Kaspersky Endpoint Detection and Response Expert Reviews

We primarily use this solution for users, servers, and services that we have implemented in our company.

The most valuable features are the reports.

There are no issues with this solution. However, we would like to have better strategic information. We currently have tactical, and it's hard to make strategic decisions based on what it delivers.

In addition, we have about 600 users using this solution.

We have been using this solution for over four years. It is deployed on-premises.

I rate the technical support a six out of ten because the support depends on the type of contract we have. We have a special contract, so we just need to submit a case and get a response within 24 hours.

Our licensing costs are annual.

I rate this solution a nine out of ten.

I use the solution in my company mainly for endpoint protection and also for its XDR capabilities to deal with threat intelligence. It is used not only from the endpoint protection perspective but also from the threat intelligence aspect.

The solution's most valuable features are that it offers very strong encryption and acts as an antivirus product. It is one of the few antivirus tools that, once you discover a device remotely, you can install within the portal's central management.

I would say that Kaspersky is not too big in the cloud-related area. From an improvement perspective, it would be good if Kaspersky went big in the cloud since it would give the tool a fair chance to compete with other clouds.

I have been using Kaspersky Endpoint Detection and Response Expert for three years. The product has been used in my company for more than five years.

Stability-wise, I rate the solution a nine out of ten.

There are some basic issues in the product, some of which may not even be related to Kaspersky. The issues revolve around updates, integrations, and how the data center works.

Scalability-wise, I rate the solution a seven out of ten.

The previous client we were working with was a bank that had opened a ticket with Kaspersky some months ago, and nobody had responded. The only response from the support team is when it comes to pricing. Technical support is a little slow. I rate the technical support a five out of ten.

Neutral

The product's initial setup phase is a medium-level process. It is pretty easy to set it up, but I would say it is medium because I am not yet experienced working with it in an enterprise-level business with 10,000 or more people. I have worked with organizations with 1,000 to 5,000 people, and I can say that the setup phase is not difficult to manage. I rate the setup phase an eight out of ten.

I have clients who use on-prem services for Kaspersky Security Center, and I have clients who use Kaspersky Security Cloud. We have the ones that we manage in the cloud and the ones that we manage on-premises.

Depending on the number of endpoints we have to manage, the product can be deployed in a week.

We have different people to manage endpoints and security cloud. An average of three to four deploy the tool.

If one is cheap, ten is expensive, I rate the product’s price as a seven out of ten, especially if I compare it with CrowdStrike.

Compared to Trend Micro and CrowdStrike, Kaspersky is really big on endpoint protection and detection. Whatever an endpoint protection tool needs, Kaspersky has it all. It only lacks in the cloud area and visibility between the cloud, emails, and endpoints. When it comes to endpoint protection alone, I think it is a big tool.

The automated response capabilities improve security operations and are very useful. The tool can discover other devices in your environment that don't have antivirus. It goes the extra mile to tell you, even if you are installing an application, whether it is already outdated and if you need to update it. In terms of compliance, you can take a report from Kaspersky and switch to compliance while figuring out the devices that are most affected and the UIs that are most critical.

I would recommend the product to others since it is pretty easy to deploy and manage the setup phase while also being affordable. Mostly, if there is an SMB client who fears getting an enterprise-sized solution like CrowdStrike, they can get Kaspersky and be able to get maximum protection by just using the funds that they have.

I rate the tool a seven out of ten.

We use the solution to create a test scenario for detecting a potential threat in the network.

The solution's cybersecurity policies help us protect some extensions of the primary documents in case of a ransomware attack. Also, in case endpoint servers get compromised, it protects them. Thus, we can manage exclusive and essential extensions for systems using it.

The solution's most valuable feature is machine learning. It monitors the traffic and events to detect suspicious activity.

They should include XDR features in the solution. It would help us collect data metrics from different endpoints. Thus, we could identify the origin of the ransomware or malware attacks within the network. Also, they should include sandboxing features.

We have been using the solution for three years.

I rate the solution's stability an eight.

The solution's deployment process involves configuring the network and changing the active directory. The most challenging part here is opening specific ports and blocking or allowing certain services through firewall settings.

The solution's cost is reasonable compared to other vendors.

I suggest a cost versus-benefit analysis to others while looking for EDR and XDR solutions. Considering the advantages of Kaspersky, it offers patch and vulnerability management. It takes time to deploy initially. But once you deploy it correctly, you will get a lot of features. I rate it as an eight.

We use EDR on our Windows servers, desktops and laptops. Our use case is for security, file scanning and to prevent data loss.

The firewall options are impressive, the solution does a good job of filtering and blocking unusual traffic. It's very easy to use, easy to deploy, and easy to operate. 

No product is perfect and I think the stability could be improved a little. I'd also like to see performance improvement as the system can be heavy, slowing down our computers, and things don't always work smoothly. Performance could be improved. 

We've had a license with Kaspersky for six years. 

The solution is stable. 

The solution is scalable. We have around 700 users in the company. 

EDR is deployed from the server, it's an easy and manageable process. It's a matter of the system administrator running the profile from the server.

We have a three-year license. It was initially very reasonably priced but we are based in Pakistan and we are not doing well against the dollar so the price has increased significantly. 

I've recommended this solution to many colleagues. I think Kaspersky is a reliable and stable solution.

I rate this solution nine out of 10. 

We are using Kaspersky Endpoint Detection and Response for protecting our clients and our systems from digital threats. For example, our operating systems.

