Independent security testing organization SE Labs has awarded Kaspersky Endpoint Detection and Response Expert a “AAA” rating in its first comparative Enterprise Advanced Security assessment of EDR products. In the test, Kaspersky EDR Expert achieved 100% “Total Accuracy Rating”, detecting every element of each threat with no false positives. 

Cybercrime is a rising threat, predicted to reach a global cost of $10.5 trillion by 2025. Not only are the number of threats rising, but the attacks themselves are also becoming more sophisticated, with criminals using new tools and methods to breach target networks. It is therefore important for businesses to have robust and reliable detection and response tools in place, to secure their network across all devices.

To determine how effective each EDR product is, SE Labs ran several full-chain attacks against the offerings of five different cybersecurity companies. These were based on real attacker behavior, using the ATT&CK MITRE framework to ensure the environment is as realistic as possible. The tests consisted of 17 attacks in total, from four different APTs – Wizard Spider, Sandworm, Lazarus Group and Operation Wocao. Products were then scored on their ability to detect the attack at various different stages, helping to identify any weaknesses in a particular area.

Kaspersky EDR Expert managed to detect every one of the 17 attacks, across all stages, receiving a “Total Accuracy Rating” of 100%. This score came from the product’s “Detection Accuracy” and “Legitimate Accuracy” ratings, meaning that it not only identified the full range of attacks, but it also avoided identifying any false positives. This put Kaspersky in first place out of five companies tested for its EDR product, earning SE Labs’ highest possible “AAA” rating. 

“As advanced cyberthreats become more commonplace, businesses need to ensure they have efficient cybersecurity measures in place to keep them safe. Enterprise Advanced Security assessment of EDR products by SE Labs puts the available security offerings to the test against the full-chain attacks of several known APT groups to evaluate their quality, and uses advanced scoring system to easily identify the best solution. Kaspersky has participated in this assessment starting from its launch as Breach Response Test in 2019, and we are excited to receive regular confirmation about Kaspersky EDR Expert’s true capabilities at the highest level,”  comments Alexander Liskin, Head of Threat Research at Kaspersky. 

“SE Labs has the most advanced and transparent security testing methodology, which is why we trust them to test our products publicly. Independent tests provide us with additional control over the quality of protection made available to our customers and confirms the company’s success in keeping up with the evolving threat landscape”,adds Liskin.

“There are many different parts to a cyberattack and it’s important to use them all when assessing security products. They might miss one but catch another. In this case Kaspersky EDR Expert caught them all, which is extremely impressive and reassuring”, comments Simon Edwards, CEO, SE Labs.

Kaspersky Endpoint Detection and Response Expert provides visibility across all endpoints on a company’s corporate network and delivers superior defense, enabling automation of routine tasks to discover, prioritize, investigate, and neutralize complex threats and APT-grade attacks.

The full report, detailing the performance of Kaspersky EDR Expert during the SE Labs’ test, is available via this link: https://selabs.uk/reports/enterprise-advanced-security-edr-2022-q2-detection/

For more information about Kaspersky Endpoint Detection and Response Expert, visit our website: https://www.kaspersky.com/enterprise-security/endpoint-detection-response-edr

Liked this post? Follow SwirlingOverCoffee on Facebook, YouTube, and Instagram.