Kaspersky Endpoint Detection and Response Expert Reviews

I use the solution in my company mainly for endpoint protection and also for its XDR capabilities to deal with threat intelligence. It is used not only from the endpoint protection perspective but also from the threat intelligence aspect.

The solution's most valuable features are that it offers very strong encryption and acts as an antivirus product. It is one of the few antivirus tools that, once you discover a device remotely, you can install within the portal's central management.

I would say that Kaspersky is not too big in the cloud-related area. From an improvement perspective, it would be good if Kaspersky went big in the cloud since it would give the tool a fair chance to compete with other clouds.

I have been using Kaspersky Endpoint Detection and Response Expert for three years. The product has been used in my company for more than five years.

Stability-wise, I rate the solution a nine out of ten.

There are some basic issues in the product, some of which may not even be related to Kaspersky. The issues revolve around updates, integrations, and how the data center works.

Scalability-wise, I rate the solution a seven out of ten.

The previous client we were working with was a bank that had opened a ticket with Kaspersky some months ago, and nobody had responded. The only response from the support team is when it comes to pricing. Technical support is a little slow. I rate the technical support a five out of ten.

Neutral

The product's initial setup phase is a medium-level process. It is pretty easy to set it up, but I would say it is medium because I am not yet experienced working with it in an enterprise-level business with 10,000 or more people. I have worked with organizations with 1,000 to 5,000 people, and I can say that the setup phase is not difficult to manage. I rate the setup phase an eight out of ten.

I have clients who use on-prem services for Kaspersky Security Center, and I have clients who use Kaspersky Security Cloud. We have the ones that we manage in the cloud and the ones that we manage on-premises.

Depending on the number of endpoints we have to manage, the product can be deployed in a week.

We have different people to manage endpoints and security cloud. An average of three to four deploy the tool.

If one is cheap, ten is expensive, I rate the product’s price as a seven out of ten, especially if I compare it with CrowdStrike.

Compared to Trend Micro and CrowdStrike, Kaspersky is really big on endpoint protection and detection. Whatever an endpoint protection tool needs, Kaspersky has it all. It only lacks in the cloud area and visibility between the cloud, emails, and endpoints. When it comes to endpoint protection alone, I think it is a big tool.

The automated response capabilities improve security operations and are very useful. The tool can discover other devices in your environment that don't have antivirus. It goes the extra mile to tell you, even if you are installing an application, whether it is already outdated and if you need to update it. In terms of compliance, you can take a report from Kaspersky and switch to compliance while figuring out the devices that are most affected and the UIs that are most critical.

I would recommend the product to others since it is pretty easy to deploy and manage the setup phase while also being affordable. Mostly, if there is an SMB client who fears getting an enterprise-sized solution like CrowdStrike, they can get Kaspersky and be able to get maximum protection by just using the funds that they have.

I rate the tool a seven out of ten.

It's our primary, go-to product for email security. It covers our inbound and outbound mail. If somebody clicks on a bad link inside your company, it will automatically stop them from using that email to spread the rest of the phishing attempts. It checks outbound emails, not just inbound.

The solution is deployed on the cloud.

There are about 12 users in my organization. 

If we get a new employee, we'll buy another license. Otherwise, we don't have plans to increase usage. It scales with the amount of staff that we have.

It doesn't matter from where you log in, you're going to go through the Barracuda gateway. It will protect and filter any incoming mail. There's also a sandboxing feature. If Barracuda picks up something that's a little bit fishy, it will detonate it in the sandbox.

If it's not malicious, it'll pass it on. If it is malicious, it'll just quarantine it. The nice thing is that sometimes Barracuda doesn't know if the mail is good or bad for you. It gives you the option to allow delivery or to block delivery of that particular kind of mail.

If someone is trying to send you mail but is being blocked by your gateway, you can go into your Barracuda portal, see the last mail that came in, and you can choose from different options: allow/don't allow, deliver, once only, block user, or whatever the case may be.

In some cases, we can also restrict it, but only the admin can do that. If you have a problem and one of your clients can't send you mail, you need to contact the admin IT manager and tell them that you're expecting mail from a certain email address but you've been blocked. He will then allow the delivery of that. It gives you control over what gets delivered to your end users from an IT manager's point of view.

Encryption is the most valuable feature. It creates an encryption tunnel from your location to the delivery address. It's like a tunnel that can't be broken so that your mail can't be intercepted anywhere along the line. When you're using Barracuda as a gateway, your mail is guaranteed to be delivered as it was sent.

The other nice thing about the solution is that it's an archiver, which most companies need for compliance.

For e-discovery, a lot of legal companies need certain documents and for emails to be kept intact as they were sent. It acts as a paper trail.

It's pretty stable. It's older than Mimecast. The management tool is web-based, so it's also convenient.

It's managed on Barracuda Cloud Control. It covers spam, email viruses, email malware, phishing, undelivered mail, unsecured emails, and denial of service attacks. It's agentless and because it's an all-in-one product, it covers basically everything.

I would rate the scalability as 10 out of 10.

