Kaspersky SIEM Upgraded with AI-Driven Threat Detection for Middle East Market

Kaspersky SIEM has been upgraded with advanced AI-driven threat detection capabilities, responding to growing demand in the Middle East cybersecurity market. The enhanced platform introduces intelligent mechanisms for detecting potential account compromises, improved data integrity features, and greater customization options for organizations seeking robust security solutions.

According to recent global research conducted by Kaspersky, Security Information and Event Management (SIEM) platforms rank among the top three most in-demand cybersecurity solutions for companies planning to establish a Security Operations Center. Approximately 40% of organizations consider SIEM an essential technological component for building an advanced cybersecurity division.

Middle East Shows Higher Demand for SIEM Solutions

The demand for Kaspersky SIEM is particularly pronounced in the Middle East region. Research indicates that 42% of companies planning to build a SOC intend to include SIEM systems within their security technology stack, surpassing the global average. This heightened interest reflects the region’s growing focus on cybersecurity infrastructure and threat management capabilities.

In response to market needs, Kaspersky has consistently upgraded its platform with valuable features designed to enable advanced threat detection and better compliance with industry standards and regulations.

Key Features in the Latest Update

The latest version introduces several significant enhancements that strengthen organizational security posture:

• Flexible Role Model: Users can now create, clone, and modify roles to align with internal workflows and organizational structures, offering unprecedented customization capabilities.
• Correlator 2.0 Beta: The fault-tolerant, horizontally scalable Correlator 2.0 delivers improved performance while reducing hardware requirements.
• AI-Powered Account Theft Detection: Advanced algorithms analyze login activity, establish baseline patterns, and identify abnormal behavior to generate timely alerts for potential account compromises.
• Backup and Restore Events: New functionality supports exporting event data into secure, immutable archive files, safeguarding information during investigations, audits, and regulatory compliance processes.
• Background Search Queries: Analysts can initiate low-priority queries that run quietly in the background, allowing uninterrupted workflow with results available immediately upon completion.

Expert Perspective on Innovation

“At Kaspersky, our ongoing commitment is to refine and expand the capabilities of our products to stay ahead of evolving cyber threats. By harnessing innovative AI technologies in Kaspersky SIEM, we can streamline complex data analysis and automate essential processes, empowering cybersecurity professionals to concentrate on investigating sophisticated incidents and implementing proactive security measures.”

Ilya Markelov, Head of Unified Platform Product Line at Kaspersky

Comprehensive Security Platform Capabilities

The platform collects, aggregates, analyzes, and stores log data across entire IT infrastructures, delivering contextual enrichment for cybersecurity teams. It leverages a dedicated User and Entity Behavior Analytics (UEBA) ruleset that helps identify deviations from established behavioral patterns, facilitating timely detection of Advanced Persistent Threats (APTs), targeted attacks, and insider threats.

Additionally, the rule mapping on the platform is regularly updated to align with the latest versions of MITRE ATT&CK framework, ensuring organizations remain protected against emerging threat vectors and attack techniques.