Kaspersky KATA 7.0 for targeted attack protection

Issue 2 2025 Information Security, Products & Solutions

Kaspersky has announced a major update to its Kaspersky Anti Targeted Attack (KATA). With the launch of KATA 7.0, organisations can now benefit from enhanced network detection and response (NDR) capabilities with deeper network visibility, internal threats detection and other critical security features.

According to Kaspersky’s IT Security Economics 2024 report, an overwhelming majority of organisations report network attacks. Large enterprises lead with 97% reporting an attack, followed by SMEs at 88%, and SMBs at 83%. With this in mind, Kaspersky updates its solutions regularly to ensure businesses are equipped to meet evolving security requirements.

The latest enhancements in KATA 7.0 address key customer challenges by delivering full visibility across IT infrastructure, advanced defence against sophisticated threats, and a streamlined, resource-efficient security solution. The update introduces network telemetry export from Kaspersky Endpoint Security for Windows and Linux, adding one more additional source of network data collection to copy of SPAN traffic, which improves visibility and threat detection.

The introduction of new asset management, network map, and network session table modules, provides SOC analysts with enhanced tools for monitoring and managing network security through graphical representations, advanced filtering, and interactive features. These additions create a complete network inventory and management system.

The updated platform also strengthens internal traffic monitoring with new NDR IDS rules for east-west traffic analysis, improving the detection of lateral movement, data exfiltration and other malicious attempts that could previously have gone unnoticed. Additionally, new risk and anomaly detection capabilities identify hidden threats and potential security vulnerabilities before they escalate into breaches, helping organisations proactively manage cybersecurity risks.

As KATA offers comprehensive security at both the network and endpoint levels, its endpoint detection and response technology, EDR Expert, has also undergone significant updates in version 7.0. The variety of collected telemetry types has been expanded, providing enhanced visibility into an event at endpoints.

Threat hunting search capabilities have also been improved, with search now available across all the events attributes. This enables more effective threat detection and creates more accurate exceptions to minimise false positives. Sigma-rules support has also been added with this update meaning it is now possible to find threats according to the condition contained in the Sigma rule in historical data or new events collected from the endpoints.

“With the launch of KATA 7.0, we are reinforcing our commitment to providing enterprises with a fully integrated security solution capable of detecting and mitigating complex threats across both network and endpoint levels,” said Alexander Rumyantsev, senior product manager cloud and network security at Kaspersky. “These enhanced NDR capabilities, expanded visibility, and real-time intelligence empower organisations to detect and mitigate threats more effectively than ever before.”




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

In-ear hearing protection for firefighters
Fire & Safety Products & Solutions
Savox has launched Savox Fire Protect, a fully integrated firefighter communication system combining active in-ear hearing protection and wireless push-to-talk in a single, purpose-designed solution.

Read more...
Seeing the threat is not always enough
Secutel Technologies Fire & Safety Products & Solutions
With integrated Smoke Screen technology, businesses can remotely trigger a smoke deployment on demand or configure custom business rules that automatically activate the system when specific events occur.

Read more...
Cybersecurity needs actual intelligence before artificial intelligence
Information Security AI & Data Analytics
Cybersecurity depends on interpretation. A tool can tell you that something unusual has happened, but people need to determine whether it is a genuine risk, the business impact, and how to respond without causing unnecessary disruption.

Read more...
Duxbury Cybersecurity sharpens reseller offering
Duxbury Networking Information Security News & Events
Duxbury Networking has strengthened its Duxbury Cybersecurity business unit by adding WatchGuard and Cynet, giving South African resellers broader, more integrated coverage for the security risks customers are now asking them to address.

Read more...
NEC XON detects and stops ransomware attack
NEC XON Information Security IoT & Automation
Ransomware attacks rarely begin with chaos. More often, they start quietly, with probing, mapping, and patient reconnaissance inside a target’s network. That was the situation facing a global recruitment firm when cybercriminals attempted to navigate its systems.

Read more...
Sara AI Pentesting available in South Africa
Information Security News & Events
Synack and Wolfpack Information Risk are offering Sara AI Pentesting to organisations across South Africa, helping companies move from point-in-time testing to continuous security validation with AI and human expertise.

Read more...
Sophos establishes South African legal entity to strengthen local operations
News & Events Information Security
Global cybersecurity company, Sophos, has announced the formation of its local legal entity, which will support local invoicing, partner enablement, compliance requirements and expanded regional investment.

Read more...
Cybersecurity in a digitally connected security industry
SA Technologies Information Security IoT & Automation
As more organisations move towards digital visitor management, cloud-based access control, mobile applications, biometric verification, and connected security platforms, cybersecurity must be viewed as part of the full security environment.

Read more...
Enterprises must prepare for digital conflict
Information Security
Cyberattacks can be launched remotely and at scale. A coordinated attack launched from anywhere in the world can disrupt supply chains, shut down utilities, or expose millions of customer records within minutes.

Read more...
AI-enabled NVR for Milestone XProtect
Surveillance Infrastructure Products & Solutions
As surveillance environments continue to grow in scale and complexity, organisations need infrastructure that is easy to deploy, simple to manage, and ready for AI-driven workloads.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.