Kaspersky KATA 7.0 for targeted attack protection

Issue 2 2025 Information Security, Products & Solutions

Kaspersky has announced a major update to its Kaspersky Anti Targeted Attack (KATA). With the launch of KATA 7.0, organisations can now benefit from enhanced network detection and response (NDR) capabilities with deeper network visibility, internal threats detection and other critical security features.

According to Kaspersky’s IT Security Economics 2024 report, an overwhelming majority of organisations report network attacks. Large enterprises lead with 97% reporting an attack, followed by SMEs at 88%, and SMBs at 83%. With this in mind, Kaspersky updates its solutions regularly to ensure businesses are equipped to meet evolving security requirements.

The latest enhancements in KATA 7.0 address key customer challenges by delivering full visibility across IT infrastructure, advanced defence against sophisticated threats, and a streamlined, resource-efficient security solution. The update introduces network telemetry export from Kaspersky Endpoint Security for Windows and Linux, adding one more additional source of network data collection to copy of SPAN traffic, which improves visibility and threat detection.

The introduction of new asset management, network map, and network session table modules, provides SOC analysts with enhanced tools for monitoring and managing network security through graphical representations, advanced filtering, and interactive features. These additions create a complete network inventory and management system.

The updated platform also strengthens internal traffic monitoring with new NDR IDS rules for east-west traffic analysis, improving the detection of lateral movement, data exfiltration and other malicious attempts that could previously have gone unnoticed. Additionally, new risk and anomaly detection capabilities identify hidden threats and potential security vulnerabilities before they escalate into breaches, helping organisations proactively manage cybersecurity risks.

As KATA offers comprehensive security at both the network and endpoint levels, its endpoint detection and response technology, EDR Expert, has also undergone significant updates in version 7.0. The variety of collected telemetry types has been expanded, providing enhanced visibility into an event at endpoints.

Threat hunting search capabilities have also been improved, with search now available across all the events attributes. This enables more effective threat detection and creates more accurate exceptions to minimise false positives. Sigma-rules support has also been added with this update meaning it is now possible to find threats according to the condition contained in the Sigma rule in historical data or new events collected from the endpoints.

“With the launch of KATA 7.0, we are reinforcing our commitment to providing enterprises with a fully integrated security solution capable of detecting and mitigating complex threats across both network and endpoint levels,” said Alexander Rumyantsev, senior product manager cloud and network security at Kaspersky. “These enhanced NDR capabilities, expanded visibility, and real-time intelligence empower organisations to detect and mitigate threats more effectively than ever before.”




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Cybersecurity a challenge in digitalising OT
Kaspersky Information Security Industrial (Industry)
According to a study by Kaspersky and VDC Research on securing operational technology environments, the primary risks are inadequate security measures, insufficient resources allocated to OT cybersecurity, challenges surrounding regulatory compliance, and the complexities of IT/OT integration.

Read more...
Cybersecurity in South Africa
Information Security
According to the Allianz Risk Barometer 2025, cyber incidents, including ransomware attacks, data breaches and IT outages, are now the top global business risk, marking their fourth year at the top.

Read more...
Are AI agents a game-changer?
Information Security
While AI-powered chatbots have been around for a while, AI agents go beyond simple assistants, functioning as self-learning digital operatives that plan, execute, and adapt in real time. These advancements do not just enhance cybercriminal tactics, they may fundamentally change the battlefield.

Read more...
Disaster recovery vs cyber recovery
Information Security
Disaster recovery centres on restoring IT operations following events like natural disasters, hardware failures or accidents, while cyber recovery is specifically tailored to address intentional cyberthreats such as ransomware and data breaches.

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
Advanced surveillance storage from ASBIS
Infrastructure Surveillance Products & Solutions
From a video storage solutions perspective, SkyHawk drives, designed for DVRs and NVRs, offer high capacity, optimised firmware, and a reliability workload rating of hundreds of terabytes per year.

Read more...
The rise of AI-powered cybercrime and defence
Information Security News & Events AI & Data Analytics
Check Point Software Technologies launched its inaugural AI Security Report, offering an in-depth exploration of how cybercriminals are weaponising artificial intelligence (AI), alongside strategic insights defenders need to stay ahead.

Read more...
The deepfake crisis is here and now
Information Security Training & Education
Deepfakes are a growing cybersecurity threat that blur the line between reality and fiction. These AI-generated synthetic media have evolved from technological curiosities to sophisticated weapons of digital deception, costing companies upwards of $600 000 each.

Read more...
What does Agentic AI mean for cybersecurity?
Information Security AI & Data Analytics
AI agents will change how we work by scheduling meetings on our behalf and even managing supply chain items. However, without adequate protection, they become soft targets for criminals.

Read more...