Kaspersky Endpoint Detection and Response (EDR) Optimum helps identify, analyze and neutralize evasive threats by providing easy-to-use advanced detection, simplified investigation and automated response. It is a basic EDR tool for mid-market organizations who are just starting to build their incident response processes.
$14.50
per year on a 3 year license (Pricing is for a 3-year commitment, calculated per year). 1 endpoint
Microsoft Defender for Endpoint
Score 8.3 out of 10
N/A
Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
$2.50
per user/per month
Pricing
Kaspersky EDR Optimum
Microsoft Defender for Endpoint
Editions & Modules
Kaspersky EDR Optimum
$14.50
per year on a 3 year license (Pricing is for a 3-year commitment, calculated per year). 1 and 2 year licenses also available. per endpoint
We have been using Kaspersky EDR Optimum for over 10 years, with the evolution of products reaching EDR now, we can verify the integrated responsiveness and visibility of our environment. Great protection tool on all OS. Very good value for money, with the new licensing, all business plans will now have native EDR.
Scenarios where it is Well-Suited Are Enterprise Environments with Microsoft Ecosystems, Organizations with Remote and Hybrid scenarios, Advanced Threat Protection Needs, and any company that needs to protect sensitive data. Scenarios where it is less appropriate are mixed Operating System Environments, Companies with Limited IT Resources, highly Specialized Security Needs, and Organizations needing extensive customizations.
KEDR Optimum is helping to see threat kill chain formation, which helps to get clear picture of the what exactly attacker was trying to do during attack.
We are crating prevent execution rules to block the threat in our complete infra.
Ioc scan to validate and remove the any active threat entry from our endpoints
It integrates perfectly with Azure Sentinel. I mean, that's great. We can have a single pane of class with other platforms, like Defender for Cloud, Defender for endpoints, and Defender for servers, which is awesome as well. The ease of deployment is because Microsoft made sure around a year ago that every single workstation with Microsoft Windows came with Defender for Endpoints embedded.
While it's a very good product for auditing, it has a very hard time to distinguish what is malicious and is an attack, what is not. Very rarely we get indication of a real malicious attack. We got lots of hours for off the shelf malware that it cleans up automatically. So basically we never get to look at it, which is a positive thing, but threats are detected by the third party endpoint, so it will not be enough by itself.
At the moment and unfortunately we'll not renew our licenses, due to the Russian conflict and the company policy that has forced us to get rid of any Russian related product. Before that incident, we were very happy with the product and we did not even think once about changing it... Maybe on the future...
Cost add-ons for Security features is nickel and diming the process to keep pace with cybercrime. Limited Education budgets require us to be more pro-active in finding cost-effective measures to protect our devices, staff and students. Defender is a strong, well-featured product that is pricing itself out of the education market
This item can always be improved, perhaps by pre-elaborating very long reports, such that they are built progressively so that when the user wants to consult them, the delay is minimal. It would also be interesting to have a warehouse of reports, which serves as a repository where they can be consulted whenever needed, adding AI capabilities that allow data to be linked together and improve the analysis and possible correlations of events.
The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
After several evaluations we concluded that the kasprsky provider has a solution for each processing environment we have.This impacts an excellent cost-benefit for achieving economies of scale on the company's infrastructure. On the other hand, we verified that during its operation, its level of effectiveness in terms of malware detection is excellent. Finally, it provides a desktop patch management solution that we found efficient and effective. Allowing you to automate the distribution of patches with a minimum staffing of technical personnel.
I would say not to name specific company names, because I'm a partner with one of them and that's the account that I work with. But I use some competing solutions that I would say are pretty heavy from an overhead perspective with the agent that has to be installed in the machine. It can be too restrictive for permissions where it gets in the way of an employee doing their job and the ability for Defender to be secure in that, but still allow an employee to go about their day and do what they need to do is certainly a change maker there. But yeah, from the other products perspective across the years, whether it be business or personal, some other products I can name are other endpoint protections from Vera Avast, McAfee, of course as folks remember that. And some of the other major players too that I would say a large networking company that doubles in security as well. I'll name them that way.
