Kaspersky announced a major update to its Kaspersky Anti Targeted Attack (KATA). With the launch of KATA 7.0, organizations can now benefit from enhanced Network Detection and Response (NDR) capabilities with deeper network visibility, internal threats detection and other critical security features.
According to Kaspersky’s IT Security Economics 2024 report, an overwhelming majority of organizations report network attacks. Large enterprises lead with 97% reporting an attack, followed by SMEs at 88%, and SMBs at 83%. With this in mind, Kaspersky updates its solutions regularly to ensure businesses are equipped to meet evolving security requirements.
The latest enhancements in KATA 7.0 address key customer challenges by delivering full visibility across IT infrastructure, advanced defense against sophisticated threats, and a streamlined, resource-efficient security solution. The update introduces network telemetry export from Kaspersky Endpoint Security for Windows and Linux, adding one more additional source of network data collection to copy of SPAN traffic, which improves visibility and threat detection.
The introduction of new asset management, network map, and network session table modules, provides SOC analysts with enhanced tools for monitoring and managing network security through graphical representations, advanced filtering, and interactive features. These additions create a complete network inventory and management system.
The updated platform also strengthens internal traffic monitoring with new NDR IDS rules for east-west traffic analysis, improving the detection of lateral movement, data exfiltration and other malicious attempts that could previously have gone unnoticed. Additionally, new risk and anomaly detection capabilities identify hidden threats and potential security vulnerabilities before they escalate into breaches, helping organizations proactively manage cybersecurity risks.
As KATA offers comprehensive security at both the network and endpoint levels, its Endpoint Detection and Response technology, EDR Expert, has also undergone significant updates in version 7.0. The variety of collected telemetry types has been expanded, providing enhanced visibility into an event at endpoints.
Threat hunting search capabilities have also been improved, with search now available across all the events attributes. This enables more effective threat detection and creates more accurate exceptions to minimize false positives. Sigma-rules support has also added with this update meaning it is now possible to find threats according to the condition contained in the Sigma rule in historical data or new events collected from the endpoints.
“With the launch of KATA 7.0, we are reinforcing our commitment to providing enterprises with a fully integrated security solution capable of detecting and mitigating complex threats across both network and endpoint levels,” said Alexander Rumyantsev, Senior Product Manager Cloud & Network Security at Kaspersky. “These enhanced NDR capabilities, expanded visibility, and real-time intelligence empower organizations to detect and mitigate threats more effectively than ever before.”
