Cyber Security Specialist at Crystal Technologies Limited
Real User
Top 10
2024-07-16T08:51:28Z
Jul 16, 2024
I would say that Kaspersky is not too big in the cloud-related area. From an improvement perspective, it would be good if Kaspersky went big in the cloud since it would give the tool a fair chance to compete with other clouds.
I find Kaspersky can be quite resource-intensive, consuming a significant amount of RAM and CPU. Another area of improvement is customer service and support. Since the solution handles critical applications and vulnerabilities, immediate support is essential when issues arise.
They could provide a source of visualization for the product. It needs to be easier to use for searches and activities. Additionally, they should work on an incident response module.
More than a technical issue, it's more of a commercial issue that we have faced with the solution. Some of my clients told me something about the Russia and Ukraine conflict. Because Kaspersky is from Russia, my clients mentioned that it may have some problems in the future. Speaking about the features I like to see in the solution, I would like to say that I use the solution's features as a user. I even don't know if the solution has certain features. I am uncertain whether the solution includes certain features like traffic monitoring or app usage tracking. We employ Power Automate applications on our mobile devices, which might explain the observed traffic or usage. However, I believe this knowledge is limited as I lack access to the manager console. The solution does not offer much support to its users in Spanish, so I would like to see them offer more support in Spanish.
CISO at a wholesaler/distributor with 1,001-5,000 employees
Real User
Top 20
2023-05-04T21:05:00Z
May 4, 2023
They should include XDR features in the solution. It would help us collect data metrics from different endpoints. Thus, we could identify the origin of the ransomware or malware attacks within the network. Also, they should include sandboxing features.
Learn what your peers think about Kaspersky Endpoint Detection and Response Expert. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
No product is perfect and I think the stability could be improved a little. I'd also like to see performance improvement as the system can be heavy, slowing down our computers, and things don't always work smoothly. Performance could be improved.
Network administrator at a healthcare company with 1,001-5,000 employees
Real User
Top 20
2023-03-09T22:03:42Z
Mar 9, 2023
It does not cover all of our security issues. It's not a complete security solution. We'd like something like CrowdStrike Falcon. We'd like the same features as CrowdStike. If they can have even better features than CrowdStrike in the future, it would be better. The solution lacks EDR features.
If a customer wants to use Kaspersky on-prem, they'll need to spend a lot on the hardware. Their server must be strong because EDR is a heavy product. You need excellent hardware to run it. It might make sense to deploy the solution in the cloud. If they add features, it will only make the product heavier and increase the hardware costs.
Endpoint Specialist at a computer software company with 201-500 employees
Real User
2022-12-08T08:17:20Z
Dec 8, 2022
The one thing Symantec has that EDR lacks is device control. I think Kaspersky has to increase its features when it comes to antivirus control. I'd like to see an increase in the 30-day retention period.
There are some issues with EDR's web policy blocking sites that are marked as exceptions. Also, recently, some policies have been getting disabled automatically. In the next release, EDR should include a web plugin.
ICT Manager at a manufacturing company with 51-200 employees
Real User
2022-11-16T14:44:27Z
Nov 16, 2022
The interfacing for remote endpoints could be improved because it does not work very smoothly. It is not easy to follow the kill chain of a potential infection or malware. We would like to be able to roll back and analyze all the steps in the chain. The on-premises solution is not fully aligned with the web-based option that includes a feature-rich interface. For example, you can analyze better on the web console than with the on-premises management console. It is complex to implement remote endpoints for visitors who have devices that are outside the control of your network but are on-premises. The solution did not even offer this until recently but instead provided an additional solution for integrating the functionality. The solution needs to focus on providing a completely cloud-based solution like CrowdStrike, SentinelOne, and Microsoft Defender. The solution still works on the old signature-based antivirus format but modern options like CrowdStrike, SentinelOne, and Microsoft Defender are behavioral analysis tools that are completely signature-less. The solution is losing customers because it has not reacted quickly enough to the modern format.
The only problem we have with the solution is that DLP is not a part of it. It's particularly relevant for those working in financial markets, especially in Pakistan where it's deployed in banks. DLP would make EDR a complete package. The lack of DLP is the main reason that our company is moving away from Kaspersky EDR.
