Kaspersky Introduces AI-Driven SIEM Upgrade to Detect Account Takeovers Faster

Kaspersky Introduces AI-Driven SIEM Upgrade to Detect Account Takeovers Faster

Kaspersky Introduces AI-Driven SIEM Upgrade to Detect Account Takeovers Faste

Kaspersky Introduces AI-Driven SIEM Upgrade to Detect Account Takeovers Faster
Kaspersky Introduces AI-Driven SIEM Upgrade to Detect Account Takeovers Faster

Kaspersky Introduces AI-Driven SIEM Upgrade to Detect Account Takeovers Faster

As cyber threats continue to grow in scale and sophistication, organizations worldwide are increasingly relying on advanced security analytics to protect their digital environments. In response to this evolving threat landscape, Kaspersky has announced a major update to its Security Information and Event Management (SIEM) platform, introducing artificial intelligence–driven account compromise detection alongside a series of performance, data protection, and usability enhancements.

The update reflects the rising importance of SIEM platforms as a foundational component for building modern Security Operations Centers (SOC), particularly in regions such as the Middle East, where demand is growing faster than the global average.

Rising Demand for SIEM Solutions in Modern Security Operations

According to Kaspersky’s internal research and global surveys, SIEM platforms rank among the top three most in-demand cybersecurity technologies for organizations planning to establish or upgrade a Security Operations Center.

Globally, 40% of organizations consider SIEM an essential technology for building an advanced cybersecurity department. In the Middle East, this figure rises to 42%, highlighting the region’s heightened focus on threat detection, regulatory compliance, and protection of critical infrastructure.

The growing adoption of SIEM solutions reflects a broader shift toward centralized security visibility, real-time threat detection, and data-driven incident response.

What’s New in the Latest Kaspersky SIEM Update?

Kaspersky’s latest SIEM update goes beyond incremental improvements, delivering strategic enhancements designed to help security teams detect threats earlier, respond faster, and operate more efficiently.

Key updates include:

  • AI-powered account compromise detection

  • A redesigned correlation engine (Correlator 2.0)

  • Flexible, customizable role-based access control

  • Immutable backup and recovery capabilities

  • Improved search performance with background query processing

AI-Powered Detection of Account Compromise

One of the most significant additions to the platform is a new artificial intelligence–based mechanism for detecting stolen or compromised accounts.

This capability analyzes:

  • User login behavior over time

  • Baseline access patterns

  • Deviations from normal activity

  • Anomalous authentication events

By identifying suspicious behavior early, the system can generate real-time alerts when an account shows signs of compromise, even if no malware or known attack signature is present.

This approach aligns with industry best practices in User and Entity Behavior Analytics (UEBA), which has become critical for detecting insider threats, credential theft, and advanced persistent threats (APT) that bypass traditional security controls.

Correlator 2.0: Improved Performance and Scalability

The update introduces a preview version of Correlator 2.0, Kaspersky’s next-generation event correlation engine.

Correlator 2.0 is designed to:

  • Support horizontal scalability

  • Increase fault tolerance

  • Reduce hardware dependency

  • Improve performance when processing large data volumes

These improvements enable organizations to handle growing log volumes without sacrificing detection accuracy or system stability, making the platform suitable for large enterprises and complex IT environments.

Flexible Role-Based Access Control for SOC Teams

To support diverse organizational structures, Kaspersky has implemented a flexible and customizable role model within its SIEM platform.

Security teams can now:

  • Create custom user roles

  • Clone and modify existing roles

  • Assign permissions based on operational needs

  • Align access rights with internal workflows

This capability helps enforce the principle of least privilege, reducing the risk of unauthorized access and minimizing the potential impact of internal misuse or credential compromise.

Immutable Backup for Compliance and Digital Forensics

Recognizing the importance of data integrity, Kaspersky has added an immutable backup and recovery feature to the SIEM platform.

This functionality allows security teams to export event data into tamper-proof archival files, ensuring that logs remain unchanged throughout investigations, audits, and compliance checks.

