Kaspersky Endpoint Detection and Response Expert receives Strategic Leader status from AV-Comparatives

The recognition is for automatically stopping every attack, reporting them correctly, and the consistent mapping of MITRE’s tactics, techniques, and procedures (TTPs). Testers also praised the product for both high return on investment, and low total cost of ownership (TCO).

author-image
SMEStreet Edit Desk
New Update
kaspersky lab, Cybersecurity,

Kaspersky Endpoint Detection and Response Expert has received Strategic Leader status after comprehensive testing by AV-Comparatives. The recognition is for automatically stopping every attack, reporting them correctly, and the consistent mapping of MITRE’s tactics, techniques, and procedures (TTPs). Testers also praised the product for both high return on investment, and low total cost of ownership (TCO). The product also entered the Top-3 of participants with best results in the “Prevention\Response Capability” category.

The capability to reduce the time to detect and respond to malware incidents is crucial, putting ever more importance on the increasing frequency of targeted attacks to enterprise networks driving the global EDR market. As reported by The Insight Partners, the Endpoint Detection and Response market is expected to grow from US$785.5 million (2017) to US$5,871.6 million (2025) at a CAGR of 28.8% (2018 – 2025), meaning EDR is fast becoming a standard cybersecurity tool for most organizations.

According to the AV-Comparatives Enterprise EPR CyberRisk Quadrant - part of the Endpoint Prevention and Response (EPR) Test - Kaspersky Endpoint Detection and Response Expert received the highest level ‘Strategic Leader’, one of the best levels of effectiveness at preventing and responding breaches combined with reasonable product cost and operational accuracy.

Within the Endpoint Prevention and Response (EPR) Test, AV-Comparatives subjected 10 EPR products to 50 separate targeted attack scenarios. Each attack progressed through three separate phases: Endpoint Compromise and Foothold, Internal Propagation and Asset Breach. At each stage, the test lab determined whether the product took automated action to block the threat (active response) or provided information about the attack which the administrator could use to take action themselves (passive response). The ability of each product to take remedial action, such as isolating an endpoint from the network, restoring it from a system image or editing the Windows Registry, was noted. 

“Kaspersky Endpoint Detection and Response Expert was able to protect against all the targeted attacks during the assessment, before the threats could progress inside and infiltrate the organization’s network. It demonstrated both cumulative Active and Passive Response rates at 100 percent.” - comments Andreas Clementi, CEO and founder of AV-Comparatives.

“We are pleased to receive the new confirmation about the true capabilities of Kaspersky EDR to actively protect enterprise infrastructure from targeted attacks. We participate in such complex assessments to independently verify that we develop the efficient technologies inside the security solutions, and we are ready to protect customers’ corporate networks” – said Alexander Liskin, Head of Threat Research at Kaspersky.

Anti Virus cybersecurity AV-Comparatives’ Kaspersky Endpoint Detection