Kaspersky Endpoint Security 12 for Windows

Managed Detection and Response

8 July 2024

ID 206310

Kaspersky Endpoint Security for Windows supports integration with the Managed Detection and Response solution. The Kaspersky Managed Detection and Response (MDR) solution automatically detects and analyzes security incidents in your infrastructure. To do so, MDR uses telemetry data received from endpoints and machine learning. MDR sends incident data to Kaspersky experts. The experts can then process the incident and, for example, add a new entry to Anti-Virus databases. Alternatively, the experts can issue recommendations on processing the incident and, for example, suggest isolating computer from the network. For detailed information about how the solution works, please refer to the Kaspersky Managed Detection and Response Help.

Configurations of Kaspersky Endpoint Security for integrating with MDR

The following configurations can be used to work with MDR:

  • [KES+built-in agent]. In this configuration, Kaspersky Endpoint Security acts as both the application that ensures the security of the computer and the application for working with MDR. The built-in agent is available in Kaspersky Endpoint Security 11.6.0 for Windows or later.
  • [third-party EPP+EDR Agent]. In this configuration, the security of the IT infrastructure is provided by the third-party Endpoint Protection Platform (EPP). The interaction with MDR is provided by Kaspersky Endpoint Security in the Endpoint Detection Response Agent (EDR Agent) configuration. In this configuration, EDR Agent is compatible with third-party EPP applications. EDR Agent is available in Kaspersky Endpoint Security 12.3 for Windows or later.

Support for previous versions of Kaspersky Endpoint Security

Kaspersky Endpoint Security version 11 and later supports the MDR solution. Kaspersky Endpoint Security versions 11 – 11.5.0 only sends telemetry data to Kaspersky Managed Detection and Response to enable threat detection. Kaspersky Endpoint Security version 11.6.0 has all the functionality of the built-in agent (Kaspersky Endpoint Agent).

If you are using Kaspersky Endpoint Security 11 – 11.5.0, you must update databases to the latest version to work with the MDR solution. You must also install Kaspersky Endpoint Agent.

If you are using Kaspersky Endpoint Security 11.6.0 or higher, you do not need to install Kaspersky Endpoint Agent to use the MDR solution.

If the Kaspersky Endpoint Security policy also applies to computers that do not have Kaspersky Endpoint Security 11 – 11.5.0 installed, you must first create a separate Kaspersky Endpoint Agent policy for those computers. In the new policy, configure integration with Kaspersky Managed Detection and Response.

In this Help section

Integration of the built-in agent with MDR

KEA to KES Migration Guide for MDR

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.