| Developers: | Kaspersky Kaspersky |
| Last Release Date: | 2024/04/23 |
| Branches: | Information security |
| Technology: | Information Security Management (SIEM) |
Main article: Security Information and Event Management (SIEM)
2024: Kaspersky Symphony XDR 2.0 with Kaspersky Single Management Platform
Kaspersky Lab on April 23, 2024 presented an updated solution for Kaspersky Symphony XDR 2.0. One of the main changes was the Kaspersky Single Management Platform (SMP) - a single interface that provides a holistic view of information and centralized management of data and processes. Thanks to the SMP platform, Kaspersky Symphony XDR has flexible tools for automating incident response processes, the ability to restore a holistic picture of an attack using the investigation graph, as well as new ways to manage incidents.
Advanced cyber incident analysis capabilities. The updated version of the solution adds a special graph that uses information about incidents, alerts, events, EDR telemetry, Kaspersky Threat Intelligence data and contextual enrichment to build and display relationships between different objects. A single graph allows you to keep the progress of the investigation on the graph so that users can perform their part of the investigation and pass the link to a colleague analyst for further action. Information security specialists can edit the graph, including manually: search for missing elements using the search for events and add relevant events to the graph.
Automated incident response with playbooks. Playbooks are advanced functionality for automating incident investigation and response processes with off-the-shelf and user-defined scenarios. Playbooks use an algorithm from a sequence of response actions that assist in the analysis and handling of incidents or alerts. They speed up routine operations, free up the time of information security specialists to study more complex incidents, and minimize errors in frequently recurring situations, increasing the speed and accuracy of incident handling.
User-friendly interface for incident management. Thanks to it, information security analysts can sort alerts, enrich data, mark incidents using the MITRE ATTACK matrix and launch response actions. This expands the ability of information security teams to detect and investigate incidents, increases the efficiency of handling alerts, and also contributes to a coordinated response.
The SMP dashboard allows information security commands to create their own widgets with different settings, as well as layouts with widgets for the required types of events.
 | Kaspersky Symphony XDR is a solution for organizations that seek to implement a comprehensive approach to cybersecurity. It includes closely integrated tools that provide comprehensive protection against both massive threats and complex targeted attacks. At the same time, companies do not need to spend resources on selecting suitable information security products and implement them separately: Kaspersky Symphony XDR simultaneously closes all needs for cyber protection, - comments Anna Kulashova, Managing Director of Kaspersky Lab Russia in and. countries CIS- The new version of our solution combines most of the tools necessary to ensure a high level of infrastructure security into a single management and monitoring interface. This frees up the resources of information security teams and increases the efficiency of incident detection and response. |  |
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |