Skip to main content
TrustRadius
Kaspersky EDR Expert

Kaspersky EDR Expert

Overview

What is Kaspersky EDR Expert?

Kaspersky Endpoint Detection and Response (EDR) Expert provides endpoint protection, advanced detection, threat hunting and investigation capabilities and multiple response options in a single package. It is an EDR solution for IT security teams with more mature incident response processes,…

Read more
Recent Reviews

Kaspersky EDR Expert Review

10 out of 10
March 30, 2024
We have IT guy who likes all these security stuff, so he deployed trial version and during trial period Kaspersky EDR Expert helped us to …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing

Kaspersky EDR Expert

$52.30

Cloud
Pricing is for a 3-year commitment, calculated per year. 1 and 2 year licenses also available. per endpoint

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Starting price (does not include set up fee)

  • $52.30 3-year commitment, calculated per year per endpoint
Return to navigation

Product Details

What is Kaspersky EDR Expert?

Kaspersky Endpoint Detection and Response (EDR) Expert provides endpoint protection, advanced detection, threat hunting and investigation capabilities and multiple response options in a single package. It is an EDR solution for IT security teams with more mature incident response processes, enabling them to hunt, prioritize, investigate and neutralize complex threats and APT-like attacks.

Key features
  • Advanced detection, including methods based on machine learning
  • Indicator of Compromise (IoC), Indicator of Attack (IoA) and Sandbox detection
  • Monitoring and visualization with drill-down capability
  • Guided investigation
  • Centralized telemetry storage
  • Threat hunting capabilities
  • MITRE ATT&CK mapping
  • Multiple response options
  • Access to Kaspersky Threat Intelligence Portal
  • Single cloud or on-prem console


Kaspersky also describes what they believe are the product's key benefits, and differentiators:


Benefits
  • Single agent with next-gen endpoint security (EPP)
  • Provides tools for defending against complex and advanced threats
  • Allows for proactive threat hunting, not only reacting to incidents
  • Deep investigation helps prevent similar incidents in the future
  • Several response options, automation and customization to best fit the cybersecurity team
  • Reduces required cybersecurity resources through guidance and automation
  • Simple way to upgrade to Native XDR

DIfferentiators
  • Includes next-gen endpoint security (EPP)
  • Guided investigation helps analyze threats quickly and learn on the job
  • Proprietary Indicators of Attack
  • Sandbox with capability to use customer-defined images (on a select range of OS)
  • Threat Intelligence
  • API to send gathered telemetry to third-party systems
  • Supports both cloud and on-premise deployments

Kaspersky EDR Expert Features

  • Supported: Extended prevention - EPP included in the license provides detection and prevention based on Machine Learning. It also includes patch management, encryption and Adaptive Anomaly Control, an automatic system hardening tool.
  • Supported: Advanced detection - Besides Machine Learning and Behavior Analysis, the solution uses IoC and IoA detection and a customizable Sandbox.
  • Supported: MITRE ATT&CK mapping - IoAs and Sandbox detections are mapped to MITRE ATT&CK for the further analysis of the adversary’s Tactics, Techniques and Procedures.
  • Supported: Threat hunting - Real-time automated threat hunting with IoAs, access to Threat Intelligence Portal knowledge base and a flexible Query Builder allow for multiple ways to perform proactive threat hunting
  • Supported: Forensic investigation - Retrospective analysis can be performed over a vast array of telemetry gathered from each endpoint. It is collected in a centralized cloud or on-prem storage, making the data available even if the compromised endpoint is inaccessible or encrypted.
  • Supported: Incident response - Automated, guided and manual ‘one click’ response options are available via the central management console. Options include network isolation, delete file, prevent execution, start process, and get file.

