Kaspersky introduces key enhancements to its SIEM through expanded threat detection, response features

by

Azunta Gaviola

-

1 year ago

The ‘What’s NEXT in Marketing 2025’ series is making waves in Singapore, the Philippines, Hong Kong, Indonesia, and Malaysia. Join us in shaping the future of marketing!

Singapore – Kaspersky, a global cybersecurity firm, has recently unveiled a suite of enhancements to its security information and event management (SIEM) system to enhance the productivity of cybersecurity teams through expanded threat detection and response features. 

These new additions to Kaspersky’s Unified Monitoring and Analysis Platform further enable cybersecurity professionals to efficiently navigate the platform. 

Key features of the platform include an event forwarding capability to work from remote offices to a single stream. This strategic approach allows an event router to be added to reduce load on communication channels and the number of ports opened on network firewalls. 

The router also collects events from collectors and directs them to designated destinations using configured filters, facilitating efficient load balancing between links and the use of low-bandwidth links. With this, the platform now offers the ability to group by arbitrary fields through time-rounding functions from the event interface. 

Furthermore, a capability to search events in multiple selected storage clusters has also been a notable addition to the platform. This capability makes it possible for a search query to be launched across multiple storage clusters, with the results displayed in a single consolidated table that shows the storage location for each record.

Among the new enhancements, a mechanism for mapping rules to the MITRE ATT&CK framework was also launched, with a feature that assists analysts in visualising the coverage of the MITRE ATT&CK matrix by developing rules, thereby assessing security levels. 

This functionality further enables analysts to import an up-to-date file with techniques and tactics into the SIEM system, as well as specify techniques and tactics detected by a rule in its properties. It also exports a marked-up list of rules to the MITRE ATT&CK Navigator.

Additionally, the update provides a collection of DNS analytics logs through the latest ETW (Event Tracing for Windows) transport. This functionality is used to read DNS Analytics subscriptions and provides an extended DNS log, diagnostic events, and analytical data on DNS server operations, offering more information than the DNS debug log and impacting DNS server performance less.

Commenting about these innovations, Ilya Markelov, head of the unified platform product line at Kaspersky, remarked, “The SIEM system is one of the primary tools designed for cybersecurity professionals. A company’s security largely depends on how conveniently experts can interact with SIEM, allowing them to focus directly on combating threats rather than performing routine tasks.”

“We are continuing to actively improve the solution based on market needs and customer feedback, and we are consistently introducing new features to make analysts’ work simpler,” Markelov further explained.

Celebrate the creativity and brilliance of advertising at the Advertising Awards Asia Pacific 2026! Happening this March in Singapore, we’ll be honouring the region’s most trailblazing advertising campaigns and visionary leaders— submit your entries today!
The NEXT Awards 2025 is here, and we’re seeking the most innovative marketing campaigns from Indonesiathe Philippines, Malaysia, Singapore and Asia Pacific. Submit your entry today and showcase your best work!
Share

RECENT ARTICLES

NTT DATA, AWS collaborate on AI-powered contact centre solutions
Temus strengthens Singapore AI capabilities through key partnerships, appointments
SailPoint introduces adaptive identity security platform as next generation of cybersecurity resilience
ServiceNow launches “AI Experience” to transform global enterprise workflows
Western Union launches new mobile app enhancing remittance services in the Philippines
Ellipse 3

RELATED ARTICLES

1_Kaspersky announces latest addition of AI-focused course module to its automated security awareness platform_11zon
4_Kaspersky to launch managed endpoint detection, response solution with Green Radar partnership_11zon
More than 36k online attacks daily targeted SEA businesses in 2023 report_11zon
Ellipse 3

FEATURED ARTICLES

2
Tech in Focus How SUSE accelerates innovation, strengthens security across enterprise-grade products through open-source solutions_11zon (1)
Tenable_Exclusive Interview_11zon

Subscribe to UpTech Media Newsletter

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.