Could a single platform predict and stop attacks before they happen?

Kaspersky has updated its Kaspersky Next security platform, introducing expanded AI capabilities and a unified SOC management console.

The enhancements allow faster data searches, improved threat detection, and easier administration of security tasks while reducing hardware requirements and operational costs.

A recent Kaspersky study found that one in three companies plans to integrate EDR or XDR solutions into their SOCs to strengthen protection against advanced cyber threats.

Kaspersky Next provides real-time protection, threat visibility, investigation, and response tools for enterprises, and the new Kaspersky Next Expert release adds AI-driven technologies, expanded EDR functions, and flexible deployment options.

The platform has migrated to the Open Single Management Platform, consolidating EPP, EDR, XDR, and SIEM tools into a single console and allowing integration with third-party solutions.

Seamless transitions are maintained between OSMP and KATA/NDR interfaces through Single Sign-On, enabling concurrent use of EDR and NDR.

Optimized sizing reduces resource requirements by up to 30% for EDR Expert users and up to 60% for XDR Expert users, facilitating large-scale deployments.

New AI features include detection of DLL hijacking attacks with automated alerts and monitoring for potentially compromised user accounts using abnormal login activity patterns.

The Kaspersky Investigation and Response Assistant (KIRA AI) integrates GenAI capabilities to help analysts deobfuscate command lines, generate concise reports, and reduce cognitive load.

KIRA AI can translate natural-language threat-hunting requests into structured queries and produce incident summaries that detail attack vectors and attacker actions.

Enhanced EDR capabilities include improved integration with Kaspersky MDR for faster threat response and monitoring of server “health” metrics to maintain stability.

Advanced Linux EDR agents improve detection and mitigation across varied environments, while playbooks enable automated or manual incident response.

Alert merging allows analysts to focus on the full attack picture, and a new attack development graph visualizes attack chains for faster assessment.

A remote terminal “Live Shell” enables real-time responses on protected devices, reducing reaction times.

Upgraded role-based access control provides advanced account management, including multiple role assignments and flexible permissions.

Kaspersky says these updates aim to unify SOC tools, enhance AI and EDR functionalities, and improve both threat detection speed and operational efficiency for cybersecurity teams.