Customized MDR for SMEs 

3 April 2021
| No comments
Customized MDR for SMEs

Share post

Customized cybersecurity with Managed Detection and Response (MDR): Kaspersky presents modules for large and small companies. 

Kaspersky Managed Detection and Response (MDR) is now officially available not only for large companies, but also for medium-sized companies with different levels of maturity and need for IT security. A selection of frameworks combines different sets of security solutions and services in order to offer comprehensive protection against all types of threats. Companies of all sizes receive tailored, comprehensive protection against cyber attacks, while it helps IT security teams to save resources for analyzing, investigating and responding to threats.

Response to complex attacks

Detecting and reacting to complex attacks requires specific specialist knowledge. However, internal training or the recruitment of additional experts are often not included in the cybersecurity budget of companies. However, such a lack of resources carries the risk of not being up-to-date on how to respond to security incidents, which in turn can lead to increased operational losses. According to a Kaspersky report, the average cost of a data breach if it is not discovered immediately but a week later for large companies increases by more than $ 400.000.

Managed EDR for SMEs

Kaspersky Managed Detection and Response is aimed at companies that lack the necessary resources and offers all the main advantages of an outsourced Security Operations Center (SOC). No special skills of the internal teams for threat detection and incident analysis are required, which is particularly relevant for medium-sized companies. The service is complemented by detection technologies and extensive expertise in threat hunting and incident response from professional departments such as the Global Research & Analysis Team (GReAT). In addition, the service is equipped with the AI ​​Analyst solution, which automatically evaluates attacks and enables Kaspersky SOC analysts to focus on the most important warning signals regarding current compromises.

MDR even with difficult-to-identify threats

The combination of technology and know-how provides customers with protection against threats that cannot be detected, such as by imitating legitimate programs. IT security experts are able to view the protection status of all assets and threat detections in real time, receive prepared reaction recommendations or can authorize managed reaction scenarios.

The service integrates several components. Kaspersky products such as Endpoint Telemetry are analyzed in the internal Kaspersky Security Operations Center [3] using more than 700 constantly updated, proprietary TTP-based "hunts" tailored to the customer's environment and various detection engines. Since warning messages are collected on all endpoints, the system can thus identify individual links in an attack chain on different computers. All identified attacks are further validated and prioritized by the Kaspersky Threat Hunting Team to ensure a timely response. After investigation, customers receive incident alerts and comprehensive guidance on how to respond to an attack in the dedicated MDR portal. Response options can then be initiated via an Endpoint Detection and Response (EDR) agent. It is also possible to combine MDR with Kaspersky's Incident Response Retainer to fully outsource incident investigation, forensics and remediation.

Turnkey protection solution

Kaspersky MDR Optimum offers turnkey protection, while Kaspersky MDR Expert enables contact with the manufacturer's SOC analysts - who are OSCP, GCTI, SANS SEC560, SANS SEC660 certified and trained. The latter also offers consulting services, access to the Kaspersky Threat Intelligence Portal and an API for integration into existing security workflows.

Multiple frameworks for different needs

Kaspersky is also introducing new frameworks that meet business needs in terms of threat prevention and IT security maturity. Kaspersky MDR supports any framework and thus enables an immediate optimization of the IT security function, while trained IT security teams can concentrate on reacting to the delivered critical results.

Kaspersky Security Foundations provides adaptive protection against broader threat landscapes targeting customer endpoints, mobile devices, cloud infrastructure and servers. This solution helps companies increase the value of their security investments by automatically preventing threats. Professional help is always available when needed and is provided as premium support in the newly designed Professional Services portfolio.

Optimal Security Framework

The Kaspersky Optimum Security Framework increases security against new, unknown and difficult-to-detect threats and helps medium-sized and small companies with limited cybersecurity resources to develop incident response concepts. The framework offers advanced detection mechanisms with machine learning-based algorithms and a sandbox. In addition, it enables improved visibility of threats, functions for root cause analysis and offers a wide range of response measures. The framework also suggests security awareness training programs to help companies build a cyber-secure employee culture.

Core: Anti Targeted Attack Platform

The Kaspersky Expert Security Framework is a holistic strategy that gives internal experts the tools they need, informs and guides them to counter the entire spectrum of today's complex threats, including APT-like and targeted attacks. The Kaspersky Anti Targeted Attack Platform with Kaspersky EDR as its core acts as an Extended Detection and Response (XDR) solution and offers comprehensive APT protection with functions for detecting network threats and EDR. IT security specialists are thus equipped with all the technologies they need for multidimensional threat detection. This enables them - with a single solution - to conduct effective investigations at both the endpoint and network level, proactively identify threats and react quickly and centrally. In addition, the framework provides Kaspersky Threat Intelligence and training for the further education of IT security staff as well as the possibility of getting help from Kaspersky experts, immediate support and the opinion of third parties via the portfolio of cybersecurity services.

Enterprise cybersecurity roadmap

"Effective threat protection is always a bundle of measures that must be well coordinated, easy to manage and tailored to the needs of customers," explains Christian Milde, Managing Director DACH at Kaspersky. “Frameworks work exactly on this principle. Another advantage is that, as opposed to a specific solution, they provide a cybersecurity roadmap for the business, ensuring the transition from one IT security maturity level to another when required. This gives organizations a fully automated service regarding MDR at a more fundamental level of information security development. As soon as the expertise of internal specialists has reached an appropriate level, they can also participate as experts in the hunt for threats and create constructive analyses.”

More on this at Kaspersky.com

 

About Kaspersky

Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/

 

Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

DSPM product suite for Zero Trust Data Security

Data Security Posture Management – ​​DSPM for short – is crucial for companies to ensure cyber resilience against the multitude ➡ Read more

Kaspersky, PR News
, , , , ,