Kaspersky Endpoint Detection and Response Expert Room for Improvement
My opinion is that behavior detection could work better. This feature gets a high rate of false positives. This service is painful for network administrators.
I would like for this solution to better integrate with other solutions, especially with our network solution. I would also like for the support response time to be better.
More than a technical issue, it's more of a commercial issue that we have faced with the solution. Some of my clients told me something about the Russia and Ukraine conflict. Because Kaspersky is from Russia, my clients mentioned that it may have some problems in the future.
Speaking about the features I like to see in the solution, I would like to say that I use the solution's features as a user. I even don't know if the solution has certain features. I am uncertain whether the solution includes certain features like traffic monitoring or app usage tracking. We employ Power Automate applications on our mobile devices, which might explain the observed traffic or usage. However, I believe this knowledge is limited as I lack access to the manager console.
The solution does not offer much support to its users in Spanish, so I would like to see them offer more support in Spanish.
The interfacing for remote endpoints could be improved because it does not work very smoothly.
It is not easy to follow the kill chain of a potential infection or malware. We would like to be able to roll back and analyze all the steps in the chain.
The on-premises solution is not fully aligned with the web-based option that includes a feature-rich interface. For example, you can analyze better on the web console than with the on-premises management console.
It is complex to implement remote endpoints for visitors who have devices that are outside the control of your network but are on-premises. The solution did not even offer this until recently but instead provided an additional solution for integrating the functionality. The solution needs to focus on providing a completely cloud-based solution like CrowdStrike, SentinelOne, and Microsoft Defender.
The solution still works on the old signature-based antivirus format but modern options like CrowdStrike, SentinelOne, and Microsoft Defender are behavioral analysis tools that are completely signature-less. The solution is losing customers because it has not reacted quickly enough to the modern format.
View full review »Buyer's Guide
Kaspersky Endpoint Detection and Response Expert
March 2024
Learn what your peers think about Kaspersky Endpoint Detection and Response Expert. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
769,599 professionals have used our research since 2012.
The solution could always be more secure. Every antivirus solution could be, as things are always dynamically changing. There is always a new risk on the horizon.
View full review »RR
Ramy Ragab
Head of Data Link at Telecom Egypt
They could provide a source of visualization for the product. It needs to be easier to use for searches and activities. Additionally, they should work on an incident response module.
View full review »An area for improvement in Kaspersky Endpoint Detection and Response is its technical support because currently, technical support is delayed.
View full review »We have some problems with LiDAR. When we do the install, or reinstall the server console, or server endpoint protection, I don't know why we need to reinstall it.
Even though we installed, or did a new install for the server endpoint protection features, we use some small PDO or some patching to upgrade it in the employee protection clients if that's in.
I need a local expert. I'm looking for more experts to be able to apply it to certain solutions that we understand already. In order to meet our requirements, we need more experts.
There are some cases that take three days to deal with. It's too long.
View full review »Kaspersky Endpoint Detection and Response should continue to improve its protection while adapting to the changing threat ecosystems. Having more advanced features would be a benefit.
View full review »Kaspersky Endpoint Detection and Response Expert needs to include a traffic interface.
View full review »In terms of the protection itself, Kaspersky has been doing a great job. It's just the approach, the technology itself, performance, and impact on the systems it's protecting, that are more of a concern. The concern is significant, especially when compared to alternatives that are more lightweight and available on a cloud platform. So, the aforementioned areas should be considered for improvement.
MA
Mario-Alonzo
CISO at a wholesaler/distributor with 1,001-5,000 employees
They should include XDR features in the solution. It would help us collect data metrics from different endpoints. Thus, we could identify the origin of the ransomware or malware attacks within the network. Also, they should include sandboxing features.
View full review »DB
Damnam BAGOLIBE
Security engineer at ARCEP Togo
When I have the protection of my terminal or device, I don't have a problem. I haven't had any issues.
We'd like more integrations to be available in the future.
If a customer wants to use Kaspersky on-prem, they'll need to spend a lot on the hardware. Their server must be strong because EDR is a heavy product. You need excellent hardware to run it. It might make sense to deploy the solution in the cloud. If they add features, it will only make the product heavier and increase the hardware costs.
View full review »IM
IslamMoussa
Head of Information Security at Faisal Islamic Bank of Egypt
I can't say which areas need improvement.
We'd like to see them improve the automatic response.
View full review »The only problem we have with the solution is that DLP is not a part of it. It's particularly relevant for those working in financial markets, especially in Pakistan where it's deployed in banks. DLP would make EDR a complete package. The lack of DLP is the main reason that our company is moving away from Kaspersky EDR.
View full review »There are no issues with this solution. However, we would like to have better strategic information. We currently have tactical, and it's hard to make strategic decisions based on what it delivers.
In addition, we have about 600 users using this solution.
View full review »I could be covering more devices, for example, the XDR. If it covered more products, it would improve the XDR.
View full review »CM
Cliff Matonda
System Administrator at Finlays
Kaspersky Endpoint Detection and Response is very heavy on the system resources. It uses a lot of memory and the system can become slow.
