Kaspersky Next

XDR Expert
Unparalleled insight. Total protection.
 Kaspersky Extended Detection
The complexity
and Response
of businesses
cybersecurity Complete visibility. Unmatched protection.
The cyberthreat landscape As part of the Kaspersky Next product line, we have introduced
makes it extremely challenging for Kaspersky Next XDR Expert, a solution that embodies Kaspersky's
organizations to stay on top of their XDR approach and provides an all-encompassing view of a company's
cybersecurity while focusing on core
business operations. Add an ever-
security.
expanding attack surface, regulatory
requirements, and the global skills Kaspersky XDR is a robust cybersecurity solution that defends against
gap to the mix and it’s easy to see sophisticated cyberthreats. It provides full visibility, correlation &
why modern businesses are under automation, leveraging a diverse range of data sources, including
so much pressure — and why so many endpoint, network and cloud data.
cyberattacks succeed.
It evolved from Kaspersky Anti-Targeted Attack platform as Native
XDR in 2016 to Open XDR in 2023, providing an all-encompassing
view of security. Easily managed from the Open Single Management

51%
Platform, Kaspersky XDR offers a comprehensive on-premise security,
ensuring that customers’ sensitive data remains within their own
infrastructure while meeting data sovereignty requirements.
of companies struggle to detect
and investigate advanced Open XDR
threats with current tools Open XDR solutions are designed to work with a wide range of security
products, allowing organizations to integrate various security products
from different vendors, offering more flexibility and vendor-agnostic

68%
capabilities.

Native XDR
of companies experienced
a targeted attack on their Native XDR solutions typically work seamlessly with the vendor's own
networks and suffered data loss ecosystem of security tools, providing a more unified and cohesive
as a direct result experience. These solutions are purpose-built to work together,
offering deep integration, automation, and streamlined workflows
within the vendor's security product suite.

$6 trillion
per year: the global annual cost Key technologies
of cybercrime

We offer Open XDR as a single open platform — a universal tool

400 000
to create a unified ecosystem of cybersecurity products. At the
core of Kaspersky XDR are our leading solutions — Kaspersky Unified
Monitoring and Analysis Platform, Kaspersky Next EDR Foundations
and Kaspersky Endpoint Detection and Response Expert. For advanced
new pieces of malware are network management, KATA is an additional option.
detected every day

Monitoring and Analysis

Sources: Kaspersky, PurpleSec,
CybersecurityVentures
Provides centralized collection and analysis of logs, correlation
of security events in real time and timely notification of incidents.
Includes a ready-made set of correlation rules and access to the rich
portfolio of Kaspersky Threat Intelligence services to identify and
prioritize threats, attacks and IoCs.
Endpoint Protection
Delivers robust endpoint protection, protecting against ransomware, malware and fileless attacks. On-premise
or in the cloud, our endpoint protection uses machine learning and behavior analysis to protect all types
of endpoints running any major OS.

Endpoint Detection and Response

Delivers comprehensive visibility and superior defenses across all an organization’s endpoints. Enhanced
threat hunting and discovery thanks to Kaspersky’s unique, wide-ranging threat intelligence, plus automation
of routine tasks, guided investigation processes and customizable detections all promote quick incident
resolution.

Centralized Asset Threat Detection &

Playbooks
Management Cross-Correlation

Log Management & Dashboards Investigation

Data Lake & Repo ing Graph

Case Deployment 3rd pa

Management Toolkit connectors

Response Data

Enrichment Response

• Kaspersky Anti Targeted Attack

3rd pa y
• Kaspersky Endpoint Products solutions
Kaspersky Kaspersky
Threat Security
Intelligence Awareness

• Endpoints • Network • OS • Other

products
• Servers • Applications • Vi ual Machines
Powerful features, significant benefits

Real-time data fusion Automated Response Best-in-class EPP / EDR

from third parties and Remediation Recognized as the global leader,
Kaspersky sets the benchmark for EPP /
The capability to integrate data from Quarantine or isolate compromised EDR solutions worldwide. Kaspersky
third-party sources extends beyond just endpoints, block malicious activities, EDR excels on a global scale, backed
endpoints and is enhanced by real-time and remediate vulnerabilities, reducing by awards and active participation
cross-correlation. manual effort and response time. in international committees such
as Interpol and MAPP.

