Comparison of commercial license tiers
The set of features available in Kaspersky Managed Detection and Response depends on the tier of your commercial license (see the table below).
Comparison of Kaspersky Managed Detection and Response commercial license tiers
Feature |
MDR / MDR Expert |
MDR Optimum* |
MDR Basic* |
MDR Advanced* |
MDR Prime* |
|---|---|---|---|---|---|
24x7 monitoring, incident detection and management |
|
|
|
|
|
Automatic threat hunting |
|
|
|
|
|
Response playbooks and automatic incident response |
|
|
|
|
|
Security health check and asset visibility |
|
|
|
|
|
Kaspersky MDR Web Console with dashboards and reports |
|
|
|
|
|
Ability to receive advanced incident information |
|
|
|
|
|
Incident history retention period |
1 year |
1 year |
1 year |
1 year |
1 year |
Raw data retention period |
3 months |
1 month |
1 month |
3 months |
3 months |
Managed threat hunting and incident investigation |
|
|
|
|
|
Extended expert support for incident management |
|
|
|
|
|
Access to Kaspersky Threat Intelligence Portal |
|
|
|
|
|
API for exporting Kaspersky MDR data |
|
|
|
|
|
Customers can create a custom incident to be processed by the Kaspersky MDR solution** |
|
|
|
|
|
Localized data storage and workgroups |
|
|
|
|
|
Multitenancy |
|
|
|
|
|
Adding and editing comments to incidents |
|
|
|
|
|
Adding and editing attachments to incidents |
|
|
|
|
|
Advanced incident investigation: analysis to establish the background, circumstances and detailed attack mechanism |
|
|
|
Customers cannot choose the incidents for advanced investigation; there is no guaranteed incident response time |
Customers can choose the incidents for advanced investigation (within the purchased time limit); there is a guaranteed incident response time |
*This tier is available for some regions only and may be unavailable for purchase by new customers. Contact your Kaspersky Managed Detection and Response solution provider for details about the commercial license tiers available to you.
**Kaspersky Managed Detection and Response solution ensures processing of three requests per week in accordance with performance targets of the solution delivery. The number of requests processed in accordance with performance targets of the solution delivery is increased proportionally: for every 10,000 connected endpoints, the number of requests is increased by 1.