My opinion is that behavior detection could work better. This feature gets a high rate of false positives. This service is painful for network administrators.

I would like for this solution to better integrate with other solutions, especially with our network solution. I would also like for the support response time to be better.

More than a technical issue, it's more of a commercial issue that we have faced with the solution. Some of my clients told me something about the Russia and Ukraine conflict. Because Kaspersky is from Russia, my clients mentioned that it may have some problems in the future.

Speaking about the features I like to see in the solution, I would like to say that I use the solution's features as a user. I even don't know if the solution has certain features. I am uncertain whether the solution includes certain features like traffic monitoring or app usage tracking. We employ Power Automate applications on our mobile devices, which might explain the observed traffic or usage. However, I believe this knowledge is limited as I lack access to the manager console.

The solution does not offer much support to its users in Spanish, so I would like to see them offer more support in Spanish.

The interfacing for remote endpoints could be improved because it does not work very smoothly. 

It is not easy to follow the kill chain of a potential infection or malware. We would like to be able to roll back and analyze all the steps in the chain. 

The on-premises solution is not fully aligned with the web-based option that includes a feature-rich interface. For example, you can analyze better on the web console than with the on-premises management console. 

It is complex to implement remote endpoints for visitors who have devices that are outside the control of your network but are on-premises. The solution did not even offer this until recently but instead provided an additional solution for integrating the functionality. The solution needs to focus on providing a completely cloud-based solution like CrowdStrike, SentinelOne, and Microsoft Defender.

The solution still works on the old signature-based antivirus format but modern options like CrowdStrike, SentinelOne, and Microsoft Defender are behavioral analysis tools that are completely signature-less. The solution is losing customers because it has not reacted quickly enough to the modern format. 

The solution could always be more secure. Every antivirus solution could be, as things are always dynamically changing. There is always a new risk on the horizon. 

They could provide a source of visualization for the product. It needs to be easier to use for searches and activities. Additionally, they should work on an incident response module.

An area for improvement in Kaspersky Endpoint Detection and Response is its technical support because currently, technical support is delayed.

We have some problems with LiDAR. When we do the install, or reinstall the server console, or server endpoint protection, I don't know why we need to reinstall it. 

Even though we installed, or did a new install for the server endpoint protection features, we use some small PDO or some patching to upgrade it in the employee protection clients if that's in.

I need a local expert. I'm looking for more experts to be able to apply it to certain solutions that we understand already. In order to meet our requirements, we need more experts. 

There are some cases that take three days to deal with. It's too long.

Kaspersky Endpoint Detection and Response should continue to improve its protection while adapting to the changing threat ecosystems. Having more advanced features would be a benefit.

Kaspersky Endpoint Detection and Response Expert needs to include a traffic interface. 

In terms of the protection itself, Kaspersky has been doing a great job. It's just the approach, the technology itself, performance, and impact on the systems it's protecting, that are more of a concern. The concern is significant, especially when compared to alternatives that are more lightweight and available on a cloud platform. So, the aforementioned areas should be considered for improvement.

They should include XDR features in the solution. It would help us collect data metrics from different endpoints. Thus, we could identify the origin of the ransomware or malware attacks within the network. Also, they should include sandboxing features.

When I have the protection of my terminal or device, I don't have a problem. I haven't had any issues.

We'd like more integrations to be available in the future.

If a customer wants to use Kaspersky on-prem, they'll need to spend a lot on the hardware. Their server must be strong because EDR is a heavy product. You need excellent hardware to run it. It might make sense to deploy the solution in the cloud. If they add features, it will only make the product heavier and increase the hardware costs. 

The only problem we have with the solution is that DLP is not a part of it. It's particularly relevant for those working in financial markets, especially in Pakistan where it's deployed in banks. DLP would make EDR a complete package. The lack of DLP is the main reason that our company is moving away from Kaspersky EDR. 

There are no issues with this solution. However, we would like to have better strategic information. We currently have tactical, and it's hard to make strategic decisions based on what it delivers.