Unrivaled scalability Data sovereignty Seamless & tight

Capable of supporting loads Kaspersky XDR is one of the few integration across
encompassing hundreds of thousands
of endpoints on a single instance,
vendors offering a comprehensive
onpremise XDR solution, ensuring
Kaspersky products
Kaspersky XDR diligently tracks customers' sensitive data remains within Interaction between products reaches
threats in real-time while ensuring high their own infrastructure while meeting a level that remains beyond the reach
availability. data sovereignty requirements. of third-party solutions, boasting
a unified support system and seamlessly
integrated design.

Multi-tenancy that Advanced security

enables MSSP scenarios scenario customization
Provide XDR as a service with full- and infrastructure-wide
fledged tenants — users of one tenant
cannot see the data of other tenants,
data analysis
while the main admin (the MSSP) can Empowering users to configure intricate
build detection and response processes security scenarios with the added ability
for all clients. to analyze data across their entire
infrastructure.
Integration capabilities
The wide range of integrations which work with Kaspersky XDR provides a unified and contextualized view
of potential threats, giving your security team all the tools and information they need to protect your
organization from whatever cybercriminals throw at you.

The product's integration capabilities encompass the ability to receive data (logs) from other systems and
devices, as well as to set up automated responses in other products. Kaspersky XDR comes with a wide range
of out-of-the-box integrations, with Kaspersky and third-party products. It’s also possible to add additional
integrations which can be developed either by Kaspersky Professional Services or by partners or customers
themselves (including using the API capabilities of connectable products). Integration is possible with systems
from various domains and different vendors, and numerous protocols and data formats are supported.

By security domain By transport type

Endpoint Security Threat Intelligence • TCP • File

• UDP • 1c-log and
• EPP & EDR solutions • Cyber Threat Intelligence (CTI) • Netflow 1c-xml
• sflow • Diode
Network & Web & Email Identity Security • nats-jetstream • FTP
• kafka • NFS
Security • Identity and Access • HTTP • WMI
• Email Protection Management (IAM) • SQL • WEC
• Network Detection and • Privileged Access Management • SQLite • SNMP
Response (NDR) (PAM) • MSSQL • SNMP-TRAP
• Firewalls (FW) and Next-Gen • MySQL • VmWare API
Firewalls (NGFW) • PostgreSQL
OT / IoT Security / Security • Cockroach
• Unified threat management
(UTM) Awareness • Oracle
• Intrusion Detection Systems • Firebird
(IDS)

Cloud Security
• Cloud Access Security Brokers By type of data
(CASB)
• Cloud Workload Protection
Platforms (CWPP) • XML • IPFIX
• Syslog • CEF
• Csv • Netflow 5
• JSON • Netflow 9
• SQL • KV

By vendor

• Kaspersky • Claroty • Fortinet • Minerva • SentinelOne

• Absolute • CloudPassage • Gigamon • NetIQ • Sonicwall
• AhnLab • Corvil • Huawei • NetScout • Sophos
• Aruba • Cribl • IBM • Netskope • ThreatConnect
• Avigilo • CrowdStrike • Ideco • Netwrix • ThreatQuotient
• Ayehu • CyberArk • Illumio • Nexthink • Trend Micro
• Barracuda • DeepInstinct • Imperva • NIKSUN • Trustwave
• BeyondTrust • Delinea • Orion Soft • Oracle • VMWare
• Bloombase • EclecticIQ • Intralinks • PagerDuty • Vormetric
• BMC • Edge • Juniper • Palo Alto • WatchGuard —
• Bricata Technologies • Kemptechnologies • Penta Security Firebox
• Brinqa • Eltex • Kerio • Proofpoint • Winchill Fracas
• Broadcom • Eset • Lieberman • Radware • Zettaset
• CheckPoint • F5 BigIP • MariaDB • Recorded • Zscaler & etc.
• Cisco • FireEye • Microsoft • ReversingLabs
• Citrix • Forcepoint • MikroTik • SailPoint
What we offer
Kaspersky XDR is available in two options.