Immutable backups are particularly valuable for:

  • Digital forensics investigations

  • Regulatory compliance requirements

  • Incident post-mortem analysis

  • Legal and audit processes

Background Search Processing to Improve Analyst Productivity

Security analysts often need to run complex queries across massive datasets, which can disrupt ongoing work. To address this challenge, the updated platform introduces background search processing.

With this feature:

  • Low-priority searches run in the background

  • Analysts can continue working without interruption

  • Results are delivered once processing is complete

This enhancement improves operational efficiency and reduces downtime during threat hunting and incident response activities.

Alignment With the MITRE ATT&CK Framework

Kaspersky confirmed that detection rules within its SIEM platform are regularly updated to reflect the latest MITRE ATT&CK framework, the globally recognized knowledge base for adversary tactics and techniques.

This alignment enables security teams to:

  • Better understand attacker behavior

  • Map alerts to real-world attack scenarios

  • Strengthen detection coverage against emerging threats

  • Improve response strategies based on proven threat models

How Kaspersky SIEM Supports Security Teams

According to the company, Kaspersky SIEM collects log data from across an organization’s infrastructure, then normalizes, analyzes, and correlates that information to provide contextual security insights.

The platform supports:

  • Early detection of advanced persistent threats

  • Identification of insider threats

  • Investigation of targeted attacks

  • Proactive security monitoring

  • Automated and assisted incident response

By combining SIEM analytics with UEBA and AI technologies, Kaspersky aims to help organizations transition from reactive security to proactive cyber defense.

About Kaspersky

Founded in 1997, Kaspersky is a global cybersecurity and digital privacy company providing solutions for individuals, enterprises, and government organizations. The company states that its technologies protect over one billion devices worldwide and serve millions of individual users and approximately 200,000 corporate clients.

Conclusion

Kaspersky’s latest SIEM update represents a significant step forward in modern security operations, combining artificial intelligence, behavioral analytics, resilient data protection, and analyst-focused usability improvements. As cyber threats continue to evolve, these enhancements position the platform as a strong choice for organizations seeking to build or enhance advanced Security Operations Centers capable of detecting and responding to complex attacks.

This content is part of continuous monitoring of Arabic websites and specialized blogs, alongside insights drawn from Egypt-based online stores, Kuwait stores, and vitamin e-commerce platforms. It also relies on a well-known social media services platform as a primary source for information, trends, and ongoing updates

 

Other Topics You May Also Be Interested In

NVIDIA Unveils Earth-2: A New Era of AI-Powered Weather Forecasting

Apple Unveils the New AirTag with Longer Range, Louder Sound, and Smarter Tracking

UK Leads Major Economies Most Affected by AI as Job Opportunities Decline

How to Stay Productive While Working From Home: A Practical Guide for Remote Workers

Study Reveals Growing Shift Toward Outsourced and Hybrid Security Operations Centers in the UAE

Public Wi-Fi Security Risks: 7 Hidden Threats and How to Protect Yourself

Social Engineering: How Dangerous Is It and How Can You Protect Yourself?

How Artificial Intelligence Will Reshape Banking in 2026: 13 Key Trends to Watch

Apple Announces Siri Update Powered by Google’s Gemini AI

Artificial Intelligence and the Future of Work: Between Innovation, Jobs, and Social Acceptance

The Internet of Things (IoT) and the Future of Cybersecurity

UAE Experts Program Opens Applications for Artificial Intelligence Track in January 2026

Kaspersky Warns of Sophisticated Phishing Campaign Exploiting OpenAI Team Invitations

Saudi Arabia Accelerates AI Infrastructure as Humain Secures $1.2 Billion Financing Deal

TikTok Unveils New US Entity “TikTok USDS Joint Venture LLC” to Protect American User Data and Continue Operations in 2026

Understanding DDoS Attacks: How They Work and How to Mitigate Them

The Fifth Wave of Cybercrime: How AI Has Turned Digital Crime into a Global Industry