Kaspersky has upgraded its Kaspersky Next cybersecurity platform with new artificial intelligence capabilities designed to improve threat detection, accelerate investigations, and reduce infrastructure costs for businesses.
The update enhances the all-in-one security operations platform with faster data search capabilities and improved analytics while also lowering hardware requirements. According to the company, the changes allow organizations to reduce operational costs without compromising the efficiency of their cybersecurity management systems.
The development comes as more companies seek stronger cyber defense tools. A recent Kaspersky global study found that one in three organizations plans to integrate Endpoint Detection and Response (EDR) or Extended Detection and Response (XDR) technologies into their security operations centers. The trend reflects growing awareness among businesses about the need for unified and proactive defenses against increasingly complex cyber threats.
Kaspersky Next is the company’s flagship B2B cybersecurity product line, offering real-time protection, threat visibility, and investigation and response capabilities through EDR and XDR technologies. The product suite includes Kaspersky Next Optimum, designed for small and mid-sized businesses, and Kaspersky Next Expert, built for large enterprises.
The latest release primarily focuses on upgrades to Kaspersky Next Expert. The platform has now transitioned to the Open Single Management Platform (OSMP), which brings key Security Operations Center tools—including Endpoint Protection Platform (EPP), EDR, XDR, and Security Information and Event Management (SIEM)—into a single management console.
The move is intended to simplify security operations by enabling smoother interaction between different components and allowing integration with both Kaspersky and third-party security solutions. The system also maintains connectivity with Kaspersky’s Anti-Targeted Attack and Network Detection and Response interfaces through a single sign-on service, enabling analysts to manage EDR and NDR tools from one environment.
Kaspersky said the update also improves system efficiency for large deployments. Optimized system sizing reduces resource requirements by up to 30 percent for Kaspersky Next EDR Expert users and up to 60 percent for Kaspersky Next XDR Expert users.
Artificial intelligence plays a central role in the upgrade. The new version introduces improved detection of DLL hijacking attacks, automatically alerting security teams when suspicious behavior is detected. The system analyzes program launch and execution parameters to identify cases where legitimate software may be running with malicious dynamic libraries.
Another AI-driven feature focuses on identifying potentially compromised user accounts. By building a baseline of normal login behavior, the platform can detect unusual activity and generate alerts that may indicate account takeover attempts.
Kaspersky has also integrated its Kaspersky Investigation and Response Assistant (KIRA AI) into the platform. The generative AI-powered assistant helps security analysts analyze incidents more efficiently by deobfuscating command lines, generating concise investigation reports, and translating plain-language requests into structured threat-hunting queries.
KIRA AI can also produce automatic summaries of security incidents. The feature provides analysts with a quick overview of the attack, including the initial entry point and the sequence of actions carried out by the attacker, reducing the time required to analyze large volumes of event data.
Beyond AI enhancements, the update introduces several improvements to endpoint detection and response capabilities. The platform now integrates more closely with Kaspersky Managed Detection and Response (MDR) services, enabling faster coordination between automated systems and human security analysts.
Other improvements include enhanced monitoring of server performance metrics to ensure system stability and an upgraded Linux EDR agent that strengthens threat detection across diverse operating environments.
The platform also introduces new automated and manual response playbooks designed to reduce the time between threat detection and containment. Alerts can now be merged into single incidents, allowing security teams to see the full attack chain and prioritize critical threats more effectively.
A new attack development graph visually maps the progression of a cyberattack, helping analysts identify its scale, entry points, and stages. Meanwhile, a new remote response feature known as Live Shell enables analysts to interact with protected devices through a remote terminal and view response results in real time.
The update also enhances role-based access control by introducing more flexible account management capabilities, including the ability to create, edit, and delete user accounts and assign multiple roles.
Ilya Markelov, Head of Unified Platforms at Kaspersky, said the update reflects the company’s efforts to help cybersecurity teams operate more efficiently in increasingly complex threat environments.
“This update exemplifies our commitment to empowering cybersecurity teams with smarter, more integrated solutions. By unifying SOC tools within a single platform and enhancing EDR and AI capabilities, we enable faster and more precise threat detection while improving operational efficiency,” Markelov said.
Go to TECHTRENDSKE.co.ke for more tech and business news from the African continent and across the world.
Follow us on WhatsApp, Telegram, Twitter, and Facebook, or subscribe to our weekly newsletter to ensure you don’t miss out on any future updates. Send tips to editorial@techtrendsmedia.co.ke