The difficulty of setup will depend on the number of users. It's scalable with the amount of users that you have. Setup with 1,000 users will obviously take longer than 10 users.

There is a labor cost involved in implementation. It takes about seven hours to deploy. There are a lot of different aspects involved in setup. It's not a simple implementation.

Once implemented, it's easy to maintain. Once the setup is done, it's fairly easy.

If you've given all your users rights, they can decide what mail comes through what doesn't. This makes an IT manager's job a lot easier. If you've kept the retention and everything needs to come through the admin or IT office but you send the alerts to the customer, then it's going to be pretty intensive depending on how many users you have.

The solution isn't the cheapest considering what you get. I would rate the pricing as seven out of ten.

The cost depends on what features you want. If you want to add advanced email security and compliance, advanced threat protection, cloud archiving services, and data loss protection, then there will be an additional cost.

I would rate the solution as nine out of ten. 

I would recommend complete compliance for most customers because it offers you email security services. It provides inbound and outbound scanning, blocking, and sandboxing.

It gives you data loss protection, encryption, and link and typosquatting protection. It also gives you advanced threat protection and cloud archiving services. That is all-in-one email protection.

We use the solution to create a test scenario for detecting a potential threat in the network.

The solution's cybersecurity policies help us protect some extensions of the primary documents in case of a ransomware attack. Also, in case endpoint servers get compromised, it protects them. Thus, we can manage exclusive and essential extensions for systems using it.

The solution's most valuable feature is machine learning. It monitors the traffic and events to detect suspicious activity.

They should include XDR features in the solution. It would help us collect data metrics from different endpoints. Thus, we could identify the origin of the ransomware or malware attacks within the network. Also, they should include sandboxing features.

We have been using the solution for three years.

I rate the solution's stability an eight.

The solution's deployment process involves configuring the network and changing the active directory. The most challenging part here is opening specific ports and blocking or allowing certain services through firewall settings.

The solution's cost is reasonable compared to other vendors.

I suggest a cost versus-benefit analysis to others while looking for EDR and XDR solutions. Considering the advantages of Kaspersky, it offers patch and vulnerability management. It takes time to deploy initially. But once you deploy it correctly, you will get a lot of features. I rate it as an eight.

I enjoyed working in security, but I am a commercial manager at my company now. Our customers and my company don't have issues with the solution. It's very difficult to try to work in the web interface.

When working with Kaspersky Endpoint Detection and Response Expert, I feel secure with my confidential documents, especially when we open them in Excel. So, we feel secure with such capacity in the solution.

In my company, we do some evaluations, and when opening a document, it's like a sandbox tool that allows one to open and review a document. So, we feel very secure with Kaspersky Endpoint Detection and Response Expert.

More than a technical issue, it's more of a commercial issue that we have faced with the solution. Some of my clients told me something about the Russia and Ukraine conflict. Because Kaspersky is from Russia, my clients mentioned that it may have some problems in the future.

Speaking about the features I like to see in the solution, I would like to say that I use the solution's features as a user. I even don't know if the solution has certain features. I am uncertain whether the solution includes certain features like traffic monitoring or app usage tracking. We employ Power Automate applications on our mobile devices, which might explain the observed traffic or usage. However, I believe this knowledge is limited as I lack access to the manager console.

The solution does not offer much support to its users in Spanish, so I would like to see them offer more support in Spanish.

In the last six months, I have been certified on the user and commercial notifications on the web page of Kaspersky Endpoint Detection and Response Expert. Also, I don't remember the version of the solution I am using.

Stability-wise, I rate the solution a ten out of ten. We never had issues with Kaspersky. However, we have faced issues with Sophos. So, we are very happy with Kaspersky.

Scalability-wise, I rate the solution a ten out of ten. Since we sell the solution, we plan to increase the usage of Kaspersky Endpoint Detection and Response Expert. With an increased demand, we will have to buy more licenses.

We haven't had any issues in the last six months with Kaspersky. Only one time, I had raised a ticket with Kaspersky's support team, but it was for some administrative purpose.

We used to use Sophos previously in our company. But I feel that Kaspersky is easier and quicker to use.

Since the initial setup took a while, we changed our support engineer. With a new support engineer, we faced no problems with the deployment process. We sell not more than fifty solutions.

Also, the solution is deployed on the cloud.

The ROI is good since our clients are very confident with using Kaspersky Endpoint Detection and Response Expert.

Since we are partners with Kaspersky, it's very complicated to discuss its pricing structure.

Overall, I rate the solution a ten out of ten.

Kaspersky EDR is an advanced version of the company's standard security solution that provides some enhanced detection and response features. Cost-wise, it's not much more than their other solution. 

Kaspersky is trying to push clients to adopt EDR because they plan to consolidate everything into one solution. EDR incorporates all the features available in Kaspersky's other products. 

If a customer wants to use Kaspersky on-prem, they'll need to spend a lot on the hardware. Their server must be strong because EDR is a heavy product. You need excellent hardware to run it. It might make sense to deploy the solution in the cloud. If they add features, it will only make the product heavier and increase the hardware costs. 

