Kaspersky Endpoint Detection and Response is not up to the mark compared to what I have seen from earlier products. I was using CrowdStrike, and Kaspersky Endpoint Detection and Response is not up to the mark compared to CrowdStrike and other products. Kaspersky Endpoint Detection and Response sometimes seems to allow certain files which should not be allowed on its own. I trust Kaspersky Endpoint Detection and Response to check the files, but I cannot sit and check all the files that are coming in. Kaspersky Endpoint Detection and Response has its own weaknesses. Kaspersky Endpoint Detection and Response slows the system slightly. It uses more resources than what CrowdStrike does. When any attack happens or something is happening with other products I am using, Kaspersky Endpoint Detection and Response stops certain things. However, it does not take me to the file, and it is not user-friendly.
I'm facing challenges because the local support is not up to mark, and its features are not comparable to industry-leading solutions such as CrowdStrike and Trend Micro. Kaspersky needs to improve its local support to become a better product for future releases. The local support is inadequate, and compared to Trend Micro and CrowdStrike, many features are missing in this tool regarding investigation, threat hunting, and threat intelligence. These features are not up to mark in this tool compared to other EDR solutions, and the interface is very unfriendly.
Network administrator at a comms service provider with 201-500 employees
Real User
Top 5
Oct 25, 2024
Cortex is better in the security features, yet Cortex doesn't have IT management features like Kaspersky. Kaspersky is not an XDR solution. With an XDR solution, we could gain some more time.
Kaspersky EDR could be improved by adding network detection capabilities to enhance convenience and security. Detecting and responding to network protocol issues, such as phishing emails or malicious downloads, can be challenging, but integrating network monitoring into EDR tools could significantly improve overall network security.
Many viruses change algorithms. The product does not detect zero-day threats. Kaspersky must provide zero-day threat detection. The product must provide a detailed status of the users and their activity on the devices.
Learn what your peers think about Kaspersky Endpoint Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: December 2025.
Team Lead Cybersecurity Operations at a computer software company with 11-50 employees
Reseller
Top 10
Jan 24, 2024
Kaspersky needs improvement in communication between the network and endpoint, as well as between endpoint and server. Sensors often fail to listen to the server due to communication issues resulting in multiple hurdles. Kaspersky needs to prioritize addressing this communication issue. While Kaspersky provides all the necessary functionality, there's room for improvement. Kaspersky should consider adding features to allow us to create use cases in the Sky console. If analytics don't detect anything in the Kaspersky console, the alerts must be configured in Kaspersky Sky so that they trigger when an attack is performed. This would make it easier for us to find any threats.
IT Security team leader at a healthcare company with 10,001+ employees
Real User
Dec 14, 2023
Kaspersky Endpoint Detection and Response needs vast resources on the central node. Not all maintenance tasks are in the GUI, so we often use commands. The lack of documentation for these processes means we frequently reach out to support, open tickets, and run complex CLI commands. It's not the most straightforward process. It should also improve stability.
Assistant General Manager at a financial services firm with 5,001-10,000 employees
Real User
Nov 8, 2023
My team was struggling with the reporting when we were doing an audit. The console features are a little more interactive and user-friendly. There's some issue, or maybe some fixing has to be done. I've seen the ground staff struggling a lot over there. The skill set, knowledge transfer, or training can help them to improve.
Kaspersky's support team is not that much supportive. If we need any help from them, they do not provide a good solution, and it takes too long to resolve the issue. This is the main thing because some cases are easy and need urgent resolution. However, when we create a support ticket, it takes three days to get it planned, and we have urgent requirements. So, the ticketing process needs improvement.
Kaspersky Endpoint Detection and Response lacks configuration options. From an improvement perspective, I would like to see the solution offer more configuration options.
The main issue was compatibility with the cloud itself. The CPU usage immediately spiked, causing the machines to hang and sometimes even forcing server or computer restarts. Within seconds of installing the agent, the CPU usage would become extremely high, rendering the machine practically unusable until we either manually restarted it or initiated a forced restart. We were left with no option but to uninstall the client. It was the primary issue. When the agent was installed from the cloud portal, the machine became completely unresponsive and disconnected from the network. I was quite satisfied with Kaspersky products when they were on-premises. The server was downloading the updates and signatures smoothly, and it was fully stable in our network. However, we decided to move to the cloud as we were offered better options, and there was no significant pricing difference. But unfortunately, once we moved to the cloud and deployed the agents on our clients, our clients started facing disconnection issues. We had no choice but to forcefully restart the machines. We tried seeking help from Kaspersky, but we didn't receive any assistance, which led us to switch to another product.