View full review »Kaspersky EDR currently has limited OS support. They only focus on Windows Server and Windows. Kaspersky recently released a Linux version, but it's rudimentary. It does not have any advanced features available on Windows platforms. They should increase their footprint on the Linux side and support other operating systems on the market, like MacOS.
Kaspersky Endpoint Detection and Response could improve some issues and add new security files.
View full review »No product is perfect and I think the stability could be improved a little. I'd also like to see performance improvement as the system can be heavy, slowing down our computers, and things don't always work smoothly. Performance could be improved.
SH
Syed-Hassan
General Manager IT at Chase Up
The installation process could be more streamlined.
View full review »Kaspersky EDR lacks protection from recent ransomware. Because of this, we're looking into switching from EDR to another security solution.
View full review »CA
reviewer1871766
Product Manager at a comms service provider with 51-200 employees
It consumes many system resources, and there should be more EDR details.
View full review »GP
Gonzalo Paredes
Founding Partner at Xmartlab
I would like better integration with other products. For example, I would like to have another view in SolarWinds or Datadog. Integration is not easy. I'd like it to be simplified.
We do not need any additional features.
The business plan maybe could be improved. They need to change the way they sell the product. They could be better friends with their partners. A partner is not somebody who sells this product. It is usually somebody who manages this product for the end user or the end company that is predicting the assets. The role that a partner plays in this interaction is very important. They need to work to build that relationship to benefit the solution and the client. They should also offer better margins.
View full review »IH
Imtiaz Hussain
Endpoint Specialist at a computer software company with 201-500 employees
The one thing Symantec has that EDR lacks is device control. I think Kaspersky has to increase its features when it comes to antivirus control. I'd like to see an increase in the 30-day retention period.
View full review »The solution is expensive. It would be ideal if they could lower the costs.
View full review »AI
AleksandarIvanovic
Head of IT department at Monetars
Everything is automatic on Kaspersky but it would be great if they could add a feature for examining suspicious files. I'd like the solution to offer additional protection.
IH
ImranHasware
Vice President at Abacus Consulting
The product should release more frequent updates. The tool needs to improve its scalability as well.
View full review »MK
Magdy Kamel
IT Manager at Nigsd
I find Kaspersky can be quite resource-intensive, consuming a significant amount of RAM and CPU.
Another area of improvement is customer service and support. Since the solution handles critical applications and vulnerabilities, immediate support is essential when issues arise.
View full review »The main problem with Endpoint is that Kaspersky is a Russian company, and my clients prefer not to use it.
View full review »RB
reviewer2103129
Network administrator at a healthcare company with 1,001-5,000 employees
It does not cover all of our security issues. It's not a complete security solution. We'd like something like CrowdStrike Falcon. We'd like the same features as CrowdStike. If they can have even better features than CrowdStrike in the future, it would be better.
The solution lacks EDR features.
View full review »LL
Lucky Lushaba
Scrum Master at Inalpie Enterprise
The license prices for this solution are quite high.
View full review »Documentation needs to be simplified and improved so that it provides good product awareness for end users like the documentation provided by CheckPoint.
Vouchers and training should be offered to enhance the solution's reachability. Certification exams should be accessible and priced reasonably.
View full review »LM
reviewer1132086
Information Security Officer at a financial services firm with 51-200 employees
I would like to integrate Kaspersky with my Log Collector SIEM. Right now that's not possible.
Kaspersky Endpoint Detection and Response could also introduce a way to make working in teams more accessible. At the same time, it would be interesting to see them explore artificial intelligence solutions.
View full review »PR
Paulo Rafael
System Administrator at ISJD
There is a problem with the solution, it came from Russia and we are looking for a replacement.
View full review »There are some issues with EDR's web policy blocking sites that are marked as exceptions. Also, recently, some policies have been getting disabled automatically. In the next release, EDR should include a web plugin.
View full review »MR
Murugesan Rajarethinam
Founder & CEO at CID Infotech
The solution can improve by providing automatic fixing of vulnerabilities and reducing the resources used in the server component and endpoint agent. They are very bulky and use a lot of CPU, memory, and hard drive resources.
View full review »IA
reviewer1239837
Senior Solution Engineer at a tech services company with 1,001-5,000 employees
Symantec is a better option. Kaspersky needs to strengthen its standing in the market.
It would be ideal if they could make it even easier to use.
View full review »The issue with Kaspersky EDR is the sandbox. I'd like to have the ability to manage it on the cloud as well.
View full review »OK
Osama Kamal
Security and systems engineer at a tech services company with 51-200 employees
There should be options in the UI to better assist with troubleshooting problems that occur during deployment.
I would like to see a more simplified view of the configuration options.
The technical support team should respond in a more timely manner.
View full review »AE
reviewer1740045
Cyber Security Engineer at a tech services company with 201-500 employees
I'd like to see more seamless integration with the cloud and other products as well as improvements to Kaspersky's sandboxing features.
View full review »Buyer's Guide
Kaspersky Endpoint Detection and Response Expert
March 2024
Learn what your peers think about Kaspersky Endpoint Detection and Response Expert. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
769,599 professionals have used our research since 2012.