Woburn, MA – November 9, 2017 – Today, Kaspersky Lab is announcing Kaspersky Threat Hunting, a new suite of services designed to enhance the efficiency of protecting against targeted attacks. The suite includes two unique expert services – Kaspersky Managed Protection and Targeted Attack Discovery. These services are designed to equip IT security teams with world-class expertise for detecting and analyzing advanced threats, in particular, the fileless threats and non-malware attacks frequently used by cybercriminals.
According to the Kaspersky Lab Global IT Security Risks Survey 2017, failing to detect a security incident within a week can more than double a company’s financial losses from $451,000 to $1.2 million. Ensuring the quick detection of a threat requires considerable resources and excellent professional skills, which businesses are also struggling to acquire according to the survey.
As the toolkits used by cybercriminals become more and more sophisticated, Kaspersky Lab experts can help companies detect and analyze advanced threats that have already penetrated the corporate infrastructure. Kaspersky Threat Hunting, an expert service suite, provides large companies with 24/7 access to the expertise of the Kaspersky Lab threat hunters team. For companies not yet ready to hire in-house computer forensics specialists, the suite provides an opportunity to outsource the proactive search and analysis of suspicious activity, while those businesses that already have established SOC teams obtain additional resources and expertise for detecting complex attacks.
Kaspersky Managed Protection is an expert service for the proactive detection of complex threats in a company’s infrastructure. The service is a subscription offering based on the installed Kaspersky Endpoint Security for Business and Kaspersky Anti Targeted Attack platform solutions. After an initial analysis of metadata collected within the corporate network, Kaspersky Lab experts thoroughly analyze any anomalies: examine the event logs in the operating system and study any suspicious behavior detected by security tools. The multilevel analysis of metadata helps the experts investigate incidents even if cybercriminals have removed their traces using specialized tools to hamper computer forensics.
A salient fact for businesses faced with stringent data processing regulations will be that the Kaspersky Lab expert teams, the Kaspersky Managed Protection infrastructure and Kaspersky Lab data centers are located both in Russia and Europe, and are therefore ready to provide service support in any country.
Targeted Attack Discovery is a one-time analytical service aimed at detecting traces of targeted attacks in a customer’s infrastructure in real-time, or after the attack has taken place. Kaspersky Lab experts study the correlation between data collected in the corporate network and data on targeted threats in open and private databases. Gathering and analyzing the obtained information makes it possible to detect suspicious activity, and discover potential sources of incidents and compromised devices. The service also suggests an incident recovery action plan and offers recommendations for the enterprise’s information security. Targeted Attack Discovery can be deployed by any company, regardless of the software infrastructure platform used.
“We shouldn’t forget that IT security heavily relies on the process of detecting, investigating and responding to cybercriminal activity,” commented Sergey Soldatov, head of the security operations center at Kaspersky Lab. “Kaspersky Threat Hunting allows IT security teams to maximize the efficiency of this process, providing their companies with Kaspersky Lab’s world-class expertise on the latest attacks. This approach makes it possible not only to discover malicious activity that hasn’t been detected by security solutions, but also to increase the effectiveness of incident response before criminals can benefit from their activities.”
To date, Kaspersky Lab experts have tracked more than 100 APTs (advanced persistent threats) and operations. In 2016 alone, Kaspersky Lab specialists prepared more than 200 reports on complex cyberthreats. These reports are available to corporate clients via a subscription.
Kaspersky Threat Hunting services extend the company’s enterprise security portfolio, which was named among the best offerings in the industry according to a recent Forrester survey of IT security vendors.
The new services are now available to order worldwide. Additional information about the Kaspersky Threat Hunting service suite is available here.