The Global Endpoint Detection and Response Market continues to expand, projected to reach $7.1 billion worldwide by 2028. With the surge in threats and the increasing complexity of attacks, companies must prioritize dependable detection and response solutions to safeguard their business environment across all devices.
Independent security testing organisation SE Labs ran sixteen full chain attacks based on four different advanced persistent threats (APTs) – Turla, Ke3chang, Kimsuky, and ThreatGroup3390 against six EDR products to assess their detection abilities. These attacks were based on real attackers’ behavior and each product was examined at different stages: from penetration and permission escalation to propagation through the corporate networks and data exfiltration.
Kaspersky EDR Expert managed to detect each of the sixteen attacks, across all stages, receiving a ‘Total Accuracy Rating’ of 100% gaining the maximum possible 1188 points. This score came from the product’s ‘Detection Accuracy’ and ‘Legitimate Accuracy’ ratings, meaning that it not only identified each stage of attacks, but it also avoided generating any false positives. The Kaspersky solution was awarded with the highest possible ‘AAA’ rating.
“Independent tests let us control the quality of our solutions and confirm the company’s success in keeping up with the evolving threat landscape. We are excited to receive recognition from SE Labs regarding Kaspersky EDR Expert’s superior capabilities. It proves that we are moving in the right direction”, comments Alexander Liskin, Head of Threat Research at Kaspersky.
“Kaspersky has performed consistently well in SE Labs’ advanced security testing from the very beginning. Our tests expose products to standard and advanced threats faced by businesses and individuals across the globe. This is an extremely challenging prospect and the fact that Kaspersky has a demonstrated history of success is extremely admirable,” says Simon Edwards, Founder, and CEO, of SE Labs
The Kaspersky Endpoint Detection and Response Expert offers an extensive scope of visibility encompassing all endpoints within a corporate network. Through its advanced capabilities, it provides heightened defense mechanisms while streamlining the execution of routine tasks associated with Endpoint Detection and Response (EDR). This automation empowers analysts to efficiently track, categorize, scrutinize, and mitigate intricate threats and Advanced Persistent Threat (APT)-type attacks.
By integrating this expert solution into a company's security infrastructure, organizations can attain a more holistic understanding of their network's endpoints. This, in turn, contributes to a proactive security posture that can quickly identify and prioritize potential threats. The automated workflows embedded within the system enhance the speed at which analysts can perform vital tasks, allowing them to swiftly address emerging challenges.