Network administrator at a comms service provider with 201-500 employees
Real User
Top 5
2024-10-25T13:06:00Z
Oct 25, 2024
Cortex is better in the security features, yet Cortex doesn't have IT management features like Kaspersky. Kaspersky is not an XDR solution. With an XDR solution, we could gain some more time.
Kaspersky EDR could be improved by adding network detection capabilities to enhance convenience and security. Detecting and responding to network protocol issues, such as phishing emails or malicious downloads, can be challenging, but integrating network monitoring into EDR tools could significantly improve overall network security.
Many viruses change algorithms. The product does not detect zero-day threats. Kaspersky must provide zero-day threat detection. The product must provide a detailed status of the users and their activity on the devices.
Team Lead Cybersecurity Operations at a computer software company with 11-50 employees
Reseller
Top 20
2024-01-24T15:50:00Z
Jan 24, 2024
Kaspersky needs improvement in communication between the network and endpoint, as well as between endpoint and server. Sensors often fail to listen to the server due to communication issues resulting in multiple hurdles. Kaspersky needs to prioritize addressing this communication issue. While Kaspersky provides all the necessary functionality, there's room for improvement. Kaspersky should consider adding features to allow us to create use cases in the Sky console. If analytics don't detect anything in the Kaspersky console, the alerts must be configured in Kaspersky Sky so that they trigger when an attack is performed. This would make it easier for us to find any threats.
IT Security team leader at a healthcare company with 10,001+ employees
Real User
Top 10
2023-12-14T15:19:29Z
Dec 14, 2023
Kaspersky Endpoint Detection and Response needs vast resources on the central node. Not all maintenance tasks are in the GUI, so we often use commands. The lack of documentation for these processes means we frequently reach out to support, open tickets, and run complex CLI commands. It's not the most straightforward process. It should also improve stability.
Learn what your peers think about Kaspersky Endpoint Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Assistant General Manager at a financial services firm with 5,001-10,000 employees
Real User
Top 20
2023-11-08T11:45:08Z
Nov 8, 2023
My team was struggling with the reporting when we were doing an audit. The console features are a little more interactive and user-friendly. There's some issue, or maybe some fixing has to be done. I've seen the ground staff struggling a lot over there. The skill set, knowledge transfer, or training can help them to improve.
Kaspersky's support team is not that much supportive. If we need any help from them, they do not provide a good solution, and it takes too long to resolve the issue. This is the main thing because some cases are easy and need urgent resolution. However, when we create a support ticket, it takes three days to get it planned, and we have urgent requirements. So, the ticketing process needs improvement.
Kaspersky Endpoint Detection and Response lacks configuration options. From an improvement perspective, I would like to see the solution offer more configuration options.
The main issue was compatibility with the cloud itself. The CPU usage immediately spiked, causing the machines to hang and sometimes even forcing server or computer restarts. Within seconds of installing the agent, the CPU usage would become extremely high, rendering the machine practically unusable until we either manually restarted it or initiated a forced restart. We were left with no option but to uninstall the client. It was the primary issue. When the agent was installed from the cloud portal, the machine became completely unresponsive and disconnected from the network. I was quite satisfied with Kaspersky products when they were on-premises. The server was downloading the updates and signatures smoothly, and it was fully stable in our network. However, we decided to move to the cloud as we were offered better options, and there was no significant pricing difference. But unfortunately, once we moved to the cloud and deployed the agents on our clients, our clients started facing disconnection issues. We had no choice but to forcefully restart the machines. We tried seeking help from Kaspersky, but we didn't receive any assistance, which led us to switch to another product.
Kaspersky Endpoint Detection and Response provides robust malware detection, endpoint security, integration with SIEM, control of USB devices, and behavior analysis, deployed on servers, mobile devices, and laptops.
Kaspersky Endpoint Detection and Response aids organizations in scanning environments, blocking sites, handling data transfers, and offering visibility into quarantine systems. Utilizing features such as encryption, machine learning analysis, caching, and automation,...
Cortex is better in the security features, yet Cortex doesn't have IT management features like Kaspersky. Kaspersky is not an XDR solution. With an XDR solution, we could gain some more time.
The solution must provide better security. The performance can be improved.
Kaspersky EDR could be improved by adding network detection capabilities to enhance convenience and security. Detecting and responding to network protocol issues, such as phishing emails or malicious downloads, can be challenging, but integrating network monitoring into EDR tools could significantly improve overall network security.
Many viruses change algorithms. The product does not detect zero-day threats. Kaspersky must provide zero-day threat detection. The product must provide a detailed status of the users and their activity on the devices.
Kaspersky needs improvement in communication between the network and endpoint, as well as between endpoint and server. Sensors often fail to listen to the server due to communication issues resulting in multiple hurdles. Kaspersky needs to prioritize addressing this communication issue. While Kaspersky provides all the necessary functionality, there's room for improvement. Kaspersky should consider adding features to allow us to create use cases in the Sky console. If analytics don't detect anything in the Kaspersky console, the alerts must be configured in Kaspersky Sky so that they trigger when an attack is performed. This would make it easier for us to find any threats.
Kaspersky Endpoint Detection and Response needs vast resources on the central node. Not all maintenance tasks are in the GUI, so we often use commands. The lack of documentation for these processes means we frequently reach out to support, open tickets, and run complex CLI commands. It's not the most straightforward process. It should also improve stability.
My team was struggling with the reporting when we were doing an audit. The console features are a little more interactive and user-friendly. There's some issue, or maybe some fixing has to be done. I've seen the ground staff struggling a lot over there. The skill set, knowledge transfer, or training can help them to improve.
Kaspersky's support team is not that much supportive. If we need any help from them, they do not provide a good solution, and it takes too long to resolve the issue. This is the main thing because some cases are easy and need urgent resolution. However, when we create a support ticket, it takes three days to get it planned, and we have urgent requirements. So, the ticketing process needs improvement.
Kaspersky Endpoint Detection and Response lacks configuration options. From an improvement perspective, I would like to see the solution offer more configuration options.
Kaspersky Endpoint Detection and Response is expensive. It should improve its stability.
There are certain shortcomings with the UI of the solution. The UI is not at all user-friendly. The product should have an easier UI.
The main issue was compatibility with the cloud itself. The CPU usage immediately spiked, causing the machines to hang and sometimes even forcing server or computer restarts. Within seconds of installing the agent, the CPU usage would become extremely high, rendering the machine practically unusable until we either manually restarted it or initiated a forced restart. We were left with no option but to uninstall the client. It was the primary issue. When the agent was installed from the cloud portal, the machine became completely unresponsive and disconnected from the network. I was quite satisfied with Kaspersky products when they were on-premises. The server was downloading the updates and signatures smoothly, and it was fully stable in our network. However, we decided to move to the cloud as we were offered better options, and there was no significant pricing difference. But unfortunately, once we moved to the cloud and deployed the agents on our clients, our clients started facing disconnection issues. We had no choice but to forcefully restart the machines. We tried seeking help from Kaspersky, but we didn't receive any assistance, which led us to switch to another product.