Detection and Response solutions

Kaspersky Detection and Response solutions are security systems for detecting advanced threats and indicators of attack on different levels of an organization's infrastructure. Detection and Response solutions provide information about the detected threat and allow to manage Threat Response actions.

Thus, Detection and Response solution do the following:

• Receive information about the operation of a computer, server, or other devices (telemetry).
• Automatically analyze the information to detect threats.
• Generate alert details as columns of the threat development chain for analysis and choosing Threat Response actions.
• Carry out Threat Response actions (for example, network isolation of the computer).

Kaspersky Endpoint Security supports Detection and Response solutions using a built-in agent. The built-in agent sends telemetry to servers of solutions and carries out Threat Response actions. The built-in agent supports:

• Kaspersky Managed Detection and Response (MDR);
• Kaspersky Endpoint Detection and Response Optimum 2.0 (EDR Optimum);
• Kaspersky Endpoint Detection and Response Expert (EDR Expert);
• Kaspersky Anti Targeted Attack Platform (Endpoint Detection and Response component);
• Kaspersky Sandbox 2.0.

You can use Kaspersky Endpoint Security with Detection and Response solution in different configurations, for example, [MDR+EDR Optimum 2.0+Kaspersky Sandbox 2.0].