Kaspersky Endpoint Detection and Response provides robust malware detection, endpoint security, integration with SIEM, control of USB devices, and behavior analysis, deployed on servers, mobile devices, and laptops.
Kaspersky Endpoint Detection and Response aids organizations in scanning environments, blocking sites, handling data transfers, and offering visibility into quarantine systems. Utilizing features such as encryption, machine learning analysis, caching, and automation,...
Kaspersky Endpoint Detection and Response is not up to the mark compared to what I have seen from earlier products. I was using CrowdStrike, and Kaspersky Endpoint Detection and Response is not up to the mark compared to CrowdStrike and other products. Kaspersky Endpoint Detection and Response sometimes seems to allow certain files which should not be allowed on its own. I trust Kaspersky Endpoint Detection and Response to check the files, but I cannot sit and check all the files that are coming in. Kaspersky Endpoint Detection and Response has its own weaknesses. Kaspersky Endpoint Detection and Response slows the system slightly. It uses more resources than what CrowdStrike does. When any attack happens or something is happening with other products I am using, Kaspersky Endpoint Detection and Response stops certain things. However, it does not take me to the file, and it is not user-friendly.
I'm facing challenges because the local support is not up to mark, and its features are not comparable to industry-leading solutions such as CrowdStrike and Trend Micro. Kaspersky needs to improve its local support to become a better product for future releases. The local support is inadequate, and compared to Trend Micro and CrowdStrike, many features are missing in this tool regarding investigation, threat hunting, and threat intelligence. These features are not up to mark in this tool compared to other EDR solutions, and the interface is very unfriendly.
Cortex is better in the security features, yet Cortex doesn't have IT management features like Kaspersky. Kaspersky is not an XDR solution. With an XDR solution, we could gain some more time.
The solution must provide better security. The performance can be improved.
Kaspersky EDR could be improved by adding network detection capabilities to enhance convenience and security. Detecting and responding to network protocol issues, such as phishing emails or malicious downloads, can be challenging, but integrating network monitoring into EDR tools could significantly improve overall network security.
Many viruses change algorithms. The product does not detect zero-day threats. Kaspersky must provide zero-day threat detection. The product must provide a detailed status of the users and their activity on the devices.
Kaspersky needs improvement in communication between the network and endpoint, as well as between endpoint and server. Sensors often fail to listen to the server due to communication issues resulting in multiple hurdles. Kaspersky needs to prioritize addressing this communication issue. While Kaspersky provides all the necessary functionality, there's room for improvement. Kaspersky should consider adding features to allow us to create use cases in the Sky console. If analytics don't detect anything in the Kaspersky console, the alerts must be configured in Kaspersky Sky so that they trigger when an attack is performed. This would make it easier for us to find any threats.
Kaspersky Endpoint Detection and Response needs vast resources on the central node. Not all maintenance tasks are in the GUI, so we often use commands. The lack of documentation for these processes means we frequently reach out to support, open tickets, and run complex CLI commands. It's not the most straightforward process. It should also improve stability.
My team was struggling with the reporting when we were doing an audit. The console features are a little more interactive and user-friendly. There's some issue, or maybe some fixing has to be done. I've seen the ground staff struggling a lot over there. The skill set, knowledge transfer, or training can help them to improve.
Kaspersky's support team is not that much supportive. If we need any help from them, they do not provide a good solution, and it takes too long to resolve the issue. This is the main thing because some cases are easy and need urgent resolution. However, when we create a support ticket, it takes three days to get it planned, and we have urgent requirements. So, the ticketing process needs improvement.
Kaspersky Endpoint Detection and Response lacks configuration options. From an improvement perspective, I would like to see the solution offer more configuration options.
Kaspersky Endpoint Detection and Response is expensive. It should improve its stability.
There are certain shortcomings with the UI of the solution. The UI is not at all user-friendly. The product should have an easier UI.
The main issue was compatibility with the cloud itself. The CPU usage immediately spiked, causing the machines to hang and sometimes even forcing server or computer restarts. Within seconds of installing the agent, the CPU usage would become extremely high, rendering the machine practically unusable until we either manually restarted it or initiated a forced restart. We were left with no option but to uninstall the client. It was the primary issue. When the agent was installed from the cloud portal, the machine became completely unresponsive and disconnected from the network. I was quite satisfied with Kaspersky products when they were on-premises. The server was downloading the updates and signatures smoothly, and it was fully stable in our network. However, we decided to move to the cloud as we were offered better options, and there was no significant pricing difference. But unfortunately, once we moved to the cloud and deployed the agents on our clients, our clients started facing disconnection issues. We had no choice but to forcefully restart the machines. We tried seeking help from Kaspersky, but we didn't receive any assistance, which led us to switch to another product.