Kaspersky Unified Monitoring and Analysis solution launched in Malaysia for enhanced cybersecurity
Organisations are increasingly having to deal with multiple potential threat vectors and cybersecurity incidents ranging from phishing attacks to potential malware injections from compromised hardware or a security misstep by an unwary employee.
To make matters worse, cyberattacks are increasing in frequency and volume to the point that they number in the millions. In 2023, Kaspersky’s threat detection systems blocked 26,854,304 internet-borne attacks in Malaysia which works out to a whopping 74,000 attacks per day. Even more sobering is the fact that Kaspersky managed to detect and foil over 22,000,000 local infections last year which works out to over 60,000 local infections per day.
What is Kaspersky Unified Monitoring and Analysis Platform (KUMA)
To address this, Kaspersky has launched their eponymous Kaspersky Unified Monitoring and Analysis Platform aka KUMA that aims to be a comprehensive security and information and event management (SIEM) solution for security and information event management that is intended for organisations in Malaysia.
“Threat actors increasingly use diverse tactics to launch sophisticated targeted attacks. Therefore, it is essential to use a platform that can provide a centralised view of security events in quickly identifying and responding to potential threats such as the Security Information and Event Management System (SIEM). A SIEM is commonly used for compliance support with internal security policies and external regulatory requirements,” said Victor Chu, Head of Systems Engineering for South East Asia at Kaspersky.
From left: Victor Chu, Head of Systems Engineering for South East Asia at Kaspersky and Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky
With KUMA, organisations can take advantage of a unified console that can monitor and analyse information security incidents that integrates a correlator that is capable of analysing events and creating alerts based on predefined correlation criteria, the ability to assign Collectors from event sources and aggregate them as well as a core that leverages a graphical interface to effectively manage KUMA’s various components while offering Extended Detection and Response (XDR) capabilities.
On top of easy monitoring and analysis of information security incidents from all aspects of an organisation from staff-assigned hardware all the way to firewalls, KUMA is able to offer over 300+ EPS per KUMA instance, low system requirements with the ability to run up to 10K EPS AiO on just one virtual server, the ability to easily scale with HA support for each component and with the ability to be easily deployed without the need for special query languages and integration with third-party products and Kaspersky solutions. KUMA is also integrated with the Kaspersky CyberTrace platform which processes reports from the National Coordination Center for Computer Incidents to detect potential cybersecurity incidents.
“When it comes to cybersecurity, even the most secure operating systems can be compromised. As APT (Advanced Persistent Threats) actors are constantly evolving their tactics and searching for new weaknesses to exploit, businesses must prioritise security of their systems. This involves providing employees and technical teams with the latest tools to effectively recognise and defend against potential threats as well as timely remediation of incidents,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
For more details on the Kaspersky Unified Monitoring and Analysis Platform (KUMA), check out their official page at https://support.kaspersky.com/help/KUMA/1.6/en-US/217694.htm