I would like better integration with other products. For example, I would like to have another view in SolarWinds or Datadog. Integration is not easy. I'd like it to be simplified. We do not need any additional features. The business plan maybe could be improved. They need to change the way they sell the product. They could be better friends with their partners. A partner is not somebody who sells this product. It is usually somebody who manages this product for the end user or the end company that is predicting the assets. The role that a partner plays in this interaction is very important. They need to work to build that relationship to benefit the solution and the client. They should also offer better margins.
Information Security and Support Coordinator at St Marche
Real User
2022-08-22T23:59:25Z
Aug 22, 2022
There are no issues with this solution. However, we would like to have better strategic information. We currently have tactical, and it's hard to make strategic decisions based on what it delivers. In addition, we have about 600 users using this solution.
The solution could always be more secure. Every antivirus solution could be, as things are always dynamically changing. There is always a new risk on the horizon.
Kaspersky Endpoint Detection and Response should continue to improve its protection while adapting to the changing threat ecosystems. Having more advanced features would be a benefit.
Information Technology Manager at The Olympia Medical hub
Real User
2022-06-28T15:48:36Z
Jun 28, 2022
We have some problems with LiDAR. When we do the install, or reinstall the server console, or server endpoint protection, I don't know why we need to reinstall it. Even though we installed, or did a new install for the server endpoint protection features, we use some small PDO or some patching to upgrade it in the employee protection clients if that's in. I need a local expert. I'm looking for more experts to be able to apply it to certain solutions that we understand already. In order to meet our requirements, we need more experts. There are some cases that take three days to deal with. It's too long.
The solution can improve by providing automatic fixing of vulnerabilities and reducing the resources used in the server component and endpoint agent. They are very bulky and use a lot of CPU, memory, and hard drive resources.
Information Security Officer at a financial services firm with 51-200 employees
Real User
2021-02-15T07:47:00Z
Feb 15, 2021
I would like to integrate Kaspersky with my Log Collector SIEM. Right now that's not possible. Kaspersky Endpoint Detection and Response could also introduce a way to make working in teams more accessible. At the same time, it would be interesting to see them explore artificial intelligence solutions.
Security and systems engineer at a tech services company with 51-200 employees
Real User
2020-08-05T06:59:26Z
Aug 5, 2020
There should be options in the UI to better assist with troubleshooting problems that occur during deployment. I would like to see a more simplified view of the configuration options. The technical support team should respond in a more timely manner.
Kaspersky Endpoint Detection and Response Expert is a comprehensive cybersecurity solution designed to detect and respond to advanced threats in real time. It combines advanced threat intelligence, machine learning algorithms, and behavioral analysis to provide proactive protection against sophisticated attacks.
With its centralized management console, security teams can easily monitor and investigate incidents, while automated response capabilities enable quick remediation. This...
I would say that Kaspersky is not too big in the cloud-related area. From an improvement perspective, it would be good if Kaspersky went big in the cloud since it would give the tool a fair chance to compete with other clouds.
I find Kaspersky can be quite resource-intensive, consuming a significant amount of RAM and CPU. Another area of improvement is customer service and support. Since the solution handles critical applications and vulnerabilities, immediate support is essential when issues arise.
They could provide a source of visualization for the product. It needs to be easier to use for searches and activities. Additionally, they should work on an incident response module.
Kaspersky Endpoint Detection and Response Expert needs to include a traffic interface.
More than a technical issue, it's more of a commercial issue that we have faced with the solution. Some of my clients told me something about the Russia and Ukraine conflict. Because Kaspersky is from Russia, my clients mentioned that it may have some problems in the future. Speaking about the features I like to see in the solution, I would like to say that I use the solution's features as a user. I even don't know if the solution has certain features. I am uncertain whether the solution includes certain features like traffic monitoring or app usage tracking. We employ Power Automate applications on our mobile devices, which might explain the observed traffic or usage. However, I believe this knowledge is limited as I lack access to the manager console. The solution does not offer much support to its users in Spanish, so I would like to see them offer more support in Spanish.
They should include XDR features in the solution. It would help us collect data metrics from different endpoints. Thus, we could identify the origin of the ransomware or malware attacks within the network. Also, they should include sandboxing features.
The product should release more frequent updates. The tool needs to improve its scalability as well.
No product is perfect and I think the stability could be improved a little. I'd also like to see performance improvement as the system can be heavy, slowing down our computers, and things don't always work smoothly. Performance could be improved.
It does not cover all of our security issues. It's not a complete security solution. We'd like something like CrowdStrike Falcon. We'd like the same features as CrowdStike. If they can have even better features than CrowdStrike in the future, it would be better. The solution lacks EDR features.
