Kaspersky Endpoint Detection and Response Optimum Reviews

I am using Kaspersky Endpoint Detection and Response Optimum as an endpoint solution to protect our desktops and endpoint devices.

It protects against malware and secures the network. The EDR has the ability to block abnormal behavior. Behavior analysis will block and audit to do forensic analysis in case of threats. It fulfills security and protection requirements against newly discovered malware, especially ransomware attacks. It includes Managed Detection and Response for monitoring and alerting against abnormal behaviors with centralized reporting.

I use Kaspersky to monitor parameters, the device, and users. I modify the web filter and device controls to manage the web and device components according to business needs.

The most advantageous aspect is tracking and taking action automatically. It monitors vulnerabilities and takes action, such as blocking USB or devices from the network, to avoid vulnerabilities or ransomware. I use Kaspersky to protect the domain and the network, allowing or denying web categories according to business needs.

Kaspersky Endpoint Detection and Response Optimum are used for extensive endpoint detection and response. It can take action if there's any attack on the system and use its cloud console to isolate any network which is being compromised and provides the root-cause analysis of it.

The solution is on a cloud and it is Kaspersky's own cloud, it is a subscription-type service.

One of the most valuable features of Kaspersky Endpoint Detection and Response Optimum is its cloud console allows users to remotely isolate a single computer from a network in the event of an attack, enabling them to perform root cause analysis without disrupting the entire network. This is particularly useful for organizations that may not have expert resources for endpoint detection and response.

I recently conducted a demo for a client.

The customer's environment had 350+ endpoints and Kaspersky Business Select was in use. They needed something efficient enough for their environment to detect and respond to critical ransomware attacks. The most critical part for the customer was how it will isolate a single PC from the environment remotely and how it will help get the root cause analysis without having to worry about the virus penetration in the network? 

I suggested Kaspersky EDR-Optimum along with the existing Kaspersky Business Select solution to get a better and comprehensive view of network attacks and get more control in case of a cyber attack. The customer was quite satisfied with the product in the demo and is now a happy customer of Kaspersky EDR-Optimum.

Since the deployment of the solutions, the organization has been proactive in its IT operations and has tackled quite a few critical scenarios since the solution has been operational.

The IT team now responds to threats and it has changed the IT security workflow. Instead of having to wait for alerts, the IT security team can actively hunt for threats by proactively scanning endpoints to spot anomalies and security breaches.

Moreover, the automated threat identification and response helps them to utilize their time effectively and respond to threats without downtime and disruption of the business operations.

We use the solution as an endpoint protection in HR, finance, accounting, etc. 

The product is lightweight and does not slow down the PC. The malware and virus detection rate is also very good. 

I have opted for Kaspersky Endpoint Detection and Response Optimum to provide comprehensive protection since EPP only relies on signatures, and it cannot safeguard our needs. In contrast, EDR offers protection against various threats, making it a more robust security solution.

The most beneficial aspect of Kaspersky Endpoint Detection and Response Optimum is its protection capabilities, followed by its device management capabilities. The ability to remotely install software is highly advantageous, making it a convenient and helpful feature.

We internally use Kaspersky Endpoint Detection and Response Optimum, which is a highly recommended solution. We leverage it for our detection data box, particularly when working with Azure.

All the features work together to provide alerts and help evaluate potential issues related to the detected threats. It's difficult to single out one feature since they all contribute to creating a normal usage profile and detecting abnormal behavior within the business infrastructure. It's a comprehensive solution.