The MDR Plug-in version 2.5.1 now supports MDR operation without the KPSN configuration file.
Kaspersky Endpoint Security for Linux version 12.3 now supports the following response actions:
Isolate
Disable isolation
Quarantine file
Restore file from quarantine
Terminate process
Run process
May, 2025
In the Licensing section of the MDR Plug-in for Kaspersky Security Center:
For each MDR license, the name of the client to which the license is issued is now displayed.
The matrix of usage of specific licenses in tenants is now available.
In the Tenants section of the MDR Plug-in for Kaspersky Security Center:
When creating an MDR configuration file for a specific license, the name of the client for whom the license is issued is now displayed.
The list of tenants now displays the root tenant, which is created by default after activating the client. You can download configuration files for all current licenses for the root tenant.
February, 2025
MDR Web Console now features the Licensing section. The following functionality is available:
Displaying current, unused and expired MDR licenses.
Displaying the total number of assets and their limit for each license.
Downloading the MDR configuration file for the root tenant.
Use the Tenants section to create and download MDR configuration files for other tenants.
Entering a new activation code.
If your organization has multiple licenses, you can only manage them in MDR Plug-in for Kaspersky Security Center. The Licensing section in MDR Web Console becomes read-only.
MDR Plug-in for Kaspersky Security Center now supports applying multiple licenses in your organization. The following functionality is available:
Displaying current, unused and expired MDR licenses.
Terminating a current MDR license.
Entering a new activation code.
Downloading the root tenant's MDR configuration file for a license.
Choosing a license for an MDR configuration file when creating or editing a tenant in the Tenants section.
December, 2024
Simplified activation of Kaspersky Managed Detection and Response on Kaspersky Endpoint Security for Windows devices (starting from version 12.4). All you need is a standard license for Kaspersky MDR solution.
Note that you will still need to use the MDR configuration file (BLOB) in any of the following scenarios:
You have more than one tenant.
You are using the MDR solution together with Kaspersky Endpoint Detection and Response Optimum.
Added support for managing the MDR solution in the Kaspersky Security Center Linux (starting from version 15.1).
MDR Plug-in for Kaspersky Security Center version 2.4.1 is released. It contains the following enhancements:
The ability to configure automatic acceptance of response actions for selected tenants was added in the MDR Plug-in for Kaspersky Security Center.
Enhanced functionality and user interface of the section that provides the list of inactive assets. Such assets have been added to Kaspersky Security Center, have the MDR component installed, but never sent telemetry to Kaspersky Managed Detection and Response. You can filter the assets by MDR status, view the detailed information about each asset, and export the asset list to a CSV file.
This feature is working properly in Kaspersky Security Center 15.1 Windows and later versions, Kaspersky Security Center 15.1 Linux and later versions, and Kaspersky Security Center Cloud Console.
Seamlessly switch widgets to tenant-specific statistics in the monitoring dashboard.
Configure automatic confirmation of response task execution for specific tenants.
Enhanced MDR API for tenant management.
December, 2023
MDR Web Console now contains the Telemetry statistics dashboard, which shows the number of telemetry events, security events, and incidents.
Kaspersky Managed Detection and Response now supports Kaspersky Endpoint Security for Windows in Endpoint Detection and Response Agent (EDR Agent) configuration (with the limitations).
November, 2023
Improved display of asset statuses in MDR Web Console and in MDR Plug-in for Kaspersky Security Center: the asset status now shows the operability of the asset's EPP application components, the asset's anti-virus database update status, and telemetry transmission status.
Asset status now shows the presence of asset's telemetry losses, allowing you to identify assets with telemetry delivery issues. This feature is enabled by default for new customers and will be gradually enabled for existing customers.
October, 2023
The client residency region Saudi Arabia is added, for clients who store telemetry data in the Kingdom of Saudi Arabia.
September, 2023
MDR Plug-in for Kaspersky Security Center version 2.3.1 is released. In this version, the incident management functions have been removed from the MDR section in Kaspersky Security Center. You can manage incidents in MDR Web Console.
July, 2023
MDR Plug-in for Kaspersky Security Center version 2.3.0 is released. It contains the following enhancements:
You can now set up extended notifications in MDR Plug-in.
