Kaspersky has upgraded its Kaspersky Next cybersecurity platform with enhanced artificial intelligence capabilities aimed at improving threat detection, streamlining investigations, and reducing infrastructure costs for businesses. The update comes as organizations increasingly seek robust cyber defense tools, reflecting the growing complexity of cyber threats.
The enhanced platform features faster data search functions and improved analytics while lowering hardware requirements. Kaspersky reports that these modifications allow organizations to decrease operational costs without sacrificing the efficiency of their cybersecurity management systems. A recent global study conducted by Kaspersky found that one in three organizations plans to integrate Endpoint Detection and Response (EDR) or Extended Detection and Response (XDR) technologies into their security operations, highlighting the urgent need for unified defenses.
Kaspersky Next serves as the company’s flagship B2B cybersecurity product line, providing real-time protection, threat visibility, and response capabilities through EDR and XDR technologies. The product suite includes Kaspersky Next Optimum, tailored for small and mid-sized businesses, and Kaspersky Next Expert, designed for larger enterprises. The latest version primarily upgrades Kaspersky Next Expert, transitioning to the Open Single Management Platform (OSMP), which consolidates critical Security Operations Center tools—including Endpoint Protection Platform (EPP), EDR, XDR, and Security Information and Event Management (SIEM)—into a unified management console.
This consolidation aims to simplify security operations, facilitating smoother interactions among various components and allowing integration with both Kaspersky and third-party security solutions. The system maintains connectivity with Kaspersky’s Anti-Targeted Attack and Network Detection and Response interfaces through a single sign-on service, enabling analysts to manage EDR and NDR tools from a single environment.
Kaspersky stated that the update enhances system efficiency for large deployments, with optimized system sizing reducing resource requirements by up to 30% for Kaspersky Next EDR Expert users and up to 60% for Kaspersky Next XDR Expert users. A core element of this upgrade is the integration of artificial intelligence, which improves the detection of DLL hijacking attacks. The system automatically alerts security teams upon detecting suspicious behavior, analyzing program launch and execution parameters to identify instances where legitimate software may be executing with malicious dynamic libraries.
Another AI-driven feature focuses on identifying potentially compromised user accounts. By establishing a baseline of normal login behavior, the platform can detect unusual activities and generate alerts that may indicate account takeover attempts. Kaspersky has also incorporated its Kaspersky Investigation and Response Assistant (KIRA AI) into the platform, which helps security analysts analyze incidents more efficiently. KIRA AI can deobfuscate command lines, generate concise investigation reports, and translate plain-language requests into structured threat-hunting queries.
The integration of KIRA AI further aids in producing automatic summaries of security incidents, providing analysts with a quick overview of the attack, including the initial entry point and the sequence of actions taken by the attacker. This feature significantly reduces the time required to analyze large volumes of event data. In addition to AI enhancements, the update introduces improved endpoint detection and response capabilities, integrating more closely with Kaspersky Managed Detection and Response (MDR) services for expedited coordination between automated systems and human analysts.
Other improvements encompass enhanced monitoring of server performance metrics to ensure system stability, along with an upgraded Linux EDR agent that bolsters threat detection across diverse operating environments. New automated and manual response playbooks aim to reduce the time between threat detection and containment, allowing alerts to be merged into single incidents. This functionality enables security teams to visualize the full attack chain and prioritize critical threats more effectively.
The platform introduces an attack development graph to visually map the progression of cyberattacks, assisting analysts in identifying the scale, entry points, and stages of incidents. Additionally, a new remote response feature known as Live Shell allows analysts to interact with protected devices through a remote terminal and view response results in real time. Enhancements to role-based access control introduce more flexible account management capabilities, including options to create, edit, and delete user accounts and assign multiple roles.
Ilya Markelov, Head of Unified Platforms at Kaspersky, emphasized that the update reflects the company’s commitment to enhancing the efficiency of cybersecurity teams in increasingly complex threat landscapes. “This update exemplifies our commitment to empowering cybersecurity teams with smarter, more integrated solutions. By unifying SOC tools within a single platform and enhancing EDR and AI capabilities, we enable faster and more precise threat detection while improving operational efficiency,” Markelov stated.
See also
Anthropic’s Claims of AI-Driven Cyberattacks Raise Industry Skepticism
Anthropic Reports AI-Driven Cyberattack Linked to Chinese Espionage
Quantum Computing Threatens Current Cryptography, Experts Seek Solutions
Anthropic’s Claude AI exploited in significant cyber-espionage operation
AI Poisoning Attacks Surge 40%: Businesses Face Growing Cybersecurity Risks
