Kaspersky Detection and Response solutions are security systems for detecting advanced threats and indicators of attack on different levels of an organization's infrastructure. Detection and Response solutions provide information about the detected threat and allow managing Threat Response actions.
Thus, Detection and Response solution do the following:
Receive information about the operation of a computer, server, or other devices (telemetry).
Automatically analyze the information to detect threats.
Generate alert details as columns of the threat development chain for analysis and choosing Threat Response actions.
Carry out Threat Response actions (for example, network isolation of the computer).
Kaspersky Endpoint Security supports Detection and Response solutions using a built-in agent. The built-in agent sends telemetry to servers of solutions and carries out Threat Response actions. The built-in agent supports:
Kaspersky Managed Detection and Response (MDR)
Kaspersky Endpoint Detection and Response Optimum 2.0 (EDR Optimum)
Kaspersky Endpoint Detection and Response Expert (EDR Expert)
Kaspersky Anti Targeted Attack Platform:
Endpoint Detection and Response (EDR) version 7.1 or earlier
Network Detection and Response (NDR)
KATA Sandbox
Kaspersky Endpoint Detection and Response Expert (on-premise)
Kaspersky Sandbox 2.0.
You can use Kaspersky Endpoint Security with Detection and Response solution in various configurations, for example, [EDR Optimum+MDR].