You can now use MDR functions in Kaspersky Security Center with MDR Plug-in through a proxy server.
You can now change the certificates to use MDR functions in Kaspersky Security Center with a proxy server or anti-virus software.
July, 2022
MDR Plug-in version 2.1.17 is released. This plug-in version is compatible with Kaspersky Security Center version 14 and later.
May, 2022
General enhancements:
The client residency region USA/Canada is added, for clients who store their telemetry data in Northern Europe.
Changed the MDR deployment process description in the help.
Enhancements in MDR Plug-in:
In the Settings section, you can now change the language for notifications in Telegram and email, and for communication in the chat about incidents.
Improved interface for working with pictures and tables in the incident cards.
MDR Expert. In the Service Usage section you can check how many incidents can be created according to the SLA.
Bug fixes and other improvements:
Search in the incident and asset lists is now performed by a full occurrence of the searched substring anywhere in the string.
In Kaspersky Endpoint Security for Mac version 11.2 and later after entering MDR activation code and adding KPSN configuration file, you no longer need to restart your Mac device in order to start a telemetry transfer.
When calculating licenses for virtual machines with Kaspersky Security for Virtualization Light Agent version 5.2 and later, assets that have not transferred telemetry for more than 24 hours are not included.
March, 2022
MDR Optimum users now can chat with Kaspersky SOC analysts about an incident (with the following limitation: requests are processed only in relation to a particular incident and no SLA is applied).
October, 2021
Kaspersky Managed Detection and Response Plug-in for Kaspersky Security Center Web Console and Cloud Console was updated with the enhanced MDR Health functionality:
Improved interface of MDR Health.
The list of assets displays all the assets of all the statuses, which were previously available only in MDR Web Console.
Filtering and sorting options added to work with the list of assets.
July, 2021
Support of Kaspersky Managed Detection and Response in Kaspersky Security Center Cloud Console, which allows managing the solution in the Kaspersky Security Center single administration console. The following features are available with the Kaspersky Managed Detection and Response solution:
New activation wizard, which allows connecting MDR in the Kaspersky Security Center single console
Automatic KPSN configuration, which no longer requires the manual downloading and uploading of a configuration file in the Kaspersky Security Center settings
Getting information about the number of incidents available for registration on the user's side, and which are eligible for processing according to the terms of the service level agreement (SLA)
These features are also available in Kaspersky Security Center Web Console.
Managing several MDR Administrator accounts was added in the MDR Web Console: creating accounts and managing account privileges
New versions of compatible applications no longer require the additional installation of Kaspersky Endpoint Agent. The built-in Kaspersky Managed Detection and Response functionality is compatible with the following EPP applications:
Kaspersky Endpoint Security for Windows 11.6 and later
Kaspersky Endpoint Security for Mac 11.2
Kaspersky Endpoint Security for Linux 11.2
Kaspersky Security for Virtualization 5.2 Light Agent
Filtering by event type was added for Kaspersky Endpoint Security for Windows and for Linux with the built-in Kaspersky Managed Detection and Response functionality, which allows decreasing the load on channels and reducing traffic consumption when sending data by telemetry.
Performing these actions is possible with confirmation from the user who has the MDR Administrator role.
Support of the following new localizations in the web plug-in for Kaspersky Security Center Web Console and Cloud Console: French, German, Italian, and Spanish.
March, 2021
A new web plug-in for Kaspersky Security Center Web Console allows using the following Kaspersky Managed Detection and Response functionality:
Viewing incidents
Creating incidents
Adding comments to the incidents
Contacting Kaspersky Security Operation Center about an incident
Accepting or rejecting the responses, suggested by SOC analysts
Possibility of independent response to an incident:
Isolate assets from the network
Create blocking rules by hash
Create tasks for deleting, moving to quarantine, ending the process, and searching by indicators of compromise (IOC) related to an incident
Monitoring Kaspersky Managed Detection and Response events on dashboards in the monitoring console of Kaspersky Security Center Web Console
Configuring email and Telegram notifications about Kaspersky Managed Detection and Response events
Configuring the schedule of incidents summary sent by email