Customized MDR for SMEs 

3 April 2021
| No comments
Customized MDR for SMEs

Share post

Customized cybersecurity with Managed Detection and Response (MDR): Kaspersky presents modules for large and small companies. 

Kaspersky Managed Detection and Response (MDR) is now officially available not only for large companies, but also for medium-sized companies with different levels of maturity and need for IT security. A selection of frameworks combines different sets of security solutions and services in order to offer comprehensive protection against all types of threats. Companies of all sizes receive tailored, comprehensive protection against cyber attacks, while it helps IT security teams to save resources for analyzing, investigating and responding to threats.

Response to complex attacks

Detecting and reacting to complex attacks requires specific specialist knowledge. However, internal training or the recruitment of additional experts are often not included in the cybersecurity budget of companies. However, such a lack of resources carries the risk of not being up-to-date on how to respond to security incidents, which in turn can lead to increased operational losses. According to a Kaspersky report, the average cost of a data breach if it is not discovered immediately but a week later for large companies increases by more than $ 400.000.

Managed EDR for SMEs

Kaspersky Managed Detection and Response is aimed at companies that lack the necessary resources and offers all the main advantages of an outsourced Security Operations Center (SOC). No special skills of the internal teams for threat detection and incident analysis are required, which is particularly relevant for medium-sized companies. The service is complemented by detection technologies and extensive expertise in threat hunting and incident response from professional departments such as the Global Research & Analysis Team (GReAT). In addition, the service is equipped with the AI ​​Analyst solution, which automatically evaluates attacks and enables Kaspersky SOC analysts to focus on the most important warning signals regarding current compromises.

MDR even with difficult-to-identify threats

The combination of technology and know-how provides customers with protection against threats that cannot be detected, such as by imitating legitimate programs. IT security experts are able to view the protection status of all assets and threat detections in real time, receive prepared reaction recommendations or can authorize managed reaction scenarios.

The service integrates several components. Kaspersky products such as Endpoint Telemetry are analyzed in the internal Kaspersky Security Operations Center [3] using more than 700 constantly updated, proprietary TTP-based "hunts" tailored to the customer's environment and various detection engines. Since warning messages are collected on all endpoints, the system can thus identify individual links in an attack chain on different computers. All identified attacks are further validated and prioritized by the Kaspersky Threat Hunting Team to ensure a timely response. After investigation, customers receive incident alerts and comprehensive guidance on how to respond to an attack in the dedicated MDR portal. Response options can then be initiated via an Endpoint Detection and Response (EDR) agent. It is also possible to combine MDR with Kaspersky's Incident Response Retainer to fully outsource incident investigation, forensics and remediation.

Turnkey protection solution

Kaspersky MDR Optimum offers turnkey protection, while Kaspersky MDR Expert enables contact with the manufacturer's SOC analysts - who are OSCP, GCTI, SANS SEC560, SANS SEC660 certified and trained. The latter also offers consulting services, access to the Kaspersky Threat Intelligence Portal and an API for integration into existing security workflows.

Multiple frameworks for different needs

Kaspersky is also introducing new frameworks that meet business needs in terms of threat prevention and IT security maturity. Kaspersky MDR supports any framework and thus enables an immediate optimization of the IT security function, while trained IT security teams can concentrate on reacting to the delivered critical results.

Kaspersky Security Foundations provides adaptive protection against broader threat landscapes targeting customer endpoints, mobile devices, cloud infrastructure and servers. This solution helps companies increase the value of their security investments by automatically preventing threats. Professional help is always available when needed and is provided as premium support in the newly designed Professional Services portfolio.

Optimal Security Framework

The Kaspersky Optimum Security Framework increases security against new, unknown and difficult-to-detect threats and helps medium-sized and small companies with limited cybersecurity resources to develop incident response concepts. The framework offers advanced detection mechanisms with machine learning-based algorithms and a sandbox. In addition, it enables improved visibility of threats, functions for root cause analysis and offers a wide range of response measures. The framework also suggests security awareness training programs to help companies build a cyber-secure employee culture.

Core: Anti Targeted Attack Platform

The Kaspersky Expert Security Framework is a holistic strategy that gives internal experts the tools they need, informs and guides them to counter the entire spectrum of today's complex threats, including APT-like and targeted attacks. The Kaspersky Anti Targeted Attack Platform with Kaspersky EDR as its core acts as an Extended Detection and Response (XDR) solution and offers comprehensive APT protection with functions for detecting network threats and EDR. IT security specialists are thus equipped with all the technologies they need for multidimensional threat detection. This enables them - with a single solution - to conduct effective investigations at both the endpoint and network level, proactively identify threats and react quickly and centrally. In addition, the framework provides Kaspersky Threat Intelligence and training for the further education of IT security staff as well as the possibility of getting help from Kaspersky experts, immediate support and the opinion of third parties via the portfolio of cybersecurity services.

Enterprise cybersecurity roadmap

"Effective threat protection is always a bundle of measures that must be well coordinated, easy to manage and tailored to the needs of customers," explains Christian Milde, Managing Director DACH at Kaspersky. “Frameworks work exactly on this principle. Another advantage is that, as opposed to a specific solution, they provide a cybersecurity roadmap for the business, ensuring the transition from one IT security maturity level to another when required. This gives organizations a fully automated service regarding MDR at a more fundamental level of information security development. As soon as the expertise of internal specialists has reached an appropriate level, they can also participate as experts in the hunt for threats and create constructive analyses.”

More on this at Kaspersky.com

 

About Kaspersky

Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/

 

Matching articles on the topic

Risk: High API growth without sufficient IT security 

A study shows that nine out of ten decision makers know that APIs are a Trojan horse for cyberattacks - but the ➡ Read more

Major hack at Dropbox Sign

Sign, the Dropbox service for legally binding electronic signatures on contracts and the like, must report a cyberattack. E-mail addresses, user names, ➡ Read more

Cybersecurity through anomaly threat detection

Claroty's Medigate platform receives an important expansion with the Advanced Anomaly Threat Detection (ATD) module for anomaly threat detection. Obtained thereby ➡ Read more

LockBit is back: cyber attack on KJF with 17 clinics and schools 

The KJF - the headquarters of the Catholic Youth Welfare Department of the Diocese of Augsburg e. V. suffered an extensive cyber attack. The hackers around ➡ Read more

EU cybersecurity certification

With the “European Cybersecurity Scheme on Common Criteria” (EUCC), there is now a first systematic approach to certifying cybersecurity. ➡ Read more

Encrypt sensitive Microsoft 365 data

For public sector entities and systemically important utilities that fall under KRITIS guidelines, the rules for data security are repeated ➡ Read more

DORA in response to cyber attacks in the financial sector

The number of cyber attacks on the financial sector is increasing worldwide, and according to financial regulators, cyber attacks are also occurring in Germany ➡ Read more

Fatal: Managing directors consider awareness training to be unnecessary

A representative survey shows that almost half of German management consider important security awareness training to be unnecessary. This evaluation reveals ➡ Read more

Kaspersky, PR News
, , , , ,