Kaspersky Lab updates its Anti Targeted Attack Platform

Sandbox clustering, greater visibility and major GUI updates among key highlights

Tags: Kaspersky LabUnited Arab Emirates
  • E-Mail
Kaspersky Lab updates its Anti Targeted Attack Platform Convenience, cost of ownership and usability contribute to the faster detection and remediation of threats – just as much as the latest technology does, says Levstov.
By  David Ndichu Published  April 28, 2017

Kaspersky Lab has announced an enhanced Kaspersky Anti Targeted Attack Platform, a solution to detect advanced threats and targeted attacks for enterprises.


The solution blends machine learning, worldwide threat intelligence and adaptivity to customer infrastructure, to help large businesses uncover sophisticated and damaging attacks at any stage of their development, the company says.

The new Kaspersky Anti Targeted Attack Platform also features scalability improvements with Sandbox clustering, and optimised visibility with major GUI updates.

The Kaspersky Anti Targeted Attack Platform combines network and endpoint sensors, sandbox technology and intelligent analysis to correlate different indicators of compromise and help businesses discover even the most complex targeted attacks. To counter advanced cyber threats, the latest solution improvements bring in new powerful tools such as the monitoring of corporate workflow, including web and e-mail traffic, when integrated with the Kaspersky Security for Mail Gateway solution.

Oleg Glebov, anti targeted attacks solution business lead at Kaspersky Lab, comments: “According to our strategic view on efficient adaptive security for enterprise, we’ve introduced three major areas of product improvement. The first, and most important one, is the addition of new operation scenarios aimed at improving overall visibility, analysis capabilities, and the automated correlation of various events likely connected to a single incident. Second, is the solution’s new scalability, flexibility, and ability to adapt to unique performance requirements. Finally, there is the visibility factor: a clean, understandable, customizable visualization of how our solution is operating is also vital for faster detection and aligned response”.

The 2017 update ups performance with better endpoint integration, via Kaspersky Lab’s endpoint security solution or a standalone endpoint that allows users to detect behavior anomalies and request additional data for processing. To make sure that even a well-hidden attack eventually gets uncovered, a process of repeatedly scanning suspicious objects and keeping them in an archive has been added.

Should a threat actor host a malicious payload externally (as is often the case), Kaspersky Anti Targeted Attack Platform improves the visibility and analysis of an attack. This is achieved by processing not only files, but also URLs using a sandbox. In addition, it is now possible to process password-protected archives to address another common criminal tactic of sending protected attachments with a password. Archived payloads are now analyzed with a better detection rate overall.

Scalability. Sandbox infrastructure is now decentralized and can be scaled depending on the needs of a customer, with better adaptivity to existing hardware/virtualized infrastructure and lower cost of deployment. In addition, the solution’s connection to network and e-mail traffic has been simplified with additional deployment options suitable for a particular IT infrastructure. The new Kaspersky Anti Targeted Attack Platform is capable of blocking malicious e-mails, when integrated with the Kaspersky Security for Mail Gateway solution.

Visibility. Today CISOs encounter a lack of visibility at the crucial point of deciding on their incident response. Deconstructing an attack kill chain, they need to see the whole picture and understand what alert is more important to investigate – is it the chief accountant’s data being compromised or is it BSD on the CEO desktops at regional offices? A major factor that improves response is having a security officer view and analyse the results. Kaspersky Anti Targeted Attack Platform enables this via a fully reworked dashboard, with detailed information on the status of periodic checks, the latest events, and incident information with collated data on corresponding events. To ensure privacy, different roles have been implemented for administrators. Access to information concerning certain parts of the infrastructure with sensitive data can now also be restricted according to a company’s privacy policy.

Veniamin Levtsov, vice president, enterprise business at Kaspersky Lab, commented: “The new features of Kaspersky Anti Targeted Attack Platform are a direct result of our efforts to address customer feedback. A series of deployments, including one at a major financial institution has showed the advantages of our advanced algorithms, along with the need to better adapt to customer requirements in terms of accuracy of detection, ability to scale and visibility. Convenience, cost of ownership and usability contribute to the faster detection and remediation of threats – just as much as the latest technology does. As we continue to enhance the detection and response capabilities in our solutions, we have dedicated a sizeable share of resources towards making sure our products reflect the true needs of our customers”. 

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code