Kaspersky Endpoint Security for Business scored 100% detection rate in AV-Test fileless threats protection test

Information Technology Press Releases Wednesday October 16, 2019 13:42
Bangkok--16 Oct--Kaspersky

Kaspersky Endpoint Security for Business showed a 100% detection rate and the highest prevention rate (94.12%) of 14 endpoint security vendors in a recent assessment by AV-TEST. The products were judged on the ability to detect fileless threats and to protect and remediate malicious actions.

Fileless threats are used in many forms of malicious activity – from advanced targeted attacks to widespread malware campaigns or even generic malware, such as Trojan-clickers and adware. Kaspersky researchers are constantly revealing these threats in various attacks, such as the PowerGhost cryptominer, attacks on banks with DarkVishnya, Turla's APTs and the Platinum APT. Detection of fileless malware is more complicated than other malware because its malicious code does not store itself on a hard drive. It can exist in memory, registry, OS scheduler tasks or Windows system storages, such as WMI objects.

In its study, AV-TEST examined products for different categories of fileless attacks, including malware execution from WMI storage or by Task Scheduler, running a PowerShell script after the execution of exploits or macros. On top of these, the test also monitored for false positives. Of all the solutions tested, Kaspersky Endpoint Security for Business was the only one to detect all 33 attacks, while the average detection rate of all the products was 67.75%. As for protection and remediation, Kaspersky's product prevented 48 out of 51 malicious actions, compared to an average protection level of 59.10%. The false positive test revealed no false detection or blocks by the Kaspersky product.

According to AV-TEST, it ran this test "to discover how marketing promises of efficient fileless threat protection, claims about unbelievable advantages of some protective tools, and different ad slogans correlate with reality. This test is aimed to show what fileless malware can do and which security products are capable of detecting, blocking and remediating fileless attacks — irrespective of what is claimed by security vendors themselves".

"Fileless threats are a growing trend in malware landscape which makes efficient protection a challenge for all endpoint protection products. This test reveals big differences in the abilities of assessed security solutions to detect fileless infection techniques. Kaspersky proved to be the most efficient in detection of and prevention against fileless attacks," says Maik Morgenstern, Chief Technology Officer, AV-TEST.

"We appreciate AV-TEST showing the real results of cybersecurity products against current serious threats, such as fileless malware. Kaspersky researchers have been analyzing fileless threats for a long time as they are widely used in different attack stages. Whenever possible cybercriminals try to reduce their footprint and use malware which is less well-detected, making fileless a growing option. Thanks to our intelligence we have created the necessary protection technologies, such as our advanced behavior-based detection. With these technologies, our business customers will always be protected from fileless and other threats," comments Timur Biyachuev, Vice President, Threat Research, Kaspersky.

The full report "Advanced Endpoint Protection: Fileless Threats Protection Test" commissioned by Kaspersky and performed by AV-TEST GmbH can be found here.
No product results were excluded from the report to keep the security picture complete.
For more information about Kaspersky Endpoint Security for Business please visit this page.

Latest Press Release

SKYWORTH leads the new AIoT decade with 2020 SKYWORTH Global Television Festival promotions

SKYWORTH, a leading global television brand and the pioneer of big-screen AIoT, announced the return of the 2020 SKYWORTH Global Television Festival today. To thank consumers for their continuous support and to celebrate the 32nd Anniversary of SKYWORTH...

Elementor Expedites the Launch of 'Experts' Network for Professional Web Creators to Bolster Their Online Business in the Face of the Coronavirus Crisis

- Elementor's new discovery network empowers the members of its global community, enabling them to collaborate and grow their businesses through sharing their portfolios and services with Elementor peers in 152 countries. Elementor, the leading...

Best deal ever!! Let’s spice up your activities with GoPro HERO8 Black Special Edition only for 14,500 THB.

Are you ready for something special?? Let’s spice up with GoPro HERO8 Black Special Edition with exclusive accessories only for 14,500 THB. With this special package, you can save up to 3,000 THB. GoPro HERO8 Black Special Edition comes with a set...

New Compensation Program Helps Purchasers Combat Toxic E-waste

Thousands of tonnes of toxic e-waste is illegally dumped in vulnerable regions every year. A new addition to TCO Certified Edge will help solve the problem. By choosing to buy certified IT products, purchasers can make sure that an equivalent amount of...

Cyborg Systems Develops COVID-19 Tracking Software

On 16th March, 2020, in his opening remarks, WHO Director-General stated unequivocally that urgent escalation in testing, isolation and contact tracing was required, which is the backbone of the response to fight COVID-19. A multinational supplier of...

Related Topics