Kaspersky EDR Expert is a Great modern endpoint protection platform
We're using Kaspersky EDR Expert as endpoint protection, system hardening, exposure management, endpoint detection and response tool. It …
Starting at $52.30 3-year commitment, calculated per year per endpoint
View PricingOverview
What is Kaspersky EDR Expert?
Kaspersky Endpoint Detection and Response (EDR) Expert provides endpoint protection, advanced detection, threat hunting and investigation capabilities and multiple response options in a single package. It is an EDR solution for IT security teams with more mature incident response processes,…
Recent Reviews
Awards
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Reviewer Pros & Cons
Pricing
Kaspersky EDR Expert
$52.30
Cloud
Pricing is for a 3-year commitment, calculated per year. 1 and 2 year licenses also available. per endpoint
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Starting price (does not include set up fee)
- $52.30 3-year commitment, calculated per year per endpoint
Product Details
- About
- Integrations
- Competitors
- Tech Details
- FAQs
What is Kaspersky EDR Expert?
Kaspersky Endpoint Detection and Response (EDR) Expert provides endpoint protection, advanced detection, threat hunting and investigation capabilities and multiple response options in a single package. It is an EDR solution for IT security teams with more mature incident response processes, enabling them to hunt, prioritize, investigate and neutralize complex threats and APT-like attacks.
Kaspersky also describes what they believe are the product's key benefits, and differentiators:
Key features
- Advanced detection, including methods based on machine learning
- Indicator of Compromise (IoC), Indicator of Attack (IoA) and Sandbox detection
- Monitoring and visualization with drill-down capability
- Guided investigation
- Centralized telemetry storage
- Threat hunting capabilities
- MITRE ATT&CK mapping
- Multiple response options
- Access to Kaspersky Threat Intelligence Portal
- Single cloud or on-prem console
Kaspersky also describes what they believe are the product's key benefits, and differentiators:
Benefits
- Single agent with next-gen endpoint security (EPP)
- Provides tools for defending against complex and advanced threats
- Allows for proactive threat hunting, not only reacting to incidents
- Deep investigation helps prevent similar incidents in the future
- Several response options, automation and customization to best fit the cybersecurity team
- Reduces required cybersecurity resources through guidance and automation
- Simple way to upgrade to Native XDR
DIfferentiators
- Includes next-gen endpoint security (EPP)
- Guided investigation helps analyze threats quickly and learn on the job
- Proprietary Indicators of Attack
- Sandbox with capability to use customer-defined images (on a select range of OS)
- Threat Intelligence
- API to send gathered telemetry to third-party systems
- Supports both cloud and on-premise deployments
Kaspersky EDR Expert Features
- Supported: Extended prevention - EPP included in the license provides detection and prevention based on Machine Learning. It also includes patch management, encryption and Adaptive Anomaly Control, an automatic system hardening tool.
- Supported: Advanced detection - Besides Machine Learning and Behavior Analysis, the solution uses IoC and IoA detection and a customizable Sandbox.
- Supported: MITRE ATT&CK mapping - IoAs and Sandbox detections are mapped to MITRE ATT&CK for the further analysis of the adversary’s Tactics, Techniques and Procedures.
- Supported: Threat hunting - Real-time automated threat hunting with IoAs, access to Threat Intelligence Portal knowledge base and a flexible Query Builder allow for multiple ways to perform proactive threat hunting
- Supported: Forensic investigation - Retrospective analysis can be performed over a vast array of telemetry gathered from each endpoint. It is collected in a centralized cloud or on-prem storage, making the data available even if the compromised endpoint is inaccessible or encrypted.
- Supported: Incident response - Automated, guided and manual ‘one click’ response options are available via the central management console. Options include network isolation, delete file, prevent execution, start process, and get file.
