Skip to main content

Kaspersky Scan Engine

Kaspersky Scan Engine provides you with the best-in-class threat detection solution that can be integrated into almost any application.

  • Comprehensive protection for web applications, proxy servers, network attached storage and mail gateways
  • Easy to manage and deploy through HTTP and ICAP
  • Standalone service, scalable cluster, or Docker container
  • Windows®
  • Linux®

Usage Scenarios

Kaspersky Scan Engine uses the latest detection methods for detection and removal of malware including Trojans, phishing threats, worms, rootkits, spyware, and adware.

File upload scanning
Protection of internal systems against threats from files uploaded by end-users. No matter where the files repository is located – whether in the customer’s internal network or in the cloud – uploads scanning procedure can be embedded into any segment of the chain of files delivery from the end-users to the customer.
URL and web downloads scanning
Automatic scanning of URLs accessed from the internal network and scanning of objects downloaded from the Web thanks to integration with proxies, web/mail servers, and similar solutions via ICAP protocol. Threats are intercepted and prevented as soon as they pass your network’s perimeter.
NAS and backup storage protection
Important business data and tools/utilities residing on storage devices need protection; backed up/archived data may have vulnerabilities
Safe messaging
Attachments may contain malicious data, MIME messages themselves might have infections embedded in the body
Cloud services protection
Prevent cloud-based applications and storage services from hosting and distributing malware
Easy Integration
Thanks to a feature-rich REST-like API and open-source code, you can easily integrate Kaspersky Scan Engine with almost any solution in your network. As a result, you can deploy the leading anti-malware technologies on every tier of your infrastructure.

Key Features of Kaspersky Scan Engine

Kaspersky Scan Engine can work in Windows & Linux environments in one of two modes:

REST-like service that receives HTTP requests from client apps, scans objects passed in these requests, and sends back HTTP responses with scan results.

ICAP server that scans HTTP traffic that passes through a proxy server / NAS / Web Application Firewall / NGFW / any other solutions communicating through ICAP protocol. This integration model also allows scanning the URLs requested by users; web pages with malicious, phishing or adware content are then filtered out.

Kaspersky Scan Engine is also available as a Linux Docker container (in HTTP & ICAP mode). It can be deployed as an individual container, to Docker Swarm, to Kubernetes, to AWS EKS, and any similar cloud environments.

Kaspersky Scan Engine includes a web-based graphical user interface that allows you to easily configure the product behavior, review its service events and scan results.

Platform Integration

Kaspersky Scan Engine can be integrated with multiple third-party products, cloud storage solutions and SIEM platforms:

Supported by Kaspersky Scan Engine in ICAP mode out-of-the-box:

The following SIEM platforms are supported by Kaspersky Scan Engine:

Kaspersky Scan Engine connectors for the following platforms are still in development:


Format Recognizer component can be used to to recognize and skip files of certain formats during the scanning process. Dozens of formats are supported, including executable, office, media files, and archives.
Kaspersky Scan Engine can run in cluster mode: several instances of Kaspersky Scan Engine can be deployed in the same network and administered through Web UI.
Communication via TLS protocol is supported when running in REST-like service mode.
Award-winning Kaspersky anti-malware technology provides the best-in-class malware detection rates and can instantaneously react to emerging threats.
Powered by Big Data: Kaspersky Security Network provides information about the reputation of files and Web resources, ensuring faster and more accurate detection.
Filters out malicious, phishing, and adware URLs.
Source code for HTTP service/client and ICAP service are provided in the distribution kit for customization.
Comprehensive documentation and cross-platform API support. Similar APIs for Linux/UNIX and Windows versions.
For detailed description of product features, click here to download Kaspersky Scan Engine datasheet.
24/7 Premium Support
Professional help is available whenever you need it. Operating in more than 200 countries, from 34 offices worldwide, we have you covered 24/7/365.

Need help to take the next step?

Contact Us

If you wish to know more, please click the button below and indicate that you require more information about Kaspersky Scan Engine, and our representative will get in touch with you shortly.

Trial Request

Alternatively, you can request a free trial version of Kaspersky Scan Engine by clicking the button below.