Kaspersky introduces key enhancements to its SIEM through expanded threat detection, response features

by

Azunta Gaviola

-

1 year ago

The ‘What’s NEXT in Marketing 2025’ series is making waves in Singapore, the Philippines, Hong Kong, Indonesia, and Malaysia. Join us in shaping the future of marketing!

Singapore – Kaspersky, a global cybersecurity firm, has recently unveiled a suite of enhancements to its security information and event management (SIEM) system to enhance the productivity of cybersecurity teams through expanded threat detection and response features. 

These new additions to Kaspersky’s Unified Monitoring and Analysis Platform further enable cybersecurity professionals to efficiently navigate the platform. 

Key features of the platform include an event forwarding capability to work from remote offices to a single stream. This strategic approach allows an event router to be added to reduce load on communication channels and the number of ports opened on network firewalls. 

The router also collects events from collectors and directs them to designated destinations using configured filters, facilitating efficient load balancing between links and the use of low-bandwidth links. With this, the platform now offers the ability to group by arbitrary fields through time-rounding functions from the event interface. 

Furthermore, a capability to search events in multiple selected storage clusters has also been a notable addition to the platform. This capability makes it possible for a search query to be launched across multiple storage clusters, with the results displayed in a single consolidated table that shows the storage location for each record.

Among the new enhancements, a mechanism for mapping rules to the MITRE ATT&CK framework was also launched, with a feature that assists analysts in visualising the coverage of the MITRE ATT&CK matrix by developing rules, thereby assessing security levels. 

This functionality further enables analysts to import an up-to-date file with techniques and tactics into the SIEM system, as well as specify techniques and tactics detected by a rule in its properties. It also exports a marked-up list of rules to the MITRE ATT&CK Navigator.

Additionally, the update provides a collection of DNS analytics logs through the latest ETW (Event Tracing for Windows) transport. This functionality is used to read DNS Analytics subscriptions and provides an extended DNS log, diagnostic events, and analytical data on DNS server operations, offering more information than the DNS debug log and impacting DNS server performance less.

Commenting about these innovations, Ilya Markelov, head of the unified platform product line at Kaspersky, remarked, “The SIEM system is one of the primary tools designed for cybersecurity professionals. A company’s security largely depends on how conveniently experts can interact with SIEM, allowing them to focus directly on combating threats rather than performing routine tasks.”

“We are continuing to actively improve the solution based on market needs and customer feedback, and we are consistently introducing new features to make analysts’ work simpler,” Markelov further explained.

Step into a world where creativity meets cutting-edge tech at MARKETECH APAC’s Advertising Technology Asia 2025! Coming to the Philippines on 9 September, be at the forefront of the adtech revolution—register now!
The NEXT Awards 2025 is here, and we’re seeking the most innovative marketing campaigns from Indonesiathe Philippines, Malaysia, Singapore and Asia Pacific. Submit your entry today and showcase your best work!
Share

RECENT ARTICLES

Cohesity names Greg Statton as chief technology officer for Asia Pacific and Japan operations
Telekom Malaysia, Scicom enhances AI-driven customer experience in Malaysia
Gill Capital introduces AI-powered retail search in Southeast Asia
Exclusive Networks names Bennett Wong as senior vice president for APAC to lead regional growth
Aduna, Maxis expand network API ecosystem in Malaysia
Ellipse 3

RELATED ARTICLES

1_Kaspersky announces latest addition of AI-focused course module to its automated security awareness platform_11zon
4_Kaspersky to launch managed endpoint detection, response solution with Green Radar partnership_11zon
More than 36k online attacks daily targeted SEA businesses in 2023 report_11zon
Ellipse 3

FEATURED ARTICLES

2
Tech in Focus How SUSE accelerates innovation, strengthens security across enterprise-grade products through open-source solutions_11zon (1)
Tenable_Exclusive Interview_11zon

Subscribe to UpTech Media Newsletter

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.