Kaspersky Anti Targeted Attack Platform (KATA EDR)

icon_KATA

Kaspersky Endpoint Security 11.9.0 adds support for integration with the Kaspersky Endpoint Detection and Response component that is part of the Kaspersky Anti Targeted Attack Platform solution. Kaspersky Anti Targeted Attack Platform is a solution designed for timely detection of sophisticated threats such as targeted attacks, advanced persistent threats (APT), zero-day attacks, and others. Kaspersky Anti Targeted Attack Platform includes two functional blocks: Kaspersky Anti Targeted Attack (hereinafter also referred to as "KATA") and Kaspersky Endpoint Detection and Response (hereinafter also referred to as "KEDR"). You can purchase KEDR separately. For details about the solution, please refer to the Kaspersky Anti Targeted Attack Platform Help.

Kaspersky Endpoint Detection and Response uses the following Threat Intelligence tools:

Principle of operation of the solution

The Kaspersky Endpoint Agent application is installed on individual computers on the corporate IT infrastructure and continuously monitors processes, open network connections, and files being modified. Information about events on the computer is sent to the Kaspersky Anti Targeted Attack Platform server.

Kaspersky Endpoint Agent can integrate with Kaspersky Endpoint Security for Windows. In this case, the Kaspersky Endpoint Agent application also sends information to the Kaspersky Anti Targeted Attack Platform server about threats discovered by Kaspersky Endpoint Security for Windows as well as information about processing results for these threats.

Integration with KATA EDR

Integration with KATA EDR requires adding the Kaspersky Anti Targeted Attack Platform (KATA EDR) component and installing Kaspersky Endpoint Agent. You can select the KATA EDR component during installation or upgrade, as well as using the Change application components task.

The KATA EDR component is not compatible with EDR Optimum and EDR Expert components.

In Kaspersky Endpoint Security 11.9.0, the distribution kit no longer includes the Kaspersky Endpoint Agent distribution package. You can download the Kaspersky Endpoint Agent distribution package from the Kaspersky Anti Targeted Attack Platform distribution kit.

KATA EDR uses information received from application components. The following components ensure the operation of KATA EDR:

Make sure these components are enabled and working.

Page top