Kaspersky EDR Expert Screenshots
Kaspersky EDR Expert Video
Kaspersky Expert Security
Kaspersky EDR Expert Integrations
- VirusTotal
- Own API for sending telemetry to 3rd party systems
- syslog
- Active Directory
Kaspersky EDR Expert Competitors
Kaspersky EDR Expert Technical Details
| Deployment Types | On-premise, Software as a Service (SaaS), Cloud, or Web-Based |
|---|---|
| Operating Systems | Windows, Linux |
| Mobile Application | No |
| Supported Countries | All |
| Supported Languages | English, Russian |
Frequently Asked Questions
Kaspersky Endpoint Detection and Response (EDR) Expert provides endpoint protection, advanced detection, threat hunting and investigation capabilities and multiple response options in a single package. It is an EDR solution for IT security teams with more mature incident response processes, enabling them to hunt, prioritize, investigate and neutralize complex threats and APT-like attacks.
Kaspersky EDR Expert starts at $52.3.
CrowdStrike Falcon, Sophos Intercept X, and SentinelOne Singularity are common alternatives for Kaspersky EDR Expert.
The most common users of Kaspersky EDR Expert are from Mid-sized Companies (51-1,000 employees).
Kaspersky EDR Expert Customer Size Distribution
| Consumers | 0% |
|---|---|
| Small Businesses (1-50 employees) | 3% |
| Mid-Size Companies (51-500 employees) | 46% |
| Enterprises (more than 500 employees) | 51% |
Comparisons
Compare with
Reviews and Ratings
(15)Attribute Ratings
Reviews
(1-10 of 10)Companies can't remove reviews or game the system. Here's why
Score 10 out of 10
Vetted Review
Verified User
- Strongest endpoint protection product on the market according to 3rd party evaluation
- Actionable detection data
- Sandbox is extremely useful
- It would be great to add SOAR product or capabilities into portfolio
- As for EDR product itself, I haven't ran into any issues
- Collecting data from windows hosts
- Correlating collected data and composing incidents
- Clearing the situation with impacted hosts during cybersecurity incidents
- Linux-systems support on the same level like windows systems
- Untying from Kaspesky ATA
- AI add to ease the way of profiling the system (it requires 1 FTE to examine all the incidents on 10 000 hosts? too much)
March 30, 2024
Kaspersky EDR Expert Review
Score 10 out of 10
Vetted Review
Verified User
- Detection
- Embedded Sandbox is a really good stuff, I can see detailed activity with visualization of any malicious sample
- Simple interface. Usability.
- Additional reporting capabilities
- Include TI offering into EDR offering
- Cover IoT
March 29, 2024
Detect advanced threats with Kaspersky EDR Expert
Score 9 out of 10
Vetted Review
Verified User
- Detection
- Threat hunting
- Enrichment
- Response
- ChromeOS support
- Integration with Intel TDT
February 08, 2024
Automating EDR tasks with Kaspersky EDR Expert
- App-control
- Web-filetring
- Antivirus
- OS-integration
- Cloud-implementation
- Scripting
January 19, 2024
Kaspersky EDR Expert - Catch and Respond.
- Quickly detects and responds to threats.
- Easy to use.
- Outstanding performance.
- Better reporting.
- Better view of the cyber killchain.
- Basic control panel.
November 29, 2023
A good solution with significant security risks
- Identify and automatically respond to end-point security threats
- Protect end-point systems against a broad range of cyber attacks
- Reduce operational costs to support EDR services
- From experience, this systems has not offered a credible defense against potential nation-state cyberattacks
- From experience, this system has not offered a credible data protection against nation-state cyberattacks
- Limited visibility into the cyber kill chain for this service
- From experience, a high rate of false positives
- Control council needs to be improved
- Automate patch updates
November 20, 2023
Kaspersky - intuitive software for endpoint security.
- Identify and automatically respond to security threats.
- Provide Real-time issue reports.
- Quick and easy endpoint deployment.
- It would be nice to have more insight into the kill chain of potential infections and malware.
- Remote interface is a little lacking as to why a file was flagged.
November 17, 2023
Affordable and ideal to small businesses
- Protect client computer from malicious attacks
- Protects from malware attacks
- Protects agains Phishing attacks
- The central console could be improved
- More assistance in patch update
- Less false positives
November 14, 2023
Kaspersky works for us.
- Password Management.
- Blocking malware.
- Identifying outdated passwords and protections.
- Ease of interface could be enhanced.
- Would like additional reporting capabilities.
- Better notification when updates will be processed.