Kaspersky Endpoint Detection and Response Reviews

My company uses the EDR functionalities of Kaspersky, which are not related to application security. Kaspersky Endpoint Detection and Response is useful for environment scanning and can be deployed on a server to scan for viruses, malware, and hardware. We also use the product for EDR integration with the SIEM solution and get logs from each device.

The most valuable feature of the solution is its centralization capability allowing everything to be done from one device, including deployment, and integrating with the domain controller to do further deployments.

There are certain shortcomings with the UI of the solution. The UI is not at all user-friendly. The product should have an easier UI.

I have experience with Kaspersky Endpoint Detection and Response for two years. I use Kaspersky Endpoint Detection and Response Version 13.

It is a stable solution.

It is a very scalable solution.

The product is used by 2,500 employees in my company.

The product is extensively used in my companies since it is very good.

We can plan to increase the number of users in our company since it is a very scalable product.

The solution's technical support is very helpful and responsive. The documentation of the product also helps a lot.

Five years ago, I used Malwarebytes.

Considering the use cases of Malwarebytes, it was used to protect two servers from ransomware. During the time when we were using Malwarebytes in my previous company, the best solution on Gartner was GravityZone. At my previous company, we chose GravityZone to protect our two servers in a small environment with around 50 employees. Due to the aforementioned reasons, there was a requirement for a small business solution. Kaspersky Endpoint Detection and Response is the best for large environments.

The initial setup of the product is complicated and requires more work and effort from the system administrator. The product should provide domain controller admin access to allow for the maintenance of the network. Every issue we face in Kaspersky Endpoint Detection and Response relates to network and system administrators.

The solution is deployed on-premises.

Steps for the deployment should be followed to configure the network and ensure that all devices are accessible on the network or the same subnet while ensuring that there are no DMZs.

Though the product is not user-friendly, I was involved in the implementation process since I am an integrator.

Yearly payments are to be made toward the licensing costs of the solution.

To those planning to use the solution, I can say that it provides various specific customization and offers many shields for protection, because of which there is a need to be specific about the resources you want to save.

If you have a SIEM solution, then you should be specific when integrating Kaspersky with that SIEM solution and the best logs.

The product is not friendly, and it's not for end users. The product is meant for engineers and security engineers owing to its complex nature.

I rate the overall tool a ten out of ten.

I use Kaspersky Endpoint Detection and Response for mobile devices and laptops. I also run it on some of my servers in the data center.

The product's biggest features are reporting and signature-based malware detection. It runs on how the machines are used in a particular environment.

The solution currently works fine for me. The only issue I face with the product is related to the area of patch management, as it is not very effective. If the patch management area can be improved in Kaspersky Endpoint Detection and Response, I need not go for another solution to take care of patch management, like a vulnerability management tool from Sophos or some similar product.

From an improvement perspective, I want to be able to use the product as a patch management tool for my endpoints since it is an area that is not working effectively for me. I am pushed to get a vulnerability management solution to manage the area of patches.

Technical support for the solution could be better because it takes a bit of time to reach out to them through our local channel partner to attend to some of the issues where we need support. It takes the support team an entire week to resolve an issue.

I have been using Kaspersky Endpoint Detection and Response for four years. I use the solution in my company as an end user.

Stability-wise, I rate the solution a nine out of ten.

I mostly operate in a Windows-based environment. The product has been able to meet my requirements, especially the ones related to the endpoints used in our organization, which have increased lately. I run ATS in different parts. I run Windows-based machines for endpoints, and I also run Exchange for emails. Scalability-wise, I rate the solution an eight or nine out of ten.

I rate the technical support a six or seven out of ten.

Neutral

The product's initial setup phase was easy. I rate the initial setup phase of the product a ten out of ten, as it was a very easy process. My company always receives help to improve certain areas from Kaspersky's partner we have in our country.

My company did seek support from a local platinum partner of Kaspersky to help our company with the initial setup phase.

I rate the product price a five on a scale of one to ten, where one is low price and ten is high price.

