Kaspersky Managed Detection and Response

Comparison of commercial license solutions: MDR Optimum, MDR Expert, MDR Basic, MDR Advanced, and MDR Prime

February 12, 2024

ID 206800

The set of features available in Kaspersky Managed Detection and Response depends on the solution of your commercial license (see the table below).

Comparison of Kaspersky Managed Detection and Response commercial license solutions

Feature

MDR Optimum

MDR Expert

MDR Basic
(available in some regions only)

MDR Advanced
(available in some regions only)

MDR Prime
(available in some regions only)

24x7 monitoring, incident detection and management

yes_icon

yes_icon

yes_icon

yes_icon

yes_icon

Automatic threat hunting

yes_icon

yes_icon

yes_icon

yes_icon

yes_icon

Response playbooks and automatic incident response

yes_icon

yes_icon

yes_icon

yes_icon

yes_icon

Security health check and asset visibility

yes_icon

yes_icon

yes_icon

yes_icon

yes_icon

MDR Web console with dashboards and reports

yes_icon

yes_icon

yes_icon

yes_icon

yes_icon

Ability to receive advanced incident information

yes_icon

yes_icon

yes_icon

yes_icon

yes_icon

Incident history retention period

1 year

1 year

1 year

1 year

1 year

Raw data retention period

1 month

3 months

1 month

3 months

3 months

Managed threat hunting and incident investigation

No

yes_icon

No

yes_icon

yes_icon

Extended expert support for incident management

No

yes_icon

No

yes_icon

yes_icon

Access to the Threat Intelligence Portal

No

yes_icon

No

yes_icon

yes_icon

API for MDR data export

No

yes_icon

No

yes_icon

yes_icon

Customer can create a custom incident for processing by the MDR Solution*

No

yes_icon

No

yes_icon

yes_icon

Localized data storage and workgroups

No

No

yes_icon

yes_icon

yes_icon

Multitenancy

yes_icon

yes_icon

yes_icon

yes_icon

yes_icon

Adding and editing comments to incidents

yes_icon

yes_icon

yes_icon

yes_icon

yes_icon

Adding and editing attachments to incidents

yes_icon

yes_icon

yes_icon

yes_icon

yes_icon

Advanced incident investigation: analysis to establish the background, circumstances and detailed attack mechanism

No

No

No

yes_icon

Customer can not choose the incidents for advanced investigation; no guaranteed incident response time

yes_icon

Customer can choose the incidents for advanced investigation (within the purchased time limit); guaranteed incident response time

*The Solution ensures the processing of three requests per week in accordance with performance targets of the Solution delivery. The number of requests processed in accordance with performance targets of the Solution delivery is increased proportionally: for every 10,000 connected endpoints, the number of requests is increased by 1.

There are additional services and options to enable. Contact your MDR supplier for details.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.