Kaspersky EDR Expert is a Great modern endpoint protection platform
We're using Kaspersky EDR Expert as endpoint protection, system hardening, exposure management, endpoint detection and response tool. It …
Starting at $52.30 3-year commitment, calculated per year per endpoint
View PricingOverview
What is Kaspersky EDR Expert?
Kaspersky Endpoint Detection and Response (EDR) Expert provides endpoint protection, advanced detection, threat hunting and investigation capabilities and multiple response options in a single package. It is an EDR solution for IT security teams with more mature incident response processes,…
Recent Reviews
Reviewer Pros & Cons
Pricing
Kaspersky EDR Expert
$52.30
Cloud
Pricing is for a 3-year commitment, calculated per year. 1 and 2 year licenses also available. per endpoint
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Starting price (does not include set up fee)
- $52.30 3-year commitment, calculated per year per endpoint
Product Details
- About
- Integrations
- Competitors
- Tech Details
- FAQs
What is Kaspersky EDR Expert?
Kaspersky Endpoint Detection and Response (EDR) Expert provides endpoint protection, advanced detection, threat hunting and investigation capabilities and multiple response options in a single package. It is an EDR solution for IT security teams with more mature incident response processes, enabling them to hunt, prioritize, investigate and neutralize complex threats and APT-like attacks.
Kaspersky also describes what they believe are the product's key benefits, and differentiators:
Key features
- Advanced detection, including methods based on machine learning
- Indicator of Compromise (IoC), Indicator of Attack (IoA) and Sandbox detection
- Monitoring and visualization with drill-down capability
- Guided investigation
- Centralized telemetry storage
- Threat hunting capabilities
- MITRE ATT&CK mapping
- Multiple response options
- Access to Kaspersky Threat Intelligence Portal
- Single cloud or on-prem console
Kaspersky also describes what they believe are the product's key benefits, and differentiators:
Benefits
- Single agent with next-gen endpoint security (EPP)
- Provides tools for defending against complex and advanced threats
- Allows for proactive threat hunting, not only reacting to incidents
- Deep investigation helps prevent similar incidents in the future
- Several response options, automation and customization to best fit the cybersecurity team
- Reduces required cybersecurity resources through guidance and automation
- Simple way to upgrade to Native XDR
DIfferentiators
- Includes next-gen endpoint security (EPP)
- Guided investigation helps analyze threats quickly and learn on the job
- Proprietary Indicators of Attack
- Sandbox with capability to use customer-defined images (on a select range of OS)
- Threat Intelligence
- API to send gathered telemetry to third-party systems
- Supports both cloud and on-premise deployments
Kaspersky EDR Expert Features
- Supported: Extended prevention - EPP included in the license provides detection and prevention based on Machine Learning. It also includes patch management, encryption and Adaptive Anomaly Control, an automatic system hardening tool.
- Supported: Advanced detection - Besides Machine Learning and Behavior Analysis, the solution uses IoC and IoA detection and a customizable Sandbox.
- Supported: MITRE ATT&CK mapping - IoAs and Sandbox detections are mapped to MITRE ATT&CK for the further analysis of the adversary’s Tactics, Techniques and Procedures.
- Supported: Threat hunting - Real-time automated threat hunting with IoAs, access to Threat Intelligence Portal knowledge base and a flexible Query Builder allow for multiple ways to perform proactive threat hunting
- Supported: Forensic investigation - Retrospective analysis can be performed over a vast array of telemetry gathered from each endpoint. It is collected in a centralized cloud or on-prem storage, making the data available even if the compromised endpoint is inaccessible or encrypted.
- Supported: Incident response - Automated, guided and manual ‘one click’ response options are available via the central management console. Options include network isolation, delete file, prevent execution, start process, and get file.
Kaspersky EDR Expert Screenshots
Kaspersky EDR Expert Video
Kaspersky Expert Security
Kaspersky EDR Expert Integrations
- VirusTotal
- Own API for sending telemetry to 3rd party systems
- syslog
- Active Directory
Kaspersky EDR Expert Competitors
Kaspersky EDR Expert Technical Details
| Deployment Types | On-premise, Software as a Service (SaaS), Cloud, or Web-Based |
|---|---|
| Operating Systems | Windows, Linux |
| Mobile Application | No |
| Supported Countries | All |
| Supported Languages | English, Russian |
Frequently Asked Questions
Kaspersky Endpoint Detection and Response (EDR) Expert provides endpoint protection, advanced detection, threat hunting and investigation capabilities and multiple response options in a single package. It is an EDR solution for IT security teams with more mature incident response processes, enabling them to hunt, prioritize, investigate and neutralize complex threats and APT-like attacks.
Kaspersky EDR Expert starts at $52.3.
CrowdStrike Falcon, Sophos Intercept X, and SentinelOne Singularity are common alternatives for Kaspersky EDR Expert.
The most common users of Kaspersky EDR Expert are from Mid-sized Companies (51-1,000 employees).
