Kaspersky unveils second generation of KATA (Kaspersky Anti Targeted Attack) platform

Kaspersky makes significant changes to the GUI and reporting, as well as other enhancements to its advanced threat protection platform.

Michael Canavan, SVP, B2B Sales, Kaspersky Lab North America

A year ago, the feature announcement at Kaspersky Lab’s North American Partner Conference was KATA – the Kaspersky Anti Targeted Attack Platform – a multilayered solution designed to protect against the top one per cent of advanced threats and targeted attacks. Now Kaspersky has announced a new version of KATA, which builds in changes from a year of feedback.

“The KATA 1.0 release ensured that we had all the back end technology right and steamlined,” said Michael Canavan, SVP, B2B Sales, Kaspersky Lab North America. “KATA 2.0 makes adjustments based on feedback from our customers and partners, to make it more usable. It provides better security for customer environments, and makes it more efficient when partners use it for monitoring.”

Canavan said that both customer and partner response to KATA have been positive.

“The main concerns were around the user interface and reporting capabilities,” Canavan said. “So we remedied the reporting issues, and enhanced the GUI, and believe that this will only drive the product farther.” The revamped dashboard now provides detailed information on the status of periodic checks, the latest events and incident information, with collated data on corresponding events.

Canavan said in KATA’s first year, it had not been confined to very large customers, but had a fairly wide base of adoption.

“It was a mix across the board in terms of customer size,” he said. “It really is aimed at those customers who are very conscious and conservative in terms of risk posture. That’s more important than the size of the organization. Enhancements in this version will help organizations that don’t have higher end security expertise, so smaller customers who don’t have that depth will be well served by this.”

Kaspersky made several new enhancements, in addition to the GUI and reporting changes.

“We had requests to do an integration with our Kaspersky Secure Mail Gateway in order to block malicious emails,” Canavan said. “The mail sensor can now be added into KATA.”

Another addition in this version is sandbox clustering.

“This is really meant for larger organizations,” Canavan stated. “With sandbox clustering, the sandboxes are aware of what each other is processing.”

Another sandbox addition, which Canavan described as a niche feature that was particularly sought by some customers, is the ability to reprocess suspicious data and repeatedly scan it, in the event that it is well-concealed malware.

“You can now grab a sample or a file and drop it in the sandbox, and reprocess that information and look at something suspicious again,” he said.

Another enhancement is aimed at smaller customers.

“We have added VMware ESXI support with this version,” Canavan said. “For very small organizations, it will let them roll it out in a virtualized infrastructure. In other cases, for proof-of-concepts, it makes the barrier to entry easier for customers taking a look at the solution.”

While KATA is an advanced solution, Canavan noted that it is open for all Kaspersky partners to sell.

“A certification for KATA specialization is available, but that’s more about partners moving from solution sales to solution sales and monitoring capabilities,” he said. “We are interesting in adding more partners who would like to work with KATA, especially in Canada.”

The new version of KATA is ready to go in the U.S. and Canada.