About Kaspersky Industrial CyberSecurity Endpoint Detection and Response

Kaspersky Industrial CyberSecurity Endpoint Detection and Response is a solution designed to protect an organization IT infrastructure from complex cyberthreats. The solution's functionality combines automatic threat detection with threat response capabilities to resist complex attacks, including new exploits, ransomware, fileless attacks, and methods that use legitimate system tools.

Kaspersky Industrial CyberSecurity Endpoint Detection and Response reviews and analyses the development of threats and provides the Security Officer or Administrator with information about a potential attacks in order to respond to the threat in a timely manner or automatically performs the specified response actions.

If your infrastructure has devices protected by Kaspersky Endpoint Detection and Response Optimum, you can simultaneously manage these devices and devices with Kaspersky Industrial CyberSecurity Endpoint Detection and Response installed using Kaspersky Security Center. Thus, Kaspersky Security Center provides the capability to simultaneously manage solutions/devices protected by Kaspersky Endpoint Detection and Response Optimum and solutions/devices protected by Kaspersky Industrial CyberSecurity Endpoint Detection and Response using the Kaspersky Endpoint Agent policy.

Updates functionality (including providing anti-virus signature updates and codebase updates), as well as KSN functionality will not be available in the software in the U.S. territory from 12:00 AM Eastern Daylight Time (EDT) on September 10, 2024 in accordance with the restrictive measures.

Software Requirements

Kaspersky Industrial CyberSecurity Endpoint Detection and Response is compatible with the following versions of Kaspersky applications:

• Kaspersky Industrial CyberSecurity for Linux Nodes 1.5 and later.
• With Kaspersky Industrial CyberSecurity for Linux Nodes, you need to use applications for centralized network security management:
  • Kaspersky Security Center Windows 14.2 and later.
  • Kaspersky Security Center Linux 15.1 and later.
• Kaspersky Industrial CyberSecurity for Nodes 3.1 and later.
• Kaspersky Endpoint Agent 3.13 and later.

  Kaspersky Endpoint Agent can be installed on individual devices in the organization IT infrastructure that have Microsoft Windows operating system. The application provides support for Kaspersky Industrial CyberSecurity Endpoint Detection and Response for Kaspersky Industrial CyberSecurity for Nodes.

• With the specified versions of Kaspersky Industrial CyberSecurity for Nodes and Kaspersky Endpoint Agent, you need to use applications for centralized network security management:
  • Kaspersky Security Center versions from 10.5 to 12.1 support the limited functionality of Kaspersky Industrial CyberSecurity Endpoint Detection and Response (you can find out more about the functionality of Kaspersky Industrial CyberSecurity Endpoint Detection and Response with different versions of Kaspersky Security Center from the Kaspersky partner you purchased the license from).
  • Kaspersky Security Center Windows 12.1 and later has full support of Kaspersky Industrial CyberSecurity Endpoint Detection and Response functionality.
  • Kaspersky Security Center Linux 15.1 and later.

For information about the hardware and software requirements of the compatible applications, refer to the Help sections of the corresponding Kaspersky applications:

• Kaspersky Industrial CyberSecurity for Nodes.
• Kaspersky Industrial CyberSecurity for Linux Nodes;
• Kaspersky Endpoint Agent.
• Kaspersky Security Center Windows.
• Kaspersky Security Center Linux.

Solution architecture

Kaspersky Industrial CyberSecurity Endpoint Detection and Response includes the following components:

• An EPP application

  An application included in a protection system for endpoint devices

  (Endpoint Protection Platform, EPP).

  An integrated system of comprehensive endpoint protection (for example, mobile devices, computers or laptops) using various security technologies. An example of an Endpoint Protection Platform is Kaspersky Endpoint Security for Business.

  EPP applications are installed on endpoint devices within the IT infrastructure of an organization (for example, mobile devices, computers, or laptops). An example of an EPP application is Kaspersky Industrial CyberSecurity for Nodes included in Kaspersky Endpoint Detection and Response EPP solution.

  (Kaspersky Industrial CyberSecurity for Nodes and Kaspersky Industrial CyberSecurity for Linux Nodes) that supports Kaspersky Industrial CyberSecurity Endpoint Detection and Response functionality and is installed on separate devices in the organization IT infrastructure. This application continuously monitors processes running on protected devices, open network connections, and file changes.
• Kaspersky Endpoint Agent is an application that continuously monitors and sends information about processes, open network connections, and modified files on the device to Kaspersky Industrial CyberSecurity for Nodes.
• A solution for centralized network security management (Kaspersky Security Center).
• Threat Intelligence Tools:
  • Kaspersky Security Network (KSN) infrastructure of cloud services that provides access to the online Kaspersky Knowledge Base, which contains information about the reputation of files, web resources, and software. Using data from the Kaspersky Security Network ensures the rapid response of Kaspersky applications to threats, improves the performance of various security components, and reduces the likelihood of false positives.
  • Integration with Kaspersky Private Security Network (KPSN) that allows the users to access KSN reputation databases, as well as other statistics without submitting data to KSN from their devices.
  • Integration with Kaspersky Threat Intelligence Portal, which contains and displays information about the reputation of files and URLs.
  • Kaspersky Threats database.