kaspersky managed protection overview
TRANSCRIPT
KASPERSKY MANAGED PROTECTION
Round-the-clock monitoring and incident response service from Kaspersky Lab, the recognized world leader in investigating targeted attacks
Despite the continuous improvements made to security solutions, it is impossible to prevent all attacks, because technical measures alone can only reliably detect known threats.
The Kaspersky Managed Protection service offers users of Kaspersky Security for Business and Kaspersky Anti Targeted Attack Platform a unique combination of advanced technical measures to detect and prevent targeted attacks. The service includes round-the-clock monitoring by Kaspersky Lab experts and continuous analysis of cyber threat data (Cyber Threat Intelligence), ensuring real-time detection of both known and new cyberespionage and cybercriminal campaigns targeting critical information systems.
Monitoring center * For isolated infrastructure - Kaspersky Private Security Network
Key advantages
• High level of protection against targeted attacks and malware with support from Kaspersky Lab analysts working 8x5 or 24x7.
• An understanding of who the attackers are, their motivation, their methods and tools, as well as the potential damage, makes it possible to organize more effective protection.
• Detection of non-malware attacks, attacks involving previously unknown tools or attacks exploiting zero-day vulnerabilities.
• Retrospective analysis of incidents and threat hunting.
• Reduction in overall security costs while simultaneously enhancing the quality of protection thanks to the professional service offered by the world leader in analyzing cyberattacks, their methods and technologies. This is far more economical than employing narrowly focused specialists.
• Integrated approach. With the range of Kaspersky Security for Business solutions, Kaspersky Lab possesses the technology and services to organize a complete cycle of protection against targeted attacks: Preparation - Detection - Investigation - Data Analysis - Automated Protection.
The service is available for users of Kaspersky Security for Business and Kaspersky Anti Targeted
Attack Platform.
How Kaspersky Managed Protection works
As part of the service, Kaspersky Lab experts monitor the operation of Kaspersky Security for Business and Kaspersky Anti Targeted Attack Platform installed on customer networks for signs of active attacks. In particular, this is done by proactively collecting metadata on network and system activity. This information is collected using Kaspersky Private Security Network or Kaspersky Security Network technologies and studied by the analysts from the monitoring service based on data about active targeted attacks, as well as cyber threat data analysis (Threat Intelligence) that identifies the tactics, techniques and procedures used by attackers.
The management system is equipped with automated tools for analyzing the gathered metadata that allow the monitoring service analysts to accurately evaluate the level of danger posed by network and system activity.
The round-the-clock monitoring service:
• quickly detects incidents
• collects sufficient information about incidents to classify them (false positive or correct detection)
• identifies how common the collected artifacts are, determining the degree of attack uniqueness • initiates the process of responding to an information security incident
• initiates any necessary updates of antivirus databases to block the spread of threats
The gathered metadata is used when investigating incidents for a retrospective analysis of system and network activity by processes and applications.
World-class expertise
Countering targeted attacks requires extensive experience of detecting them as well as constant study of the mechanisms used to deploy them. In 2008, Kaspersky Lab became the first IT company to establish a dedicated center for investigating complex threats. That’s why Kaspersky Lab has detected more sophisticated targeted attacks (including a number of major attacks) than any other provider of security solutions. When a new targeted threat is detected, it is highly likely that it was discovered by Kaspersky Lab’s Global Research & Analysis Team (GReAT).
The knowledge obtained as a result of our threat analysis is used in developing Kaspersky Lab products: the cloud reputational database – Kaspersky Security Network – uses the analytical data received in real time from more than 80 million nodes worldwide, while GReAT generates a unique database of knowledge and experience. It expands Kaspersky Lab’s ability to detect and investigate increasingly complex and technologically advanced threats, allowing the company to perfect its solutions.
Thanks to its deep expertise, Kaspersky Lab comes top in independent tests for detecting and neutralizing threats more frequently than any other provider of security solutions.
Enterprise solutions : kaspersky.com/enterprise
© Kaspersky Lab. All rights reserved. Registered trademarks and service marks are the property of their respective owners.
Kaspersky Security Network (KSN) is a cloud reputational database of threats, which is updated in real time. The data for KSN is voluntarily provided by more than 80 million users worldwide. Thanks to this cloud network, Kaspersky Lab solutions successfully combat the latest threats.
Kaspersky Private Security Network (KPSN) is the local version of the database installed in an isolated environment, where the use of cloud services is forbidden by safety requirements.
Kaspersky Anti Targeted Attack Platform is a
customized solution developed for medium and large
business that provides timely detection of targeted
attacks and adequate responses to them.