Kaspersky has announced a significant update to its flagship business cybersecurity platform, Kaspersky Next, introducing new artificial intelligence (AI) capabilities, enhanced Endpoint Detection and Response (EDR) functionality, and improved deployment efficiency designed to help organisations combat increasingly complex cyber threats.
The update aims to simplify security operations while improving threat detection, enabling businesses to manage cybersecurity processes more effectively from a unified platform.
Rising Demand for Advanced Cybersecurity Tools
According to a recent global study by Kaspersky, one in three organisations plans to integrate Endpoint Detection and Response (EDR) or Extended Detection and Response (XDR) technologies into their security operations centres (SOCs). This growing trend reflects the increasing urgency for proactive and integrated cybersecurity solutions as cyber threats become more sophisticated.
In response, Kaspersky has enhanced the capabilities of Kaspersky Next to provide businesses with stronger visibility, faster threat detection, and improved response mechanisms across their digital infrastructure.
Kaspersky Next: Unified Protection for Businesses
Kaspersky Next is designed as a comprehensive B2B cybersecurity platform that combines real-time protection, threat visibility, investigation, and response capabilities.
The product line includes two primary offerings:
-
Kaspersky Next Optimum, tailored for small and medium-sized businesses.
-
Kaspersky Next Expert, designed for enterprises of all sizes.
The latest release focuses heavily on improvements to Kaspersky Next Expert, introducing advanced AI-powered tools, enhanced EDR features, and more flexible deployment options.
Integrated Security Operations With a Single Platform
One of the most significant updates is the migration of Kaspersky Next EDR Expert to the Open Single Management Platform (OSMP). This move brings several security tools together into one unified management console.
The platform now integrates key Security Operations Center technologies such as:
-
Endpoint Protection Platform (EPP)
-
Endpoint Detection and Response (EDR)
-
Extended Detection and Response (XDR)
-
Security Information and Event Management (SIEM)
This unified console allows organisations to integrate both Kaspersky and third-party security solutions, creating a more seamless and efficient security ecosystem.
For organisations operating at scale, the platform update also delivers improved infrastructure efficiency, reducing resource requirements by up to 30% for EDR Expert deployments and up to 60% for XDR Expert environments, which can significantly reduce hardware costs.
New AI Features Improve Threat Detection
The update introduces several AI-powered capabilities designed to detect sophisticated cyber threats more quickly and accurately.
One key feature focuses on detecting DLL hijacking attacks, a technique where attackers manipulate legitimate software into loading malicious dynamic libraries. The AI engine analyses program execution patterns and parameters to identify suspicious behaviour and automatically trigger alerts.
Another AI-driven function helps detect compromised user accounts by analysing login behaviour and establishing a baseline of normal activity. When abnormal login patterns are detected, the system generates alerts to warn security teams of possible credential theft.
KIRA AI Assistant Supports SOC Analysts
The update also introduces Kaspersky Investigation and Response Assistant (KIRA AI), the first generative AI-powered assistant integrated into the platform.
KIRA is designed to reduce the workload of SOC analysts by simplifying complex cybersecurity investigations. Its capabilities include:
-
Translating natural language threat-hunting requests into structured queries for telemetry databases
-
Generating quick incident summaries that explain attack vectors and attacker activity
-
Deobfuscating complex command lines to help analysts understand malicious operations
These features allow analysts to identify and respond to incidents more quickly without manually analysing large volumes of event data.
Enhanced EDR Capabilities for Faster Response
Kaspersky Next Expert also introduces several improvements aimed at strengthening endpoint security and accelerating incident response.
Key enhancements include:
-
Improved integration with Kaspersky Managed Detection and Response (MDR) for faster collaboration during threat investigations
-
Advanced monitoring of server health metrics to ensure system stability and performance
-
Enhanced Linux EDR agent capabilities for broader threat detection across diverse IT environments
-
Automated and manual incident response playbooks that shorten the time between detection and remediation
The platform also introduces alert merging, which groups related alerts into a single incident view, helping analysts focus on the full attack chain while reducing noise from multiple alerts.
Visual Attack Analysis and Real-Time Response
Security teams now also gain access to a new attack development graph, providing a visual representation of the stages and vectors of an attack. This feature allows analysts to quickly understand the scope of a threat and determine the most effective response strategy.
Additionally, a new Live Shell remote terminal allows analysts to perform response actions directly on protected devices and monitor the results in real time, significantly reducing response times during active incidents.
The update also introduces enhanced role-based access control (RBAC), allowing organisations to manage user permissions more flexibly by assigning multiple roles and simplifying account management.
Driving Smarter Cybersecurity Operations
According to Ilya Markelov, Head of Unified Platforms at Kaspersky, the update reflects the company’s focus on delivering smarter, integrated security solutions.
“This update exemplifies our commitment to empowering cybersecurity teams with smarter, more integrated solutions. By unifying SOC tools within a single platform and enhancing EDR and AI capabilities, we enable faster, more precise threat detection, as well as more efficient operations, raising the bar for proactive cybersecurity protection,” said Markelov.
With cyber threats continuing to evolve rapidly, Kaspersky says the latest update to Kaspersky Next aims to equip businesses with the advanced tools needed to detect, investigate, and neutralise attacks more efficiently while optimising operational costs.
