Kaspersky Endpoint Security for Business has proven 100 percent anti-tampering protection in a yearly AV-Comparatives focus pen-test. Tamper protection defends the product against end-user and third-party changes, plus services, processes, files, and registry entries against any controlling attempts, even in the context of a privileged user. Kaspersky Endpoint Security for Business reached the certification requirements by successfully protecting against all the tampering attacks used in the research.
During cyberattacks on business, intruders often try to shut down system security services before moving to the next step and getting access to their target’s infrastructure. It is essential for cybersecurity products to have mechanisms that can defend them first from compromise, so attacks don’t go further into corporate systems.
Since 2022, AV-Comparatives has been performing yearly focused researches, with Anti-Tampering test in 2023. Completed using Windows 10, it is aimed at searching for vulnerabilities of security products that allow to disable or modify the solution to proceed with the next steps of the targeted attack onto the corporate network. In independent testing, where vendors were not informed in advance of the possible attacks techniques to be used, the success criterion for gaining certification was to prevent 100 percent of attacks, with reports published only for those solutions that prevented all of them.
In April 2023, Kaspersky submitted Kaspersky Endpoint Security for Business into the AV-Comparatives’ assessment of an anti-tampering protection and gained the certification in May. The product successfully counteracted all the disabling adversary’s attempts such as deactivation or uninstallation of the security solution, changing of its configuration aiming at preventing its updates or whitelisting the adversary’s tools, etc.
Kaspersky regularly participates and achieves outstanding results in both real-world independent testing, as well as in specific focused testing such as AV-TEST’s Ransomware and Fileless evaluations. Kaspersky’s solution was also successful in 2022 Local Security Authority Subsystem Service (LSASS) test by AV-Comparatives aimed at revealing security solutions’ capabilities to protect system from attacks to LSASS process with purpose to extract system\domain credentials for following use in targeted attack.
“We continuously participate in independent regular and focus testing as it’s always a great opportunity for us to improve our cybersecurity products, so they can withstand new threats and provide a better user experience. Participants had zero knowledge about the techniques AV-Comparatives security engineers planned to use against the solutions before testing, which makes the Anti-Tampering examination challenging and valuable. Being a top-edge-technology solution, Kaspersky Endpoint Security for Business provides high levels of flexibility in configuring itself and hardening the protected system, thus minimizing the attack horizon. We are proud of achieving the maximum score reached by the solution in this research,” comments Alexander Liskin, Head of Threat Research at Kaspersky.
“Since 2022 we have been conducting focus tests in addition to our regular examinations, with the purpose of helping vendors identify technologies and products improvements. In 2023 Anti-Tampering research, we applied various techniques and tools in an attempt to assess the tamper resistance of security solutions. Kaspersky Endpoint Security for Business prevented all tampering activities and showed outstanding results,” comments Andreas Clementi, Founder & CEO of AV-Comparatives.