The most valuable features of Kaspersky Endpoint Detection and Response are the threat detection technologies, and activity monitoring and support tools. Additionally, the port and USB security, and antivirus are effective.

The installation process could be more streamlined.

I have been using Kaspersky Endpoint Detection and Response for approximately four years.

Kaspersky Endpoint Detection and Response is stable.

The solution is scalable. We are able to upgrade modules and we have not had any problems.

The initial setup of Kaspersky Endpoint Detection and Response is simple but the time of installation could be quicker. We set up our Kaspersky Endpoint Detection and Response server and our clients installed it on their end.

We have been satisfied with the license of the solution.

I rate Kaspersky Endpoint Detection and Response a nine out of ten.

We are using it to protect our user end. For the server-side, we are using Trend Micro.

It is easy to manage. 

The initial setup is simple. 

It is stable. 

We have local support available to us.

I could be covering more devices, for example, the XDR. If it covered more products, it would improve the XDR.

I've been using the solution for three to four years. 

It is stable and reliable. 

We are not facing any major issues regarding the protection of the endpoints. There are no bugs or glitches. It doesn't crash or freeze.

Around 2,000 people use the solution. We do not plan to increase usage.

We have a local company here in Pakistan that we get support from.

We also use Trend Micro.

The initial implementation process is easy and very straightforward. It's not overly complex. It only takes one to two days to handle the complete deployment.

I'm not sure about how the licensing works. It may be per user. I'm not certain. 

I'm not sure which version of the solution we're using. I don't have that information. 

I'm not directly using this Kaspersky solution. The other team is managing the solution, and that's why I don't have much personal experience. I do not manage it directly.

I'd recommend the solution to other users and companies. 

I'd rate the product seven out of ten.

We use this solution mainly for protection, but we also have another solution we use for this.

The content filtering options are good.

It consumes many system resources, and there should be more EDR details.

We have been using this solution for one year, and we are using the new version. It is deployed on-premises.

The solution is stable. Regarding detection, sometimes it consumes a lot of system resources.

It is scalable. We have not scaled it yet, but our customers use Kaspersky Endpoint Detection and Response, and they have not had any issues scaling.

We have not needed technical support. Instead, we deal with our cases and use Google to solve our problems.

We prefer CrowdStrike to Kaspersky.

It is not easy to set up. I believe the cloud version is easier to implement. We only deployed it on three computers, which didn't take much time. It was a bit of a struggle.

It is cheap compared to CrowdStrike. It costs $20 per user.

I rate this solution a seven out of ten. Regarding advice, Kaspersky should work with a signature-less solution only because it's better and does not consume too many system resources. They should not use indicators because some new next-generation antivirus vendors are currently not using IOCs. Instead, they use IOA, which is better. In addition, Kaspersky could be GDPR compliant.

Clients are using this product to protect their desktops and laptops and to respond adequately when some vulnerabilities are detected as exploited.

We like the automated change of policies, given some scenarios. It is wonderful. You can rely upon your automated policies being activated if you need to. If you are under attack, or maybe some ransomware is spreading across your network, and you want your endpoints to become more secure given that threat, you get good protection. It's maybe the most important feature of Kaspersky Endpoint Detection and Response.

It's easy to set up. 

The solution is scalable.

It's easy to manage and monitor the endpoints. 

I would like better integration with other products. For example, I would like to have another view in SolarWinds or Datadog. Integration is not easy. I'd like it to be simplified. 

We do not need any additional features. 

The business plan maybe could be improved. They need to change the way they sell the product. They could be better friends with their partners. A partner is not somebody who sells this product. It is usually somebody who manages this product for the end user or the end company that is predicting the assets. The role that a partner plays in this interaction is very important. They need to work to build that relationship to benefit the solution and the client. They should also offer better margins.

We've been dealing with the solution since 2019. It's been around three years. 

It is a very stable solution. The most important thing about stability is not if the product runs or stops running, it is the time window you need to be prepared for new threats. They offer good protection, which makes the product very stable. Kaspersky's usually the first in distributing the indicators of compromise of the newest threats.

The solution can scale well.  It is easy to deploy and manage a large number of endpoints running just a few tasks. You are very aware of what is happening with the threats in your institution. There's a lot of visibility.

Technical support can be improved. When you need support, when you call for support, and you present the evidence in a ticket, they always come back with more questions. They ask you for more evidence, and you have to go and collect it. You get to a point where you want to say, "Oh, just forget it, I don't need more support from you. You always ask me for more, more, more data." 

I would like to see a solution. I don't want to do all of this legwork and not get any help. 

Neutral

The console is very easy. The deployment is easy as well. If you have an active directory or something like that, or if you have previously installed the Kaspersky network agent, it's quite simple. If not, even if you don't have any of those, maybe if you have some software policy to deploy over your assets, it should also be easy. Otherwise, you have to go endpoint by endpoint running the agents. That can take time.

The maintenance is pretty straightforward. If I have 5,000 endpoints, I need one engineer to handle the console installation for, maybe a week's worth of work. The endpoints could take two or three people to deploy in the company. If you can centralize the deployment, it will only take two or three days for one engineer to handle the setup.

I don't have any details in regard to ROI. 

We are a partner of Kaspersky.

We always work with the latest version of the solution.

It's a wonderful product if you have a proper partner to handle it. If you let the product run by itself, by itself, it won't protect you. You need someone on this product with a hand on it every day, checking policies and seeing how it works. That's the only way to be protected from threats.

I'd rate the solution nine out of ten.