In addition, we have about 600 users using this solution.

I could be covering more devices, for example, the XDR. If it covered more products, it would improve the XDR.

I can't say which areas need improvement. 

We'd like to see them improve the automatic response. 

Kaspersky Endpoint Detection and Response is very heavy on the system resources. It uses a lot of memory and the system can become slow.

Kaspersky EDR currently has limited OS support. They only focus on Windows Server and Windows. Kaspersky recently released a Linux version, but it's rudimentary. It does not have any advanced features available on Windows platforms. They should increase their footprint on the Linux side and support other operating systems on the market, like MacOS.

Kaspersky Endpoint Detection and Response could improve some issues and add new security files.

No product is perfect and I think the stability could be improved a little. I'd also like to see performance improvement as the system can be heavy, slowing down our computers, and things don't always work smoothly. Performance could be improved. 

The installation process could be more streamlined.

Kaspersky EDR lacks protection from recent ransomware. Because of this, we're looking into switching from EDR to another security solution.

It consumes many system resources, and there should be more EDR details.

I would like better integration with other products. For example, I would like to have another view in SolarWinds or Datadog. Integration is not easy. I'd like it to be simplified. 

We do not need any additional features. 

The business plan maybe could be improved. They need to change the way they sell the product. They could be better friends with their partners. A partner is not somebody who sells this product. It is usually somebody who manages this product for the end user or the end company that is predicting the assets. The role that a partner plays in this interaction is very important. They need to work to build that relationship to benefit the solution and the client. They should also offer better margins.

The one thing Symantec has that EDR lacks is device control. I think Kaspersky has to increase its features when it comes to antivirus control. I'd like to see an increase in the 30-day retention period. 

The solution is expensive. It would be ideal if they could lower the costs. 

Everything is automatic on Kaspersky but it would be great if they could add a feature for examining suspicious files. I'd like the solution to offer additional protection. 

There could be more secure.

The prices can go down a little bit.

The product should release more frequent updates. The tool needs to improve its scalability as well.

I find Kaspersky can be quite resource-intensive, consuming a significant amount of RAM and CPU.

Another area of improvement is customer service and support. Since the solution handles critical applications and vulnerabilities, immediate support is essential when issues arise.

The main problem with Endpoint is that Kaspersky is a Russian company, and my clients prefer not to use it.

It does not cover all of our security issues. It's not a complete security solution. We'd like something like CrowdStrike Falcon. We'd like the same features as CrowdStike. If they can have even better features than CrowdStrike in the future, it would be better.

The solution lacks EDR features.

The license prices for this solution are quite high.

Documentation needs to be simplified and improved so that it provides good product awareness for end users like the documentation provided by CheckPoint. 

Vouchers and training should be offered to enhance the solution's reachability. Certification exams should be accessible and priced reasonably. 

I would like to integrate Kaspersky with my Log Collector SIEM. Right now that's not possible. 

Kaspersky Endpoint Detection and Response could also introduce a way to make working in teams more accessible. At the same time, it would be interesting to see them explore artificial intelligence solutions. 

There is a problem with the solution, it came from Russia and we are looking for a replacement.

There are some issues with EDR's web policy blocking sites that are marked as exceptions. Also, recently, some policies have been getting disabled automatically. In the next release, EDR should include a web plugin.

The solution can improve by providing automatic fixing of vulnerabilities and reducing the resources used in the server component and endpoint agent. They are very bulky and use a lot of CPU, memory, and hard drive resources.

Symantec is a better option. Kaspersky needs to strengthen its standing in the market.

It would be ideal if they could make it even easier to use.

The issue with Kaspersky EDR is the sandbox. I'd like to have the ability to manage it on the cloud as well.

There should be options in the UI to better assist with troubleshooting problems that occur during deployment.

I would like to see a more simplified view of the configuration options.

The technical support team should respond in a more timely manner.

I'd like to see more seamless integration with the cloud and other products as well as improvements to Kaspersky's sandboxing features.