspersky said. In doing so, they can help these admins identify and mitigate security incidents.
How Can IT Administrators Use Endpoint Security Cloud's EDR Capabilities?
IT administrators can leverage Endpoint Security Cloud's EDR capabilities to automate protection across their organizations' endpoints, Kaspersky indicated. The capabilities ensure that IT admins can visualize attack spread paths, infected file names and hashes and other endpoint data and access this information via the Endpoint Security Cloud online management console.
In addition, IT admins can use Endpoint Security Cloud's EDR capabilities to understand how a threat reaches an endpoint, Kaspersky noted. They can then assess endpoint information and fine-tune their organizations' security policies and implement additional protective measures as needed.
Kaspersky Upgrades Integrated Endpoint Security Offering
Along with integrating EDR capabilities into Endpoint Security Cloud, Kaspersky in June 2020 unveiled incident response capabilities for its Integrated Endpoint Security offering.
Integrated Endpoint Security allows organizations to use Kaspersky Endpoint Security for Business with Cloud Management Console, Kaspersky Endpoint Detection and Response Optimum (EDR Optimum) and Kaspersky Sandbox to access incident insights, the company said. That way, organizations can leverage Integrated Endpoint Security to speed up incident investigations and automate incident response.