Kaspersky Endpoint Security for Business 11 features dynamic machine learning, EDR integration

On the pure productivity side, Kaspersky Lab has upgraded its flagship product’s scalability, doubling the number of endpoints it can support per server, and more than doubling performance.

Today, Kaspersky Lab is announcing the new Version 11 release of their flagship product, Kaspersky Endpoint Security for Business. It features what the company says is a completely new design, with enhanced next-gen capabilities such as dynamic machine learning. New capabilities include credential leakage prevention against hacker tools. Basic productivity has also been enhanced, which doubling both the product’s scalability and performance.

“Endpoint Security for Business 11 features a number of enhancements to existing capabilities as well as some entirely new features,” said Rob Cataldo, VP of enterprise sales at Kaspersky Lab North America.

Some of the enhancements involve improved operating processes which make the software much more efficient – something that is relatively mundane these days in differentiating technology, but which customers care a lot about – especially larger ones.

The product scales to a much higher degree than it did previously.

Rob Cataldo, VP of enterprise sales at Kaspersky Lab North America

“The new enterprise scalability now allows for the management of up to 100,000 endpoints through a single server installation – up from about 50,000 in the previous version,” Cataldo said. “Performance has also been enhanced – more than doubled – because the memory footprint has been cut in half.”

Kaspersky Endpoint Security for Business utilized machine learning capabilities before, but they have been significantly upgraded in this release.

“Our machine learning has been enhanced to include dynamic machine learning,” Cataldo said. “It provides better real-time protection. This version also provides more visibility into the machine learning’s capability. Customers will have greater visibility into how the protection strata is laid.”

That would obviously matter a great deal to Kaspersky partners, but is it something that customers care about? Cataldo says that it is.

“We have found that end users want to know what levels of intelligence are layered in,” he said. “Until this release, you wouldn’t be able to see that.” You can see it now through a completely redesigned user interface, which displays layers of protection and security components.

More visibility has also been added through full native integration of Kaspersky Endpoint Security for Business with Kaspersky Endpoint Detection and Response [EDR]

“This will allow the product to be used as an endpoint EDR agent to collect metadata and Indicators of Compromise, and it is all managed centrally through the same security centre,” Cataldo said. The integration comes into play if a serious cybersecurity incident takes place, because the metadata gathered makes it easier to conduct a thorough investigation and remediation.

“We have also added a mechanism around prevention of credential leakage, which guards system- critical processes,” Cataldo added. It is not designed as a Privilege Account Management substitute, but as protection against hacker tools like Mimikatz, as part of a comprehensive strategy against threats like WannaMine, that hijack computers to and use their resources to mine cryptocurrencies.

Kaspersky Endpoint Security for Business Version 11 also adds more granular security controls for servers that are managed from a single point — including extended protection from ransomware, external traffic protection and Default Deny mode for Microsoft Windows Server, Exploit Prevention and Firewall configuration. These capabilities are available for both workstations and servers.

Finally, mobility management has been improved, with enhanced visibility through monitoring of protection across devices, simplified deployment, and management via third-party Enterprise Mobility Management systems for Android devices.