Previously, I had done some assessments with the EDR solutions provided by Sophos, which, in terms of price, fall under the higher side of the spectrum. I chose Kaspersky Endpoint Detection and Response since it falls under the price range that I wanted.

I rate the overall product an eight out of ten.

We use the solution to enhance malware detection and response capabilities.

The most valuable aspect of the product is its consolidated features. We can easily configure Kaspersky's anti-target attack, streamlining our security measures. The unified agent, which combines antivirus, optimal threat response, and EDR functionalities, is a significant improvement. This integration simplifies management, providing a comprehensive solution with both cloud and on-premise functionality. It ensures effective protection and swift threat response across our network.

There is room for improvement in its user interface. The web GUI needs development to make it more user-friendly and aligned with industry standards.

I have been working with Kaspersky EDR for two years.

I would rate the stability as an eight out of ten.

I would rate the scalability of the product as a seven out of ten. I would recommend Kaspersky EDR for enterprise-level businesses. Its robust functionality, including EDR use cases and versatile prevention rules, makes it particularly well-suited for larger organizations.

Kaspersky's tech support is good. We have local teams in our country, and they are proactive in hiring and sharing knowledge. They provide effective assistance for any EDR solution issues we encounter. I would rate the support as a nine out of ten.

Positive

When comparing Kaspersky EDR to other products like Fidelis Cybersecurity, Fidelis has a good user interface but tends to have issues with high CPU and RAM usage. I have heard feedback from users facing problems with Fidelis's Incident TimeLine feature. While both products have similarities, Kaspersky EDR stands out for its comprehensive functionality and effective threat response.

Setting up Kaspersky EDR can vary in complexity based on hardware. Customers might experience issues like storage or high CPU usage during installation or updates. While the initial installation is generally smooth, upgrading poses challenges, especially when transitioning between different operating systems. Careful testing is essential to prevent errors and compatibility issues caused by overwriting operating system codes.

The price for Kaspersky EDR is on the higher side, likely because of their extensive marketing efforts. However, the cost seems justified as they prioritize customer support, investing in a capable team to handle complex customer situations.

Overall, I would rate Kaspersky EDR as a seven out of ten.

The solution was good for the use cases for which I used it.

Kaspersky Endpoint Detection and Response lacks configuration options. From an improvement perspective, I would like to see the solution offer more configuration options.

I have been using Kaspersky Endpoint Detection and Response for two years. I am a customer of the solution.

Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution a nine out of ten.

Around 400 people in my organization use Kaspersky Endpoint Detection and Response.

The solution's technical support is good. I rate the technical support a ten out of ten.

Positive

I rate the solution's initial setup phase a nine on a scale of one to ten, where one is difficult and ten is easy. The initial setup of the solution was simple.

The solution is deployed on an on-premises model.

The solution's deployment phase was completed in a few days.

Only one person was required to take care of the solution's deployment phase in my company.

I rate the solution's pricing model a seven on a scale of one to ten, where one is cheap, and ten is expensive.

My company just made a single payment towards the costs related to the licensing of the solution.

I would tell those planning to use the solution that Kaspersky Endpoint Detection and Response is a good product.

I rate the overall solution a nine out of ten.

We've deployed the client at the user’s end. We provide software security.

The advanced detection features are valuable. The solution provides reports on users and their devices. We get to know whether the devices are infected. The tool has saved us time and resources. Otherwise, we have to check every PC for viruses.

Many viruses change algorithms. The product does not detect zero-day threats. Kaspersky must provide zero-day threat detection. The product must provide a detailed status of the users and their activity on the devices.

I have been using the solution for more than a year.

The tool is stable.

We have 40 to 50 clients that use the solution.

The solution is deployed on my Windows Server 2019. The initial installation is easy.

The product is cheap.

My recommendation will depend on the number of users and the features other competitors offer. We are partners. Overall, I rate the tool a seven out of ten.

I am affiliated with Kaspersky as a partner and reseller.

One of the most valuable aspects of Endpoint Detection and Response (EDR) solutions is their ability to detect and respond to spam and viruses in their early stages.