Kaspersky EDR Expert Customer Size Distribution
| Consumers | 0% |
|---|---|
| Small Businesses (1-50 employees) | 3% |
| Mid-Size Companies (51-500 employees) | 46% |
| Enterprises (more than 500 employees) | 51% |
Comparisons
Compare with
Reviews and Ratings
(15)Attribute Ratings
Reviews
(1-10 of 10)Companies can't remove reviews or game the system. Here's why
Score 10 out of 10
Vetted Review
Verified User
We're using Kaspersky EDR Expert as endpoint protection, system hardening, exposure management, endpoint detection and response tool. It protects endpoints running Windows and Linux and detects modern threats with low system performance impact and almost no false alarms. Threat Intelligence portal is also very valuable.
- Strongest endpoint protection product on the market according to 3rd party evaluation
- Actionable detection data
- Sandbox is extremely useful
- It would be great to add SOAR product or capabilities into portfolio
- As for EDR product itself, I haven't ran into any issues
We use it for all of the our workstation and now we are planning to deploy it to servers. We use EDR to get large amount of controls and logs from our hosts. Then we use collected data to determine cybersecurity incidents. Also this product decreases the load to our SIEM-system because the correlation between logs and security events.
- Collecting data from windows hosts
- Correlating collected data and composing incidents
- Clearing the situation with impacted hosts during cybersecurity incidents
- Linux-systems support on the same level like windows systems
- Untying from Kaspesky ATA
- AI add to ease the way of profiling the system (it requires 1 FTE to examine all the incidents on 10 000 hosts? too much)
March 30, 2024
Kaspersky EDR Expert Review
Score 10 out of 10
Vetted Review
Verified User
We
have IT guy who likes all these security stuff, so he deployed trial version
and during trial period Kaspersky EDR Expert helped us to detect some malicious activities, so
we decide to keep it and buy commercial license.
- Detection
- Embedded Sandbox is a really good stuff, I can see detailed activity with visualization of any malicious sample
- Simple interface. Usability.
- Additional reporting capabilities
- Include TI offering into EDR offering
- Cover IoT
March 29, 2024
Detect advanced threats with Kaspersky EDR Expert
Score 9 out of 10
Vetted Review
Verified User
We're using Kaspersky EDR Expert capabilities additionally to Endpoint Security to increase visibility and detection as well as to improve response.
- Detection
- Threat hunting
- Enrichment
- Response
- ChromeOS support
- Integration with Intel TDT
February 08, 2024
Automating EDR tasks with Kaspersky EDR Expert
I use Kaspersky EDR Expert as an antivirus and app control and web filter.
- App-control
- Web-filetring
- Antivirus
- OS-integration
- Cloud-implementation
- Scripting
January 19, 2024
Kaspersky EDR Expert - Catch and Respond.
We use Kaspersky EDR Expert to detect and respond to threats in our environment as it is much faster than any human can detect and respond to threats.
- Quickly detects and responds to threats.
- Easy to use.
- Outstanding performance.
- Better reporting.
- Better view of the cyber killchain.
- Basic control panel.
November 29, 2023
A good solution with significant security risks
Kaspersky EDR Expert is a new sophisticated EDR
system. We used this system to provide endpoint protection, advanced
detection, threat hunting and investigation capabilities. It was
used by SOC and IT operations for incident response to hunt, prioritize,
investigate and neutralize complex threats and APT-like attacks. The business
problems we addressed: end-point device security management, end-point
protection, threat analysis and investigation, incident process management,
protection against APT attacks.
- Identify and automatically respond to end-point security threats
- Protect end-point systems against a broad range of cyber attacks
- Reduce operational costs to support EDR services
- From experience, this systems has not offered a credible defense against potential nation-state cyberattacks
- From experience, this system has not offered a credible data protection against nation-state cyberattacks
- Limited visibility into the cyber kill chain for this service
- From experience, a high rate of false positives
- Control council needs to be improved
- Automate patch updates
November 20, 2023
Kaspersky - intuitive software for endpoint security.
We utilize Kaspersky Endpoint Detection and Response to help secure our network and proactively prevent cyber-attacks and malicious software from accessing our systems.
- Identify and automatically respond to security threats.
- Provide Real-time issue reports.
- Quick and easy endpoint deployment.
- It would be nice to have more insight into the kill chain of potential infections and malware.
- Remote interface is a little lacking as to why a file was flagged.
November 17, 2023
Affordable and ideal to small businesses
We use Kaspersky EDR Expert in client computers in our organization because we need a reliable system to protect these machines from malicious attacks and also to control other security aspects in the cliente computers. So far we are happy with the product and recomend it to any company that do not have too many computers to manage, since is a realy easy software to deploy and mantain.
- Protect client computer from malicious attacks
- Protects from malware attacks
- Protects agains Phishing attacks
- The central console could be improved
- More assistance in patch update
- Less false positives
November 14, 2023
Kaspersky works for us.
Virus protection and password management are the main uses. We do not utilize any of its VPN capabilities; those are handled in another software.
- Password Management.
- Blocking malware.
- Identifying outdated passwords and protections.
- Ease of interface could be enhanced.
- Would like additional reporting capabilities.
- Better notification when updates will be processed.