Kaspersky Launches Targeted Attack Detection Platform, Security Intelligence Services At RSA Conference

Kaspersky Lab Tuesday launched a targeted attack detection platform and line of security intelligence services at the RSA Conference, being held this week in San Francisco.

The Kaspersky Anti-Targeted Attack Platform works by collecting data from network, Web, email and endpoint sensors and feeding it into an advanced sandbox for detection, and includes a targeted attack analyzer to assess and combine threat verdicts. The result, according to Michael Canavan, vice president of enterprise engineering at Kaspersky, is a platform that provides actionable intelligence around existing threats on a customer's network.

The line of security intelligence services, meanwhile, includes security assessment services, cybersecurity training and threat intelligence. The security-as-a-service products are aimed at large organizations, government agencies, ISPs, telecoms and MSSPs.

[Related: Palo Alto Networks CEO Expects Security Vendor Won't Be Hit By Spending Slowdown]

Sponsored post

Customers today are spending roughly 80 percent of their budgets on perimeter and protection technologies, Canavan said. However, Kaspersky expects that balance to shift, with customers putting more emphasis on detection and response technologies.

"There's a realization that customers are starting to have a more balanced approach in their security postures," Canavan said. "This product set is really the accumulation of that realization and the shift from the market, the advanced threats that are out there, and extending the capability out from the protection realm to the detection realm."

That shift is being felt by partners, too. Michael Knight, president and CTO of Encore Technology Group, a Greenville, S.C.-based Kaspersky partner, said it critical for his business to help customers make that shift, as it limits the devastating damage that can come from a data breach.

"The big shift from protection to detection -- if you really break down why that's changing, it's because the faster you can detect a threat, the less damage that can happen to customer environments," Knight said. "By having this … partners can get an additional layer of security," he said.

Knight said the offerings present a big opportunity for Encore Technology Group, as the Anti-Targeted Attack Platform, combined with the new training and services, will drive more business for both sides.

"From the partner side, everything is an opportunity," Knight said. "Any time you can engage with Kaspersky, one of our best partners … on this level [is an opportunity]. Not only are we learning more and more, but we're doing more and more together. … There's more business for both of us."

While Moscow-based Kaspersky has planted its stake in traditional security markets such as anti-virus, Cavanan said the new releases mark an evolution of its portfolio to keep up with emerging security threat trends.

"Security is a more and more complex issue," Cavanan said. "Having a fundamental shift to this adaptive security model, where you move from simply just protection in an environment to detection, response and remediation … this will not only open the opportunity for partners to open their portfolio but, as a vendor, will provide more value in the chain in these different areas."

Encore Technology Group's Knight said it is important to him that a vendor partner keeps up with industry trends like this.

"For a partner, it's always important for us to have our technology partner see growth and change and [make] adjustments. ... It's very important to see partners like Kaspersky continue to evolve and bring solutions forward that will absolutely be impactful to what we're doing."