Kaspersky launches KUMA platform to help PH businesses keep safe online

Edited Press Release

To help Filipino businesses and organizations stay safe in cyberspace while embracing digitalization, Kaspersky has announced the launch of Kaspersky Unified Monitoring and Analysis Platform (KUMA), its integrated software solution that includes a set of functions for security information and event monitoring and management.

In Kaspersky’s 2024 threat forecast in the Southeast Asian region, which includes the Philippines, experts predict that financial service outages, DDoS attacks, and website defacements will continue to persist. 

Last year, Kaspersky’s detection systems blocked 26,164,698 web attacks (nearly 72,000 per day) and 22,731,157 local infection attempts (more than 62,000 per day) against its users in the Philippines. 

To protect the country’s digital infrastructures, Kaspersky is highlighting the urgent need for organizations and individuals to prioritize robust cybersecurity strategies. 

One such powerful tool is a native security information and event management (SIEM) solution for security information and event management that is the Kaspersky Unified Monitoring and Analysis Platform (KUMA).

Benefits KUMA brings to businesses and organizations

Back in June 2023, Kaspersky experts uncovered a mobile Advanced Persistent Threat (APT) campaign while monitoring the network traffic of its corporate Wi-Fi network using the KUMA. Upon further analysis, company researchers discovered the threat actor has been targeting iOS devices of dozens of company employees, distributing zero-click exploits via iMessage to run malware gaining complete control over the device and user data.

“When it comes to cybersecurity, even the most secure operating systems can be compromised. As APT actors are constantly evolving their tactics and searching for new weaknesses to exploit, businesses must prioritize security of their systems. This involves providing employees and technical teams with the latest tools to effectively recognize and defend against potential threats as well as timely remediation of incidents,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

KUMA is a unified console for monitoring and analyzing information security incidents. The fundamental program includes the following components:

  • One or more Collectors that receive messages from event sources and parse, normalize, and, if required, filter and/or aggregate them.
  • Correlator that analyzes normalized events received from Collectors, performs the necessary actions with active lists, and creates alerts in accordance with the correlation rules.
  • The Core that includes a graphical interface to monitor and manage the settings of system components.
  • The Storage, which contains normalized events and registered incidents.

Advantages of KUMA include:

  • High performance: 300k+ EPS (events per second) per KUMA instance
  • Low system requirements: Virtual or physical environment and up to 10k EPS AiO (all in one) on one virtual server
  • Scalability: Flexible microservice architecture with HA support for each component
  • Unified web console interface: Single fully multi-tenancy UI console for everything
  • Out-of-the-box integration: With third-party products and Kaspersky solutions
  • Low entry threshold: Does not require knowledge of special query languages or writing rules

Organizations, of different sizes and maturity, can deploy KUMA to receive security events from various third-party sources and security tools while correlating these events with contextual threat intelligence feeds to identify suspicious or anomalous activities thus providing timely notification of security incidents.

By collecting security events from all security controls and correlating them in real-time with advanced analytics, KUMA aggregates all the information needed for further incident investigation and response. Hence, using KUMA, helps organizations gain insights and intelligence by providing the visibility and context needed to understand their security posture and risks.


More information about the platform, please visit: https://support.kaspersky.com/help/KUMA/1.5/en-US/217694.htm.