HomeEnterprise SecurityProductsKaspersky Anti Targeted Attack Platform

    product-icon

    Product

    Kaspersky Anti Targeted Attack Platform

    Discover advanced network threats hiding below the radar of perimeter protection

    REQUEST A DEMO

    Download Whitepaper (15 Pages)

    Download Datasheet (2 Pages)

    Kaspersky Anti Targeted Attack

    Network Traffic Analysis driven by Machine Learning

    Today’s cybercriminals constantly design unique and innovative methods of penetration and compromise. To avoid perimeter prevention technologies they use social engineering, non-malware and supply chain attacks to operate under the radar of security designed to catch ‘bad’ traces. It’s not enough to just ‘know’ what’s bad or dangerous – enterprises need to understand what’s normal, and use AI-driven techniques that simplify and automate this process. Targeted Attack Analyzer is a machine learning engine that involves self-learning to establish the baseline of normal, legitimate activities of an entire network. Through continuous network telemetry collection it finds deviations, detects suspicious activities and predicts further malicious actions at the initial stages of multilayered attacks.

    Threat Emulation with Advanced Sandboxing

    The static analysis of network traffic doesn’t provide adequate security on its own. Multi-layered malware, additional payloads and hidden command and control communications all require multi-dimensional detection capabilities at perimeter level, to prevent endpoints and servers from being compromised. Enterprises need extremely powerful detection engines to discover threats at the earliest stage, before lateral movement is established. Kaspersky’s Advanced Sandbox provides multi-layered detection, mapping to the MITRE ATT&CK knowledge base for further analysis of adversaries’ tactics, techniques and procedures. Sandbox supports several emulation modes, the randomization of OS components, time acceleration in virtual machines, anti-evasion techniques and user activity simulation.

    • Automated correlation and complete network visibility

      The ML-based correlation engine aggregates network-level telemetry and verdicts and empowers it with endpoint-level data from Kaspersky EDR. It gives complete visibility and correlates incidents with rich context, fully automated and easy to use for better decision making.

    • Multi-dimensional advanced detection

      Built around a Machine Learning core (Targeted Attack Analyzer) the platform combines advanced detection capabilities using static, behavioral, cloud reputation, sandboxing, YARA and pattern-based detection engines.

    • Enterprise Email Protection

      In addition to full network traffic analysis the platform automatically analyzes URLs in emails, password-protected archives and attachments to protect mail traffic, regardless of implementation mode: cloud, on-premise or encrypted. To prevent threats, the platform integrates with the Kaspersky Secure Mail Gateway.

    Suitable For

    Kaspersky Anti Targeted Attack Platform is an additional layer of network defense. Multi-dimensional advanced threat discovery with unified proxy, web, email and endpoint visibility and correlation for organizations including:

    Awards
    Kaspersky Anti-Targeted Attack Platform
    ICSA Labs: Advanced Threat Defense test (Q1, Q2, Q3, Q4)
    Recognition
    Kaspersky Threat Management and Defense
    Radicati APT Protection Market Quadrant 2019
    Kaspersky Threat Intelligence Services
    The Forrester New Wave™: External Threat Intelligence Services, Q3 2018

    In Use

    • The most effective and trusted solution of its kind - PROVEN

      Kaspersky Anti Targeted Attacks platform incorporates proven approaches to advanced cybersecurity in a single solution. Powerful ML-based Network Traffic Analysis and Advanced Sandboxing work together to deliver superior detection rates. All analysis is performed completely on-site to avoid critical data or objects shared with the outside world. This approach delivers the right balance of trust and functionality for enterprise organizations with internal privacy concerns or external regulatory compliance requirements. As a result the platform delivers 100% detection rates*, with 0% false positives, eliminating the need to waste time responding to false alarms.
      *ICSA lab, Q2 2018

    • Automated in-house virus lab

      The all-in-one Kaspersky Anti Targeted Attack platform fully automates data collection, analysis and correlation for the entire scope of network-level advanced threats. This significantly reduces the time security teams need to spend on threat detection while improving reaction times thanks to the contextual incident representation in the single console. The platform provides a detailed analysis of a threat’s scope by identifying compromised systems, communication between local and external systems and datasets and identities affected or compromised during the attack. It facilitates active discovery of threats over proxy, Web, email and endpoint activities which may be hidden in the network.

    • Multi-layered Machine Learning in one technology

      Kaspersky Anti Targeted Attack platform delivers a unique machine learning engine which enables multi-layered detection scenarios with automated correlation of results in one solid core. Targeted Attack Analyzer detects over-network telemetry and objects with endpoint-level telemetry and automated detection scenarios. This innovative approach, augmented with Advanced Sandboxing, provides a unique combination of all necessary detection scenarios in a single technology.

    24/7

    Premium Support

    Professional help is available whenever you need it. Operating in more than 200 countries, from 34 offices worldwide, we have you covered 24/7/365. Take advantage of our Premium support packages, or call on our Professional Services to ensure that you derive maximum benefit from your Kaspersky security installation.

    PREMIUM SUPPORTPROFESSIONAL SERVICES

    System Requirements


    Sandbox* Нardware requirements

    • 16 CPU cores 2.7 GHz
    • 80 Gb RAM
    • 300 Gb HDD
    • Two 1Gb/sec Ethernet adapters


    Central Node* Hardware requirements

    • 16 CPU cores 2.7 GHz
    • 96 Gb RAM
    • 3 TB HDD
    • One 1Gb/sec Ethernet adapter

    * Appliances can be virtual, VMware vSphere is recommended as a platform.

    Read More Read Less

    The Threats

    As the adoption of digital technologies such as the cloud, big data, mobile IoT and artificial intelligence continues apace, together with increasing inter-connectivity, new security, compliance and data protection challenges arise.

    • Scan

      Data management and compliance issues which can slow business evolution

    • Scan

      Lack of a planning and a unified security strategy for Incident Response

    • Scan

      Shadow IT and low visibility over business assets, and the corresponding risks

    • Scan

      New business initiatives suffering from ineffective or unsuitable security

    • Scan

      Too many alerts to be verified due to 'false positives'

    • Scan

      Stolen credentials and permissions which can put businesses at significant risk

    Let’s start the conversation! To talk to one of our experts about how True Cybersecurity can inform your corporate security strategy. Get in touch!

    Get in Touch

    We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.

    Accept and Close