I have used Kaspersky EDR for about three years.

I rate Kaspersky EDR seven out of 10 for stability.

I rate Kaspersky EDR seven out of 10 for scalability.

I rate Kaspersky support eight out of 10. It depends on your SLA. You need to wait in line with standard support, but you get help immediately if you purchase business support.

Positive

I wouldn't say that Kaspersky is a walk in the park to install, but it isn't too complex. Anyone with a little training and knowledge can install and configure it. 

I rate Kaspersky EDR seven out of 10 for affordability. Kaspersky EDR isn't cheap, but it shouldn't be out of reach for most medium-sized enterprises. It is a small price jump from their advanced endpoint security solution. Small companies may not be able to spend that much. It should be within the budget of any company with more than 300 employees should.

We compared Kaspersky and Trend Micro. The latter is significantly more expensive. That's the main difference. 

I rate Kaspersky EDR eight out of 10. It's one of the top three solutions, but it isn't my No. 1. 

We are Kaspersky partners and I'm an endpoint specialist. 

The major features I really like are behavior detection and the firmware scanner. The solution also has great threat prevention. Machine learning is also very good as is the real-time protection. The best thing is you can also get a vulnerability report. There are a couple of other features EDR has that are not available in other solutions and that includes the system-level device for controlling the UI which enables control of applications at the location level. There is also the IoC scanner that Symantec doesn't have. Finally, the threat intelligence portal gives me global visibility into threats and their interconnections which is great. 

The one thing Symantec has that EDR lacks is device control. I think Kaspersky has to increase its features when it comes to antivirus control. I'd like to see an increase in the 30-day retention period. 

I've been using this particular solution for 3 years but have used other Kaspersky solutions for over 15 years. 

The solution is stable. 

The scalability is good. Scaling is a matter of creating a new server and replicating all the data. It's not a big issue to do the migration or to upgrade hardware. We currently have around 20,000 users with that number increasing every day. 

The technical support is really bad. They have three models of support and if you have the regular level of support, it can take days to get a response. It forces you to pay extra to get premium support, and then you hear from them within two hours. 

The initial setup is straightforward. If you're deploying for customers then the deployment time will depend on the size of the organization and the level of preparation that has been done in advance. If you have 10,000 users, deployment will take about a day if everything is ready.  

Licensing costs are very reasonable. This is not an expensive solution. 

There are some features lacking in this solution and if I compare it with CrowdStrike or Microsoft, they are both better solutions than Kaspersky. I rate this solution eight out of 10. 

Currently, I'm using Kaspersky as endpoint protection and EDR.

I'm using it for detecting malicious behavior on PCs. It's for security.

In terms of effectiveness, it's the best. 

It is easy to set up. 

The product is stable. 

We can scale the solution. 

I can't say which areas need improvement. 

We'd like to see them improve the automatic response. 

I've been using the solution for three years. 

It's a stable, reliable solution. There are no bugs or glitches. It doesn't crash or freeze. We've had zero issues in general while using the product. 

The scalability has been good. 

Kaspersky is installed on all PCs and servers. It is used extensively in the organization. There is likely over 1,000 users. 

We only used support once. We found a malicious file in an email, and we opened a ticket with them to deal with the issue. They were very effective. They resolved the issue and provided us with text to update the KATA directories.

Positive

The solution is simple to set up. It's not a complex process. 

We tested it with different scenarios, such as MITRE ATT&CK, and we did the same scenario across all vendors. This solution came out on top.

I'm a customer and end-user.

We did a POC with the solution and were quite impressed by its effectiveness. 

If someone is working in a virtual environment, they should consider a virtual solution like Kaspersky from the beginning. It helps save memory usage.

I'd rate the solution nine out of ten. It is a very effective tool.

We are users of this solution and I'm a system administrator and lead manager of the Kaspersky EDR solution in my company. 

In my opinion Kaspersky is the best product on the market. It's very easy to handle, user-friendly and they provide a lot of features that are difficult to find in other endpoint solutions.  Kaspersky provides great features and endpoint protection. 

The only problem we have with the solution is that DLP is not a part of it. It's particularly relevant for those working in financial markets, especially in Pakistan where it's deployed in banks. DLP would make EDR a complete package. The lack of DLP is the main reason that our company is moving away from Kaspersky EDR. 

I've been using this solution for five years. 

It's very stable and I haven't faced any issues.

The solution is very scalable. We have approximately 300 users in the company. 

We've had many interactions with technical support. We use the online Kaspersky company portal to raise tickets, and the staff are very knowledgeable technically and very professional. In so many ways, and so many queries I was in coordination with them directly. The email support is also very good. 

The initial setup is very simple and there were no issues with deployment. 

Kaspersky offers a very budget-friendly licensing model that is a complete package and is suitable for small, medium or enterprise organizations. McAfee, for example, has a much more costly license.

I've looked at other solutions including McAfee and most offer the same level of endpoint protection. Kaspersky provides additional features that other products don't have.

I'm very satisfied with this product overall and I rate it 10 out of 10.