Kaspersky Upgrades SIEM with AI-Powered Account Compromise Detection

Kaspersky  has updated its Security Information and Event Management (SIEM) platform with new AI-powered capabilities designed to strengthen threat detection and improve system flexibility. The key enhancement is an artificial intelligence mechanism that detects potential account compromise by analyzing login behavior, building normal activity patterns, and flagging unusual actions. The update also introduces Correlator 2.0 (beta), a more scalable and performance-efficient engine, along with a flexible role model that allows organizations to customize user roles to better fit internal workflows.

The platform now includes secure backup and restore features that export event data into immutable archives to support investigations, audits, and regulatory compliance. A new background search function also allows analysts to run low-priority queries without disrupting ongoing work, improving overall efficiency in Security Operations Centers (SOCs).

Kaspersky says the improvements align with growing demand for SIEM solutions globally and in the Middle East, where many organizations are building advanced cybersecurity operations. By combining AI-driven analytics, UEBA capabilities, and updated MITRE ATT&CK-aligned rules, the platform aims to help security teams detect advanced threats faster while maintaining strong data integrity and compliance.