What advice do you have for others considering Kaspersky Anti-Targeted Attack Platform?

I recommend the tool for enterprise customers. Previously, carry, like only antivirus products, was used by many. If you want to upsell a product, then you need to go with EDR and Kaspersky Anti-Targeted Attack Platform. The Kaspersky threat intelligence capability is good because it has many customers worldwide. I see that Kaspersky software can be used to monitor a lot of new technologies. New features in Kaspersky improve efficiency. The tool uses a lot of CPU memory, which I think is very good. I think the tool is good enough with AI, especially for suggestions on what kind of methods are to be used in a certain framework and for analysis. In terms of how customizable the tool's AI sensitivity is to our company's customers, I would say that there are areas in the tool that can be a little bit difficult to customize. In my company, we are still trying to learn about the more advanced customization areas. I recommend the tool to others, except the financial industry. I rate the tool an eight out of ten.

The Kaspersky Anti-Targeted Attack Platform is designed to detect various attacks, such as Mitraframe, and provide alerts for each attack technique and procedure. It also offers alerts for potential threats and conducts thorough analyses through its sandbox environment, which isolates and executes malware or unknown files within virtual machines. This allows for real-time threat detection and feedback on potential threats. The platform is a SOC tool and thus requires skilled resources for effective operation, as it involves both automation and manual understanding of attack scales. Third-party intelligence integration enriches the alert system but may lead to occasional false positives, which can be fine-tuned through exclusion options and custom rule creation. The platform offers extensive customization options, allowing users to create rules specific to file detection or PowerShell activities. It provides visibility into telemetry data, enabling comprehensive monitoring of environmental activities. Integration with frameworks like Mitraframe helps tailor policies and rules to suit specific environments. The platform competes with products like FireEye, Snowflake, and Trend Micro. Integration between Kaspersky and other products is seamless, allowing unified threat detection. It is a solid choice for enterprises seeking advanced threat detection capabilities in the Middle East. Overall, I rate the solution eight out of ten.

We can benefit from all the features provided by the product. The tool provides email security and sandboxing features, which are the most important features of any SOC environment. It also provides the proxy feature for network traffic. It is an all-in-one solution for any organization, whether they need email security, web proxy, sandboxing, or EDR. I would recommend the tool to any small or big organization. Overall, I rate the product a seven out of ten.

I would rate the Kaspersky Anti-Targeted Attack Platform a five out of ten.

We have a separate team for Check Point. There is another team in our same company, which is just another subsidiary company. They do actually have Kaspersky. There is no internal competition as such because we have a set of customers, and they have a set of customers, but I come across some proposals all the time. Just because of pricing, at times, I used to lose my daily deals. In Sri Lanka, they recently had more than 5,000 node requirements. Kaspersky was the cheapest quotation, so they went ahead with that. Harmony was very expensive in Sri Lanka. With pricing and package-wise pricing, if Kaspersky can play some trick, that's what I really want to be improved. With regards to pricing, some customers claim if the price of Kaspersky is like this, then they would have bought Harmony. I don't mind them buying Harmony. Since Kaspersky's price is very high, most of the time, the aforementioned event happens here. I have been improving my knowledge about Check Point Harmony and Harmony Connect SASE Solution. That will improve more with the training programs we have here. In some of the places I have come across, even though they use Kaspersky, the ransomware enters their system. So, that means it is not a good solution. I have heard those stories. However, with Check Point Harmony, I haven't received a single complaint from my customers. Customers say that Kaspersky is not capable of preventing ransomware attacks. I rate the overall solution a six out of ten.

I recommend involving an integrator with expertise in Kaspersky Anti-Targeted Attack Platform for integration or deployment. This is an extended support option, but it will cost an additional budget. It is my only recommendation for complex environments, big companies, or companies with a limited IT team. For simple networks, integration is straightforward. If the company does not have expertise in working with the output of expert systems like KATA, they should consider outsourcing this capability. It is expensive to create this expertise from scratch. Overall, I rate the solution an eight out of ten.