Kaspersky has rolled out a major update to its flagship cybersecurity platform, Kaspersky Next, introducing a unified SOC management console alongside expanded AI capabilities aimed at improving threat detection, response, and operational efficiency.
The update reflects a broader industry shift toward integrated security operations, as more organizations adopt Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) to address increasingly complex cyber threats.
Unified SOC platform improves visibility and efficiency
A key highlight of the update is the migration of Kaspersky Next EDR Expert to the Open Single Management Platform (OSMP), consolidating multiple security tools into one interface.
This unified approach brings together:
- Endpoint Protection Platform (EPP)
- EDR and XDR capabilities
- Security Information and Event Management (SIEM) tools
By centralizing these functions, organizations gain improved visibility across their security stack while simplifying workflows for SOC teams. The platform also supports integration with third-party tools, addressing the growing demand for interoperability in enterprise cybersecurity environments.
Kaspersky said the update can reduce infrastructure requirements by up to 30% for EDR deployments and up to 60% for XDR, helping lower operational costs.
AI features expand threat detection and analysis
The latest release introduces several AI-driven capabilities designed to automate detection and reduce analyst workload.
Among the notable additions:
- DLL hijacking detection: Identifies suspicious use of legitimate applications with malicious libraries
- Compromised account detection: Flags abnormal login behavior using baseline activity analysis
- AI-generated incident summaries: Provides quick insights into attack vectors and progression
- Natural language threat queries: Converts plain-text inputs into structured search queries
A major addition is the Kaspersky Investigation and Response Assistant (KIRA), a generative AI-powered tool that helps analysts interpret data, deobfuscate commands, and generate reports faster.
These enhancements aim to reduce cognitive load for SOC teams while improving response speed and accuracy.
Enhanced EDR capabilities for faster response
Kaspersky also upgraded its EDR functionality to support more efficient incident handling and response automation.
New and improved features include:
- Automated and manual response playbooks
- Alert merging to reduce noise and improve prioritization
- Visual attack development graphs for better threat analysis
- Remote response via Live Shell for real-time action
- Improved Linux endpoint detection capabilities
The platform also strengthens integration with managed detection and response (MDR) services, enabling more coordinated threat mitigation.
Growing demand for integrated cybersecurity solutions
The update aligns with findings from recent Kaspersky research, which shows that one in three companies plans to integrate EDR or XDR into their SOC operations.
This trend highlights a shift toward proactive, unified cybersecurity strategies as businesses face more advanced and persistent threats. Platforms like Kaspersky Next are evolving to meet this demand by combining visibility, automation, and AI-driven intelligence in a single ecosystem.
What the update means for enterprises
With its latest update, Kaspersky positions Kaspersky Next as a more comprehensive SOC platform that balances performance, scalability, and usability.
By unifying tools, enhancing AI-driven insights, and reducing infrastructure requirements, the platform aims to help organizations:
- Improve threat detection accuracy
- Accelerate incident response times
- Streamline SOC operations
- Optimize cybersecurity costs
As cyber threats continue to evolve, integrated platforms with built-in AI capabilities are becoming essential for enterprises looking to maintain resilience in an increasingly complex digital landscape.