Kaspersky XDR Core

Kaspersky XDR Core is for customers who already have endpoint and EDR solutions in place and don’t want
to replace them, preferring to extend the functionality with a correlation engine, automated responses and
third-party connectors.

Centralized Asset Threat Detection &

Playbooks
Management Cross-Correlation

Log Management & Dashboards Investigation

Data Lake & Repo ing Graph

Case Deployment 3rd pa

Management Toolkit connectors

Response Data

Enrichment Response

• Kaspersky Anti Targeted Attack

3rd pa y
• Kaspersky Endpoint Products solutions
Kaspersky Kaspersky
Threat Security
Intelligence Awareness

• Endpoints • Network • OS • Other

products
• Servers • Applications • Vi ual Machines
Kaspersky Next XDR Expert
Kaspersky Next XDR Expert combines best-in-class endpoint protection with the advanced detection
capabilities of Kaspersky EDR Expert, a correlation engine and automated responses. Third-party connectors
can be added to pull all the data together.

Centralized Asset Threat Detection &

Playbooks
Management Cross-Correlation

Log Management & Dashboards Investigation

Data Lake & Repo ing Graph

Case Deployment 3rd pa

Management Toolkit connectors

Response Data

Enrichment Response

• Kaspersky Anti Targeted Attack

3rd pa y
• Kaspersky Endpoint Products solutions
Kaspersky Kaspersky
Threat Security
Intelligence Awareness

• Endpoints • Network • OS • Other

products
• Servers • Applications • Vi ual Machines

Added value with supplementary sensors

Kaspersky XDR supports seamless integration of supplementary sensors designed to protect specific assets,
integrating seamlessly into XDR to deliver an added layer of value, and transforming XDR into a cohesive
platform that gives analysts a centralized workspace spanning all integrated solutions.

Kaspersky XDR not only boosts your defenses through EDR, but also offers flexible integration capabilities,
so customers can add products to the ecosystem at any point.
 Kaspersky Kaspersky
XDR Core Next XDR Expert

Open Single Cross-correlation Engine

Management • 3rd party connectors
• Log Management & Data Lake
Platform • Threat Detection and Cross-
correlation
and its • Asset Management
components • Dashboards & Reporting

XDR components
• Case Management
• Response automation and
orchestration (playbooks)
• Investigation
• Deployment Toolkit
• Open API

Kaspersky Automated, semi‑automated

& manual detection
Endpoint
functionality*
Monitoring across protected
endpoints

Threat containment

Recovery options

Mobile protection
and management

Cloud discovery
and blocking

Security for MS O365,

data discovery

Cybersecurity Training
for IT administrator

* Feature availability varies depending on the implementation method

 Kaspersky XDR Core Kaspersky Next XDR Expert

XDR components XDR components

Introducing Kaspersky Next

Robust security Build up your defenses Equip your experts

for everyone Boost your security with essential Protect your business against
investigation and response the most complex and advanced
Protect all your endpoints threats

If you need If you need If you need

• Strong endpoint protection • Enhanced visibility and response • Advanced threat detection
• Basic security controls capabilities • Seamless integration
• Maximum automation • Expanded cloud security • Powerful threat-hunting tools
• Enterprise-grade controls
Why Kaspersky XDR

Most tested. Most awarded. Kaspersky protection.

Kaspersky is an established global cybersecurity company with a strong track record of security expertise.
We’ve been protecting organizations around the world for over 25 years and have received countless awards
and accolades for our products and services. Between 2013 and 2022, Kaspersky products:

827 587 685

participated in 827 independent achieved 587 first places achieved top-three finishes
tests and reviews

In 2023, Kaspersky was named the Leader in the XDR solutions market by leading global technology research
and advisory firm ISG. ISG defines ‘leaders’ as having a comprehensive product and service offering and
represent innovative strength and competitive stability.

Learn more

Request a Demo

www.kaspersky.com

© 2024 AO Kaspersky Lab.

#kaspersky
#bringonthefuture
Registered trademarks and service marks
are the property of their respective owners.