Editorโs note: Kaspersky has released an updated version of its SIEM platform, introducing AI-enabled detection for potential account compromise alongside improvements in data integrity, performance, and system customization. The update responds to strong global and regional demand for SIEM solutions, particularly in the Middle East, where many organizations planning to build Security Operations Centers see SIEM as a core component. New capabilities focus on scalable threat correlation, behavioral analysis, and operational efficiency, aiming to support security teams facing increasingly complex attack surfaces and stricter regulatory and compliance requirements.
Key points
- New AI-powered mechanism detects potential account theft by analyzing login behavior and anomalies.
- Correlator 2.0 enters beta with improved performance, scalability, and reduced hardware needs.
- Enhanced role customization allows organizations to better align SIEM workflows with internal structures.
- Backup and restore functions support immutable event archiving for audits and compliance.
Why this matters
As cyber threats grow more sophisticated, organizations need security platforms that combine automation, behavioral analysis, and compliance readiness. SIEM systems sit at the center of modern SOCs, helping teams detect attacks earlier and respond more efficiently. For companies in the Middle East, where SOC adoption is accelerating, updates like these address both operational scale and regulatory expectations, while AI-driven account monitoring reflects the increasing focus on identity-based attacks across enterprise environments.
What to watch next
- Feedback and outcomes from the Correlator 2.0 beta phase.
- Adoption of AI-enabled account theft detection in live SOC environments.
- How organizations use new data integrity features for audits and investigations.
Disclosure: The content below is a press release provided by the company/PR representative. It is published for informational purposes.
Kaspersky has introduced a new version of its SIEM with an AI-enabled mechanism for detecting potential account compromise. The updated platform also provides enhanced data integrity and improved customization, empowering organizations with stronger, more flexible security.
According to a recent global survey conducted by Kaspersky, Security Information and Event Management (SIEM) platforms rank among the top three most in-demand cybersecurity solutions for companies planning to establish a Security Operations Center, with 40% of organizations considering it an essential technological component for building an advanced cybersecurity division.
SIEM demand is even higher in the Middle East, according to Kaspersky research, with 42% of companies planning to build a SOC saying they intend to include SIEM systems within their SOC technology stack.
In response to this market need, Kaspersky has regularly upgraded its SIEM with new, valuable features designed to enable advanced threat detection capabilities and better compliance with industry standards and regulation.
In the latest update the following new key capabilities were added:
Flexible role model for customization
The new system allows users to create, clone, and modify roles to better align with internal workflows and organizational needs. This enhancement offers greater flexibility, enabling companies to tailor the system to their unique structures.
Correlator 2.0 Beta and AI-enabled account theft detection
The fault-tolerant, horizontally scalable Correlator 2.0 is now available in beta mode. This upgrade delivers significant improvements in performance and reduces hardware requirements.
It also introduces advanced features, such as AI-powered detection of account theft, which analyzes login activity, establishes baseline patterns, and identifies abnormal behavior to generate timely alerts for potential account compromises. This feature enhances an organization’s security and operational efficiency.
Backup and restore events for data integrity and compliance
The new functionality supports exporting event data into secure, immutable archive files, safeguarding data during investigations, audits, and regulatory compliance processes — ensuring data remains unaltered.
Background search queries for enhanced user experience
Background search processing allows analysts to initiate low-priority queries that run quietly in the background. This allows users to continue their work without interruption, with search results available immediately upon completion, drastically improving usability and operational efficiency.
โAt Kaspersky, our ongoing commitment is to refine and expand the capabilities of our products to stay ahead of evolving cyber threats. By harnessing innovative AI technologies in Kaspersky SIEM, we can streamline complex data analysis and automate essential processes, empowering cybersecurity professionals to concentrate on investigating sophisticated incidents and implementing proactive security measures. These improvements significantly bolster organizational resilience and ensure robust protection against emerging threats,โ states Ilya Markelov, Head of Unified Platform Product Line at Kaspersky.
Kaspersky SIEM collects, aggregates, analyzes and stores log data across the entire IT infrastructure, delivering contextual enrichment for cybersecurity teams. The platform leverages a dedicated User and Entity Behavior Analytics (UEBA) ruleset that helps identify deviations from established behavioral patterns, facilitating the timely detection of APTs, targeted attacks, and insider threats. Additionally, the rule mapping on the platform has been regularly updated to align with the latest versions of MITRE ATT&CK.
To learn more about Kaspersky SIEM, please visit the website.
About Kaspersky
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help nearly 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