If a customer wants to use Kaspersky on-prem, they'll need to spend a lot on the hardware. Their server must be strong because EDR is a heavy product. You need excellent hardware to run it. It might make sense to deploy the solution in the cloud. If they add features, it will only make the product heavier and increase the hardware costs.
The one thing Symantec has that EDR lacks is device control. I think Kaspersky has to increase its features when it comes to antivirus control. I'd like to see an increase in the 30-day retention period.
The solution is expensive. It would be ideal if they could lower the costs.
There are some issues with EDR's web policy blocking sites that are marked as exceptions. Also, recently, some policies have been getting disabled automatically. In the next release, EDR should include a web plugin.
The interfacing for remote endpoints could be improved because it does not work very smoothly. It is not easy to follow the kill chain of a potential infection or malware. We would like to be able to roll back and analyze all the steps in the chain. The on-premises solution is not fully aligned with the web-based option that includes a feature-rich interface. For example, you can analyze better on the web console than with the on-premises management console. It is complex to implement remote endpoints for visitors who have devices that are outside the control of your network but are on-premises. The solution did not even offer this until recently but instead provided an additional solution for integrating the functionality. The solution needs to focus on providing a completely cloud-based solution like CrowdStrike, SentinelOne, and Microsoft Defender. The solution still works on the old signature-based antivirus format but modern options like CrowdStrike, SentinelOne, and Microsoft Defender are behavioral analysis tools that are completely signature-less. The solution is losing customers because it has not reacted quickly enough to the modern format.
The only problem we have with the solution is that DLP is not a part of it. It's particularly relevant for those working in financial markets, especially in Pakistan where it's deployed in banks. DLP would make EDR a complete package. The lack of DLP is the main reason that our company is moving away from Kaspersky EDR.
I would like better integration with other products. For example, I would like to have another view in SolarWinds or Datadog. Integration is not easy. I'd like it to be simplified. We do not need any additional features. The business plan maybe could be improved. They need to change the way they sell the product. They could be better friends with their partners. A partner is not somebody who sells this product. It is usually somebody who manages this product for the end user or the end company that is predicting the assets. The role that a partner plays in this interaction is very important. They need to work to build that relationship to benefit the solution and the client. They should also offer better margins.
There are no issues with this solution. However, we would like to have better strategic information. We currently have tactical, and it's hard to make strategic decisions based on what it delivers. In addition, we have about 600 users using this solution.
The solution could always be more secure. Every antivirus solution could be, as things are always dynamically changing. There is always a new risk on the horizon.
Kaspersky Endpoint Detection and Response should continue to improve its protection while adapting to the changing threat ecosystems. Having more advanced features would be a benefit.
We have some problems with LiDAR. When we do the install, or reinstall the server console, or server endpoint protection, I don't know why we need to reinstall it. Even though we installed, or did a new install for the server endpoint protection features, we use some small PDO or some patching to upgrade it in the employee protection clients if that's in. I need a local expert. I'm looking for more experts to be able to apply it to certain solutions that we understand already. In order to meet our requirements, we need more experts. There are some cases that take three days to deal with. It's too long.
I could be covering more devices, for example, the XDR. If it covered more products, it would improve the XDR.
Kaspersky EDR lacks protection from recent ransomware. Because of this, we're looking into switching from EDR to another security solution.
There could be more secure. The prices can go down a little bit.
There is a problem with the solution, it came from Russia and we are looking for a replacement.
Kaspersky Endpoint Detection and Response is very heavy on the system resources. It uses a lot of memory and the system can become slow.
The issue with Kaspersky EDR is the sandbox. I'd like to have the ability to manage it on the cloud as well.
I'd like to see more seamless integration with the cloud and other products as well as improvements to Kaspersky's sandboxing features.
The solution can improve by providing automatic fixing of vulnerabilities and reducing the resources used in the server component and endpoint agent. They are very bulky and use a lot of CPU, memory, and hard drive resources.
I would like to integrate Kaspersky with my Log Collector SIEM. Right now that's not possible. Kaspersky Endpoint Detection and Response could also introduce a way to make working in teams more accessible. At the same time, it would be interesting to see them explore artificial intelligence solutions.
There should be options in the UI to better assist with troubleshooting problems that occur during deployment. I would like to see a more simplified view of the configuration options. The technical support team should respond in a more timely manner.