Kaspersky Launches KATA 8.0 with Advanced NDR and Threat Detection Capabilities

KHADAMATY–NEW

Kaspersky has announced a major update to Kaspersky Anti Targeted Attack with the release of KATA 8.0, strengthening Network Detection and Response (NDR) capabilities to help organizations gain deeper visibility across their networks and detect sophisticated cyberthreats earlier and more accurately

As attack surfaces expand and traditional network perimeters dissolve, KATA 8.0 introduces enhanced detection technologies, broader network observability, and tighter integration with Kaspersky’s ecosystem and third-party security solutions

Advanced Detection Technologies

KATA 8.0 introduces new anomaly detection technology designed to identify suspicious behavior across commonly abused protocols such as DNS, HTTP, and Kerberos. By focusing on protocol-specific deviations aligned with an organization’s infrastructure and usage patterns, the system improves detection accuracy while reducing false positives and alert fatigue

The update also adds shadow IT detection, supporting visibility across more than 5,000 external public services, including popular cloud storage and collaboration platforms, helping organizations regain control over corporate data flows

Additionally, retrospective scanning allows security teams to upload PCAP files manually or automatically from other systems for re-analysis using updated anti-malware, sandbox, IDS, and detection engines—enabling deeper investigations and uncovering previously undetected threats

KATA 8.0 now collects all network observables—including file names, URLs, and hashes—covering both malicious and clean objects. This broader telemetry helps analysts detect compromised users and suspicious behavior even when threats initially appear benign

Stronger Integrations and Faster Response

The new version enhances integration with Kaspersky Security for Mail Server, enabling dynamic scanning of password-protected email attachments within the KATA Sandbox and providing enriched alerts with detailed response actions

For organizations using Managed Detection and Response (MDR), KATA 8.0 acts as a network sensor delivering telemetry directly to the MDR cloud. Analysts can request additional context directly through the MDR interface, accelerating investigations without customer involvement

Integration with Kaspersky Endpoint Security enables automated file submission to the KATA Sandbox for deeper endpoint threat analysis

To strengthen active response, KATA 8.0 introduces new connectors for Check Point NGFW, allowing automatic generation and enforcement of blocking rules at the firewall level in near real time

Strategic Roadmap

According to Ilya Markelov, Head of Unified Platform Product Line at Kaspersky, future releases will transition KATA to the Open Single Management Platform (OSMP), enabling unified integration across NDR, EDR, SIEM, XDR, and third-party components via a single web console

Founded in 1997, Kaspersky protects over one billion devices worldwide and serves nearly 200,000 corporate clients with cybersecurity and digital privacy solutions across individuals, enterprises, and critical infrastructure sectors