Kaspersky Endpoint Detection and Response Expert is a comprehensive cybersecurity solution designed to detect and respond to advanced threats in real time. It combines advanced threat intelligence, machine learning algorithms, and behavioral analysis to provide proactive protection against sophisticated attacks.
The most valuable features of Kaspersky Endpoint Detection and Response Expert include machine learning for monitoring traffic and detecting suspicious activity, a sandbox tool for securely opening and reviewing documents, fast and stable performance, good threat-blocking capabilities, excellent technical support, scalability, decent pricing, and impressive firewall options for filtering and blocking unusual traffic.
The solution is praised for its ease of use and deployment, good security and performance, encryption for secure mail delivery, behavior detection and firmware scanning for threat prevention, real-time protection, vulnerability reporting, system-level device control, threat intelligence portal, SQL database for flexibility and control, powerful detection engine, integration with external SIM solutions, and the simplicity of the console.
The product offers high-end security for financial institutions, automated change of policies for increased security, reliable detection of cyber attacks, web and DNS protection, non-intrusive background operation, and endpoint management.
Improvements that can be made to Kaspersky Endpoint Detection and Response Expert include:
1. The approach, technology, performance, and impact on protected systems should be addressed for a more lightweight and cloud-based alternative.
2. XDR features should be included to collect data metrics from different endpoints and identify the origin of attacks within the network.
3. The solution should offer more support in Spanish and improve user accessibility to features.
4. More frequent updates should be released, and scalability should be improved.
5. Behavior detection should be enhanced to reduce false positives and better integrate with other solutions.
6. The solution should provide complete security coverage and offer features like device control and extended retention periods.
7. The installation process should be streamlined, and hardware requirements should be reduced.
8. The interfacing for remote endpoints should be improved for smoother operation and better analysis.
9. The solution should focus on a completely cloud-based approach and adopt modern behavioral analysis tools.
10. Automatic response and EDR details should be improved.
11. DLP features that should be included to make the solution more comprehensive.
12. OS support could be expanded to include other operating systems like MacOS.
13. Documentation that should be simplified and improved, and better training and certification opportunities should be provided.
14. Integration with other products should be made easier, and the business plan and partner relationships should be improved.
15. Strategic information and decision-making capabilities should be enhanced.
16. License prices should be lowered, and technical support should be more timely.
17. Additional protection features should be added, such as examining suspicious files.
18. Continuous improvement in security and adding new security files is necessary.
19. The solution should be easier to install and require fewer reinstalls and patches.
20. Coverage that should be expanded to include more devices and products, such as XDR.
The solution has been effective for users, resulting in a positive return on investment. The amount of ROI may vary depending on the presence of IT or security users within the company.
Kaspersky Endpoint Detection and Response Expert presents a transparent pricing model devoid of setup costs, facilitating a seamless integration process. Typically, pricing is structured around a per-endpoint subscription, providing flexibility for businesses to align expenses with their requirements. Costs vary based on the number of endpoints, accommodating both small-scale operations and large enterprises.
The primary use case of Kaspersky Endpoint Detection and Response Expert is for security purposes, specifically to protect endpoints from various threats such as hacking, malware, phishing, and viruses. It is used to centrally manage all endpoints on the network and communicate data across them.
Some users also use it to create test scenarios for detecting potential threats, scan publicly-hosted servers, and ensure secure access to endpoints by authorized users. Additionally, it is used for behavior detection, policy management, assessments, patch fixings, and end user data protection.
The solution is deployed on both cloud and on-premises environments, and it is considered a targeted solution that collects telemetry and forensics data without the use of signatures.
Customer service and support for Kaspersky is mixed. Some users have had positive experiences, describing the support as reactive, experienced, effective, and knowledgeable. They have found the support staff to be professional and have appreciated the good documentation provided. However, there are also negative reviews with users expressing dissatisfaction with the support. Some have mentioned long response times and delays, especially with standard support, prompting the need to purchase premium support for quicker assistance.
The initial setup for Kaspersky Endpoint Detection and Response Expert can vary in complexity and duration. Some users found it to be complex, requiring the assistance of Kaspersky engineers and taking up to two weeks with multiple engineers involved. Others mentioned that the setup process involved configuring the network, changing the active directory, and opening specific ports, making it challenging.
However, there were also users who found the setup to be straightforward and easy, taking only a day or even an hour or two.
The ease of setup depends on factors such as the size of the network, level of preparation, and prior experience with the solution.
Kaspersky Endpoint Detection and Response Expert is considered to be scalable by the majority of users. They rate the scalability of the solution highly. It is, however, recommended for small to medium businesses, while larger enterprises may opt for cloud-based or next-gen solutions.
Kaspersky Endpoint Detection and Response Expert is highly regarded for its stability. Users consistently rate it as stable, reliable, and without any bugs or glitches. They have not experienced any crashes or freezes with the solution.
With its centralized management console, security teams can easily monitor and investigate incidents, while automated response capabilities enable quick remediation. This solution offers deep visibility into endpoint activities, allowing organizations to identify and mitigate potential risks effectively. Kaspersky Endpoint Detection and Response Expert is a powerful tool for enhancing the overall security posture of businesses, ensuring the protection of critical assets and sensitive data.
Kaspersky Endpoint Detection and Response Expert was previously known as Kaspersky EDR.
Ferrari, Insolar, Tael, Republic of Serbia