Kaspersky EDR Expert Screenshots

Screenshot of Screenshot of Screenshot of

Kaspersky EDR Expert Video

Kaspersky Expert Security

Kaspersky EDR Expert Integrations

  • VirusTotal
  • Own API for sending telemetry to 3rd party systems
  • syslog
  • Active Directory

Kaspersky EDR Expert Competitors

Kaspersky EDR Expert Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsWindows, Linux
Mobile ApplicationNo
Supported CountriesAll
Supported LanguagesEnglish, Russian

Frequently Asked Questions

Kaspersky Endpoint Detection and Response (EDR) Expert provides endpoint protection, advanced detection, threat hunting and investigation capabilities and multiple response options in a single package. It is an EDR solution for IT security teams with more mature incident response processes, enabling them to hunt, prioritize, investigate and neutralize complex threats and APT-like attacks.

Kaspersky EDR Expert starts at $52.3.

CrowdStrike Falcon, Sophos Intercept X, and SentinelOne Singularity are common alternatives for Kaspersky EDR Expert.

The most common users of Kaspersky EDR Expert are from Mid-sized Companies (51-1,000 employees).

Kaspersky EDR Expert Customer Size Distribution

Consumers0%
Small Businesses (1-50 employees)3%
Mid-Size Companies (51-500 employees)46%
Enterprises (more than 500 employees)51%
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(15)

Attribute Ratings

Reviews

(1-1 of 1)
Companies can't remove reviews or game the system. Here's why
November 29, 2023

A good solution with significant security risks

Verified User
Manager in Information Technology
Telecommunications Company, 1001-5000 employees
Score 1 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Kaspersky EDR Expert is a new sophisticated EDR system. We used this system to provide endpoint protection, advanced detection, threat hunting and investigation capabilities. It was used by SOC and IT operations for incident response to hunt, prioritize, investigate and neutralize complex threats and APT-like attacks. The business problems we addressed: end-point device security management, end-point protection, threat analysis and investigation, incident process management, protection against APT attacks.
Pros and Cons
  • Identify and automatically respond to end-point security threats
  • Protect end-point systems against a broad range of cyber attacks
  • Reduce operational costs to support EDR services
  • From experience, this systems has not offered a credible defense against potential nation-state cyberattacks
  • From experience, this system has not offered a credible data protection against nation-state cyberattacks
  • Limited visibility into the cyber kill chain for this service
  • From experience, a high rate of false positives
  • Control council needs to be improved
  • Automate patch updates
Likelihood to Recommend
I think system could be used for small business that is very price sensitives and prepared to take security risks for the low price system. In my opinion, It is too risky to use this system for security sensitives enterprises
Most Important Features
  • Low price
  • Guided investigation
Return on Investment
  • Reduced EDR operational costs
  • Reduced capital costs to acquire EDR capability
  • Improved end-point visibility
  • Increased cybersecurity risks for enterprises given limited defense against sophisticated, Nation-based cyber attacks
  • Increased enterprise data risks due Nation-based cyber attacks
Deciding Factors
Expanded EDR capability for very competitively priced systems and support. Service automation, end-point visibility, ease to operate
Resources
You dedicated and well trained resource to operate the EDR expert
Alternatives Considered
Kaspersky offer a completive system package at a reasonable price
Other Software Used
Splunk Enterprise Security (ES), Imperva Web Application Firewall (WAF), Radware Bot Manager
Users and Roles
10
Product management and solution selection
Support Headcount Required
1
Security operations and threat analysis
Business Processes Supported
  • End-point system security
  • Cyber threat monitoring and continuous cyber risk assessment
  • End-point security automation
  • Automated threat response
  • Cloud and on-premise environment
  • Guided cyber threat investigation
Innovative Uses
  • Use APIs to send gathered telemetry to third-party systems
  • Support in hybrid cloud environments
  • Leverage the Expert threat intelligence
  • Threat hunting
Future Planned Uses
  • Provide a better protection against the Expert existing cyber security risks
  • Offer a better data defense against the Expert existing cyber security risks
  • Enhance APIsto third party systems
Likelihood to Renew
1
I believe the Kaspersky EDR Expert systems represent significant cyber risks for government and commercial enterprise customers
Return to navigation