There are a few areas where I believe they could make some improvements. First, it would be beneficial if they could optimize the solution to be less resource-intensive, as it currently tends to put a heavy load on our machines and requires specialized servers for deployment. It is worth noting that they have made progress in this area, and the solution is now more manageable on standard server configurations. Enhancing user-friendliness should be a priority. Ideally, the interface should be intuitive enough that administrators and technical support teams don't require extensive training and can quickly adapt to using the solution independently. I must acknowledge that Kaspersky EDR already offers a robust set of features, especially in terms of threat detection and endpoint protection. 

I have been working with it for fourteen years.

Kaspersky offers two types of support. The standard support, which is included with the product purchase, tends to have longer response times for issue resolution. If you opt for their premium support, they provide prompt and effective assistance, ensuring quicker problem resolution.

I would say that their pricing is generally competitive and attractive. While the initial purchase cost for EDR may be relatively higher, particularly due to its advanced capabilities, it remains a cost-effective choice when compared to other established products in the same category.

I would rate it eight out of ten because there's always room for improvement in any product or service.

Kaspersky EDR has been beneficial for our organization, enhancing threat detection and response capabilities. It helps identify issues such as malware detection, unauthorized downloads, and inappropriate user permissions, enabling swift action to mitigate risks.

Kaspersky EDR offers automated response capabilities, enhancing efficiency by enabling quick investigation and response to potential threats on Android devices. It streamlines the process by automatically checking and responding to security issues, potentially improving effectiveness and reducing the need for manual intervention.

Kaspersky EDR could be improved by adding network detection capabilities to enhance convenience and security. Detecting and responding to network protocol issues, such as phishing emails or malicious downloads, can be challenging, but integrating network monitoring into EDR tools could significantly improve overall network security.

Overall, I'm satisfied with the price of Kaspersky EDR. It is widely used among our peers and has been effective in detecting and mitigating malware and ransomware threats. However, I have noticed that other EDR tools like Palo Alto EDR offer more advanced AI capabilities and broader threat coverage.

Kaspersky EDR enhances response capabilities by capturing malware or problematic websites on endpoints and providing alerts for quick action to resolve issues.

Kaspersky EDR offers features for threat hunting and vulnerability scanning on endpoints. It identifies unapplied security patches and provides a reporting tool for managing patch deployments efficiently.

Kaspersky EDR offers good integration capabilities, particularly with services like Office 365, which is beneficial for our organization. However, there might be some limitations when integrating with other tools such as NetSuite and Monday.com. Improving integration with tools like SolarWinds could enhance overall cybersecurity management. Looking ahead, prioritizing integration with cloud services would be advantageous as organizations increasingly rely on cloud-based solutions.

I would recommend Kaspersky EDR, especially for organizations operating in the China market. It is a convenient tool that provides effective security solutions, particularly helpful in addressing firewall issues commonly faced in the Chinese market. However, for companies outside of China not facing similar market restrictions, it might be good to consider other solutions as well.

Overall, I would rate Kaspersky EDR as a seven out of ten. It is a useful choice for our organization, although not perfect. It requires a certain skill set to manage security nodes effectively. However, it is relatively easy to use compared to other EDR tools, making it a safer option for less experienced users.

We use the solution to gather information on how endpoints behave and any events happening. If there's any suspicious activity on a machine, it alerts us. For investigating specific devices, we can refer back to the EDR.

The product is integrated with endpoint protection. We don't have to implement a separate technology. It provides visibility over the endpoints. 

Kaspersky Endpoint Detection and Response needs vast resources on the central node. Not all maintenance tasks are in the GUI, so we often use commands. The lack of documentation for these processes means we frequently reach out to support, open tickets, and run complex CLI commands. It's not the most straightforward process. It should also improve stability. 

I have been working with the product for three years. 

Kaspersky Endpoint Detection and Response is scalable. We have two admins using it. 

Even when we raise a support ticket, the engineers often don't provide direct answers. We have to dig into R&D and experiment; getting a resolution for a support ticket takes time.

Neutral

The tool's deployment was straightforward. It took a week to deploy. 

The tool's pricing is reasonable. 

I rate the product a six out of ten.