Security giant Kaspersky Lab has introduced Kaspersky Threat Management and Defense, a solution aimed at bringing visibility back to enterprise networks and reducing incident response times.
According to the company, digital transformation is blurring protection perimeters and alerting businesses to complex threats already within their networks. A recent study called 'IT Security Risks survey 2017' conducted by B2B International in conjunction with Kaspersky Lab, revealed that 48% of enterprises believe their organisation may already have been hacked.
"Targeted attacks can penetrate an organisation's critical systems and stay unnoticed for years, causing irreparable damage in the process. Separate symptoms can be misleading and only an all-around examination provides an accurate diagnosis," the company says.
A three-pronged approach
Alessio Aceti, head of the Enterprise Business division at Kaspersky Lab, says as the war against sophisticated and well-funded hackers and cyber criminals rages on, enterprises need an integrated approach to complex threat detection and response.
The new solution employs a set of technologies for the detection of previously unknown threats and targeted attacks, correlating different indicators of compromise in the network that are likely connected to a single operation, to help businesses discover even the most complex attacks, Kaspersky adds.
The product also makes use of machine learning threat analysis and correlation algorithms, advanced sandbox technology and network traffic analysis, aimed at improving accuracy of detection.
The slower a business responds to an attack, the more devastating the consequences, and the more expensive it is for the organisation to recover. "Enterprises have to change how they react. Kaspersky EDR, a feature of the new platform, allows companies to speed up their incident response process and improve the quality of cyber security incident investigation."
Moreover, Kaspersky EDR brings increased visibility through the aggregation and visualisation of key digital forensics data collected from endpoints - which will be available irrespective of the techniques attackers use to try and obfuscate their tracks.
"Full visibility and accurate detection are only two parts of the battle. The nature of targeted attacks means attackers will come back with new tools and techniques. If an emergency occurs, the cyber security team might need a trusted partner with the relevant skills and experience," says Kaspersky.
For this reason, the company has also included several rapid incident recovery tools into its platform, that handle the proactive assessment and rectifying of damage, as well as a full, outsourced threat hunting service.
The platform and any of its components is available in South Africa as of 22 February 2018.
Share