Kaspersky Upgrades Kaspersky Next With AI-Driven Cybersecurity Tools

Cybersecurity company Kaspersky has announced a major update to its Kaspersky Next platform, introducing advanced artificial intelligence capabilities, improved Endpoint Detection and Response (EDR) tools and a unified management environment designed to strengthen enterprise cyber defence.

The update aims to help organisations detect threats faster, streamline security operations and reduce hardware requirements by up to 60%, delivering both improved protection and operational efficiency.

Growing Demand for Advanced Cybersecurity

According to a recent Kaspersky global study, one in three companies plans to integrate EDR or Extended Detection and Response (XDR) technologies into their security operations centres (SOCs).

The trend reflects increasing awareness among organisations of the need for unified, proactive cybersecurity solutions to defend against increasingly sophisticated cyber threats.

To meet this demand, Kaspersky has enhanced its flagship B2B product line Kaspersky Next, which provides real-time protection, threat visibility, investigation tools and automated response capabilities.

Unified Security Platform for SOC Operations

One of the key upgrades involves migrating Kaspersky Next EDR Expert to the Open Single Management Platform (OSMP).

This platform integrates several core cybersecurity tools into a single console, including:

• Endpoint Protection Platform (EPP)

• Endpoint Detection and Response (EDR)

• Extended Detection and Response (XDR)

• Security Information and Event Management (SIEM)

The unified console allows seamless interaction between components and supports integration with third-party security solutions, giving security teams greater visibility and control.

The system also maintains compatibility with Kaspersky Anti Targeted Attack and Network Detection and Response interfaces, supported by a single sign-on service.

Reduced Infrastructure Requirements

For organisations deploying the platform at scale, the new architecture significantly improves system efficiency.

According to Kaspersky:

• Kaspersky Next EDR Expert users can reduce infrastructure resource requirements by up to 30%

• Kaspersky Next XDR Expert users can reduce resource needs by up to 60%

These improvements allow companies to lower hardware costs while maintaining high security performance.

AI-Powered Threat Detection

The updated platform introduces several new AI-driven security capabilities, designed to identify threats more accurately and automatically generate alerts.

New features include:

Detection of DLL Hijacking Attacks

Artificial intelligence analyses program execution parameters to detect attempts where legitimate software is manipulated to load malicious dynamic libraries.

Identification of Compromised User Accounts

AI models analyse login behaviour to establish normal activity patterns and flag suspicious authentication events that may indicate account theft.

Generative AI Assistant for Security Analysts

Kaspersky has also integrated Kaspersky Investigation and Response Assistant (KIRA AI), a generative AI tool designed to support security operations centre analysts.

KIRA AI helps reduce analyst workload by:

• Translating natural language queries into structured threat-hunting searches

• Generating automated incident summaries explaining attack vectors and attacker activity

• Deobfuscating command lines and analysing suspicious behaviour

These capabilities enable analysts to quickly understand incidents without manually reviewing large datasets.

Enhanced Incident Response Capabilities

The update also introduces several improvements to the platform’s EDR functionality, including:

• Improved integration with Kaspersky Managed Detection and Response (MDR) services

• Automated and manual incident response playbooks

• A visual attack development graph showing the full threat chain

• Alert merging, allowing analysts to focus on the complete attack scenario

• Remote response tools via Live Shell, enabling real-time remediation on protected devices

• Enhanced role-based access control (RBAC) for managing security team permissions

The updated Linux EDR agent also expands threat detection across diverse IT environments.

Raising the Standard for Cyber Defence

Commenting on the release, Ilya Markelov, Head of Unified Platforms at Kaspersky, said the update reflects the company’s focus on delivering smarter and more integrated cybersecurity technologies.

“By unifying SOC tools within a single platform and enhancing EDR and AI capabilities, we enable faster, more precise threat detection and more efficient operations,” Markelov said.

Kaspersky said the upgrade will help organisations strengthen proactive cybersecurity protection as threats continue to evolve in complexity.