Kaspersky Small Office Security (formerly Kaspersky Work Space Security) is antivirus / endpoint security software from Russian company Kaspersky.
$29.99
per month
Microsoft Defender XDR
Score 8.8 out of 10
N/A
Microsoft 365 Defender combines SIEM and XDR capabilities for Microsoft 365 environments, encompassing threat detection, post-breach detection, automated investigation, and response for endpoints. Additionally, it protects cloud apps, emails and documents, and employee identities.
Firstly Microsoft 365 Defender offers effortless integration with other Microsoft solutions over the products evaluated. Compared to Microsoft 365 Defender the evaluated products should improve the integration and its web interfaces. Few challenges were encountered when …
I think Kaspersky is well suited for large and small companies. Larger companies can take advantage of the KSC (Kaspersky Security Center) servers to help manage a large network. The KSC has many good features to help monitor the health of the organization. It does a good job with updating and deploying remotely. It has inventory features, and can even deploy non-Kaspersky software packages uploaded to the center. KSC can become a source of good information about [your] network that can be seen at a glance. IT departments are normally smaller than they need to be. KSC helps with larger and smaller companies because of this. A small company would appreciate the amount of information and management that can be done through KSC without needing extra help. If the company is small enough that they don't have servers on-site, there is a cloud version. I have not used that to know how it differs from the local KSC.
Microsoft Defender XDR is well suited for organizations already invested in the Microsoft Ecosystem - including Microsoft 365, Azure Ad and INTune. For example, in scenarios where you need to correlament the fishing attacks with the closing point behavior and identity agreement, Microsoft Defender XDR does a big task of sewing the timeline of a full attack simultaneously and even automatically removing. This hybrid function is also ideal for the environment, where safety visibility in distance tools, cloud apps and email is important. Microsoft Defender XDR provides centralized insight and response in all these domains without the requirement of many devices. However, it is less suitable in the atmosphere with diverse or non-microsoft infrastructure, such as an organization running a mixture of Linux server, Google work area or third-party EDR tools. Cross-platform support is still developing, and integration of the microsoft ecosystem often requires additional configurations or third-party connectors. For companies of that situation, Microsoft Defender XDR cannot give its full value from the XDR box.
The Security Center is laid out very well and makes it easy to install and manage the client endpoint protection on servers and workstations.
The way security policies are defined and managed is very easy to understand.
The client programs seem to be lighter and smaller on the client systems than others I have used in the past. Using fewer resources is always an advantage.
The software uses advanced AI and machine learning algorithms to monitor activities and detect any anomalies immediately, protecting our financial data.
Automated responses to known threats reduce the impact of possible incidents and improve our security posture.
Microsoft 365 Defender easily combines with other Microsoft 365 services and external security solutions, providing a complete and unified security solution.
Improved algorithms to minimize false positives in threat detection, reducing the impact on security teams and preventing unnecessary investigations into non-threatening incidents.
Advanced User-Friendly Interface:
Streamlined and intuitive user interface for the centralized dashboard, making it more accessible for security professionals with varying levels of expertise.
Greater Third-Party Integration:
Increased compatibility and integration capabilities with a broader range of third-party security tools
The product is stable and accurate in detecting security threats. There are very few or no false positives in detecting security threats or unusual behavior and has very sharp heuristics. The product does the job very well including saving us money in getting 3rd party patch management tools as the business is already using Microsoft System Center Configuration Manager which is Microsoft product specific and the product patches these third party products e.g Adobe Flash Player
We are pleased with the product and have no plans to look for alternatives. We are deeply invested in Microsoft ecosystem and Defender XDR provides seamless integration to other Microsoft products. For academic institution pricing is also quite affordable. In the contrary, we hope to extend the scope of the product for our entire environment.
I will give Kaspersky a score of 9 out of 10 for scalability, as it allows businesses to easily expand their security infrastructure. This means it won't cost them a lot to add further protection and security. It won't also require them to purchase other hardware and services for their required protection.
Overall the UI is modern and OK to use. Attack story is quite nice visual of incident. Advanced hunting supports autocomplete so that helps doing KQL-queries efficiently. The product is quite comprehensive and one can get lost in the vast UI. Learning curve is quite high and navigation is complex. As product also continues to evolve the UI might change somewhat.
I've used the on-premise server. I've only experienced one time that we couldn't open the console, and that was a server issue. It seems to be a dependable solution. It's there, and it's stable.
In our experience there has been very little downtime for Microsot Defender XDR. For us there hasn’t been any single incident where we needed the product and it was not available.
Users don't notice any slowdown with the antivirus running on their systems. There have been issues when the systems have missed a scheduled scan, and it was checked to run at [a] first available time, they will start a full scan at startup. This has caused some lag. Normally there are also some issues with the workstation, but it is something to note.
Most of the time the product is as responsive as you might expect from cloud product. Occasionly the product is little slugish, this has been at most a slight irritation. Reports generate quickly ennough for our needs. We also not have found that Defender XDR slows down systems that it is integrated with
I give the maximum grade because we have no complaints; we never had any failure, serious error, and serious threat to the company. All of its features work very well. The great advantage of having a product supported by an industry-leading security company is that regularly updated security protocols will protect the system against all emerging threats.
Their support throughout our onboarding of the product was fabulous. They not only took the time to carefully explain to teams not as well equipped with the lingo but explained to the tech team how to teach the other teams to be successful. They never once seemed impatient or annoyed with basic questions and didn’t pretend to know something when they needed to research an answer
Microsoft Provides a good training for the Microsoft 365 Defender and has a good learning paths to learn and take the exams and get your Certifications.
Make sure to provide awareness campaigns on changes that will be implemented and WHY the business is doing it and the benefits reaped. Benefits reaped is very important for the justification of why things have to change and emphasizing the importance of security. This will reduce user disgruntlement and total bitterness on use of their workstation or laptop
seemless and almost transparent. can be deployed by script if needed so every endpoint on our system get's it. if you have intune it gets dumped on the the endpoint by policy so nothing escapes it
Kaspersky is a leader in endpoint protection, but its ties to potential adversaries are unsettling. Kaspersky has a great threat research team and quickly identifies malicious software and its signature. Its web-based protection is also top notch. This is a great product but as with everything has its place.
Our product in that area, for instance as a security platform and for us it is for the moment really bad point. We started to move in that direction that there is that disconnect from the client management. So if there is some action that needs to be executed detected by security team, there is not an easy way to make that available to the team that is responsible for managing the identities as users, as the devices
You can create groups and create different policies for each group. You can customize many parts of the software before it is deployed. You can create different tasks and schedules based on the groups. It is customizable.
Azure cloud provides techical power to scale the product for whole organization. From organizational point of view scaling Defender XDR for various IT teams needs good collaboration and clear norms that all teams must agree to and follow.
